Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/oEAKQfTt8kD5u_kxnm-43kb2TS4.roa
File: oEAKQfTt8kD5u_kxnm-43kb2TS4.roa (raw, json)
Hash identifier: 6QH+j+z67c7Sc1H3DUewSsa5GyW+dz1NZ5YO5CDqtdw=
Subject key identifier: A0:40:0A:41:F4:ED:F2:40:F9:BB:F9:31:9E:6F:B8:DE:46:F6:4D:2E
Certificate issuer: /CN=20aa60cb0024332a2db68993f3357158af60c8de
Certificate serial: 01942747C17EA465EF5567554A429070C242
Authority key identifier: 20:AA:60:CB:00:24:33:2A:2D:B6:89:93:F3:35:71:58:AF:60:C8:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IKpgywAkMyottomT8zVxWK9gyN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/oEAKQfTt8kD5u_kxnm-43kb2TS4.roa
Signing time: Thu 02 Jan 2025 13:50:01 +0000
ROA not before: Thu 02 Jan 2025 13:50:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 680
IP address blocks: 2a02:3100:3202::/47 maxlen: 47
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:c1:7e:a4:65:ef:55:67:55:4a:42:90:70:c2:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20aa60cb0024332a2db68993f3357158af60c8de
Validity
Not Before: Jan 2 13:50:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a0400a41f4edf240f9bbf9319e6fb8de46f64d2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:55:fe:92:61:a9:f4:0e:2b:f2:c6:2b:7f:e1:
99:50:45:d3:3c:52:e5:d7:5d:71:2e:de:c1:30:70:
9f:7f:54:20:0a:89:58:65:8b:8b:07:63:c5:27:53:
28:0d:60:75:59:e6:09:1a:64:85:80:a3:3e:f4:d9:
7c:67:04:d8:e7:e9:a0:61:67:aa:5c:a0:14:a6:e8:
07:f5:b5:67:39:0a:57:8b:ad:a3:5d:ca:de:bd:48:
5d:41:d7:28:7d:e7:38:1e:38:2b:30:3b:43:a0:7e:
ad:7e:87:48:0d:8d:b8:94:8e:19:f6:98:6d:3d:ed:
f4:26:44:90:04:91:7f:cb:d1:9c:25:39:c7:5c:17:
b5:cb:51:5e:a4:a0:e0:2b:fa:95:00:d1:6f:65:5c:
49:2c:83:33:1e:00:2e:e2:da:bc:42:30:3c:e2:7d:
0a:75:8a:8a:4f:12:ee:db:bc:ca:35:4e:d7:61:b5:
6e:23:74:66:2d:9f:ef:a4:09:c3:15:5e:6d:0d:6a:
cd:5c:69:4e:db:38:2c:ec:5b:71:0f:d1:6d:75:f0:
17:92:0e:ae:b1:df:32:75:3b:05:e0:3f:05:da:3a:
b5:68:a7:07:04:71:71:9a:11:fd:98:ce:66:f7:2b:
bb:21:7d:59:c9:de:29:10:7a:40:7d:66:4f:6c:8c:
7d:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:40:0A:41:F4:ED:F2:40:F9:BB:F9:31:9E:6F:B8:DE:46:F6:4D:2E
X509v3 Authority Key Identifier:
keyid:20:AA:60:CB:00:24:33:2A:2D:B6:89:93:F3:35:71:58:AF:60:C8:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKpgywAkMyottomT8zVxWK9gyN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/oEAKQfTt8kD5u_kxnm-43kb2TS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/IKpgywAkMyottomT8zVxWK9gyN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:3100:3202::/47
Signature Algorithm: sha256WithRSAEncryption
bc:f1:fc:52:ec:42:dc:64:06:70:6f:20:94:ce:2b:94:a9:a4:
8c:ce:ab:fb:ff:7d:b3:a6:ff:e5:b4:4d:7d:8c:b0:2e:66:f1:
a4:f5:ef:45:28:f9:52:9e:4b:99:5c:94:12:9d:fe:45:53:fd:
df:c7:89:9a:f9:2c:f4:a1:b4:b9:75:01:f2:e0:51:1e:23:03:
62:3f:ca:a9:aa:40:08:3e:23:ef:f4:c6:d2:bf:16:db:f3:ef:
09:68:36:9d:7d:d9:e1:d3:b3:ef:3e:e3:21:a4:0a:03:a1:14:
88:43:00:c3:fd:0b:f8:9a:df:7a:7d:dc:ba:a1:1f:29:fe:b7:
b8:c6:77:7b:cb:1f:b8:9f:95:92:7e:76:69:f4:a6:a1:31:de:
f0:fe:b0:27:33:26:dd:21:65:eb:20:87:37:b2:30:ea:96:b4:
72:28:3f:fa:27:46:65:8d:53:1a:a3:9e:1c:97:25:dc:04:a7:
a8:58:ac:f6:2a:cc:7b:3c:b8:6f:a6:2d:86:02:e5:97:49:e1:
d3:c7:32:4c:2b:fd:5e:a0:9d:d6:bf:04:49:4d:39:a9:f9:50:
48:65:1c:eb:e7:57:ce:89:e0:c6:15:1c:2d:fc:d5:72:1c:94:
0f:8d:ac:9f:9b:fe:b2:01:25:8f:62:f5:75:2a:8b:eb:c2:0a:
e3:38:76:c7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQnR8F+pGXvVWdVSkKQcMJCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYWE2MGNiMDAyNDMzMmEyZGI2ODk5M2YzMzU3MTU4YWY2
MGM4ZGUwHhcNMjUwMTAyMTM1MDAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDQwMGE0MWY0ZWRmMjQwZjliYmY5MzE5ZTZmYjhkZTQ2ZjY0ZDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxlX+kmGp9A4r8sYrf+GZUEXTPFLl
111xLt7BMHCff1QgColYZYuLB2PFJ1MoDWB1WeYJGmSFgKM+9Nl8ZwTY5+mgYWeq
XKAUpugH9bVnOQpXi62jXcrevUhdQdcofec4HjgrMDtDoH6tfodIDY24lI4Z9pht
Pe30JkSQBJF/y9GcJTnHXBe1y1FepKDgK/qVANFvZVxJLIMzHgAu4tq8QjA84n0K
dYqKTxLu27zKNU7XYbVuI3RmLZ/vpAnDFV5tDWrNXGlO2zgs7FtxD9FtdfAXkg6u
sd8ydTsF4D8F2jq1aKcHBHFxmhH9mM5m9yu7IX1Zyd4pEHpAfWZPbIx9mwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKBACkH07fJA+bv5MZ5vuN5G9k0uMB8GA1UdIwQY
MBaAFCCqYMsAJDMqLbaJk/M1cVivYMjeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtwZ3l3QWtNeW90dG9tVDh6VnhXSzlneU40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8zNTI0MzEtZTY5NC00NDEyLWE3NjYt
NzNmN2QxMTBiODJhLzEvb0VBS1FmVHQ4a0Q1dV9reG5tLTQza2IyVFM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8zNTI0MzEtZTY5NC00NDEyLWE3NjYtNzNmN2QxMTBiODJh
LzEvSUtwZ3l3QWtNeW90dG9tVDh6VnhXSzlneU40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKgIxADIC
MA0GCSqGSIb3DQEBCwUAA4IBAQC88fxS7ELcZAZwbyCUziuUqaSMzqv7/32zpv/l
tE19jLAuZvGk9e9FKPlSnkuZXJQSnf5FU/3fx4ma+Sz0obS5dQHy4FEeIwNiP8qp
qkAIPiPv9MbSvxbb8+8JaDadfdnh07PvPuMhpAoDoRSIQwDD/Qv4mt96fdy6oR8p
/re4xnd7yx+4n5WSfnZp9KahMd7w/rAnMybdIWXrIIc3sjDqlrRyKD/6J0ZljVMa
o54clyXcBKeoWKz2Ksx7PLhvpi2GAuWXSeHTxzJMK/1eoJ3WvwRJTTmp+VBIZRzr
51fOieDGFRwt/NVyHJQPjayfm/6yASWPYvV1KovrwgrjOHbH
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:59:00 2025 by rpki-client