Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/7d5480-60a7-4193-bf34-bd849b04d10a/1/o2K2NplD6BtqWkA-W6m-d-0W_P0.roa
File: o2K2NplD6BtqWkA-W6m-d-0W_P0.roa (raw, json)
Hash identifier: zGewfHeTeHZOI4yDwOTwT/i6b+AWPJFRnQZqeQx/idw=
Subject key identifier: A3:62:B6:36:99:43:E8:1B:6A:5A:40:3E:5B:A9:BE:77:ED:16:FC:FD
Certificate issuer: /CN=59bff5f16ecb268b1597da1b3ad30af40fce7717
Certificate serial: 0194258F06485C5407CD4004CEE944482C71
Authority key identifier: 59:BF:F5:F1:6E:CB:26:8B:15:97:DA:1B:3A:D3:0A:F4:0F:CE:77:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wb_18W7LJosVl9obOtMK9A_Odxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/7d5480-60a7-4193-bf34-bd849b04d10a/1/o2K2NplD6BtqWkA-W6m-d-0W_P0.roa
Signing time: Thu 02 Jan 2025 05:48:37 +0000
ROA not before: Thu 02 Jan 2025 05:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36459
IP address blocks: 2a0a:a440::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:06:48:5c:54:07:cd:40:04:ce:e9:44:48:2c:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59bff5f16ecb268b1597da1b3ad30af40fce7717
Validity
Not Before: Jan 2 05:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a362b6369943e81b6a5a403e5ba9be77ed16fcfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:2b:45:a0:0e:59:ae:99:8f:01:ff:47:98:87:
ac:4a:96:4a:af:ef:a4:63:53:bc:f2:a7:36:bb:7f:
9e:71:0a:bc:2a:57:e3:53:d6:04:bd:bd:85:6f:89:
27:29:bd:df:4f:31:35:0a:38:2f:fd:be:b8:09:cd:
ac:fa:2b:8a:d3:87:cb:18:56:88:a7:96:9d:88:fd:
a6:cf:36:77:e0:8a:7b:9b:ce:53:e1:16:a2:b6:f4:
75:a8:a1:10:9d:97:76:52:7d:20:ae:bc:a9:57:5e:
c7:a6:51:b6:ca:89:bf:9a:a2:7b:14:46:31:a0:02:
4b:28:63:68:50:9a:cc:02:48:a9:ca:73:75:b7:d4:
14:f5:ce:f7:48:a1:2e:a5:e5:01:9b:ef:a4:80:c0:
e0:47:b8:ab:a0:69:e1:e0:22:9d:ca:e0:bd:d4:3a:
59:b6:98:1d:92:92:d9:5f:9b:02:d1:09:b2:57:a0:
77:c6:23:f8:92:d5:ba:d3:c6:86:1c:02:5d:ea:f0:
e6:6c:51:6c:93:fd:c7:22:19:b8:f8:d9:fb:8f:c2:
2c:75:a3:75:3a:ad:00:11:c3:b8:84:4e:b8:a7:fc:
57:b0:95:35:c8:86:f9:00:74:78:03:93:bd:fd:0c:
90:8d:08:26:de:19:63:6a:21:89:33:cd:50:7f:e3:
5b:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:62:B6:36:99:43:E8:1B:6A:5A:40:3E:5B:A9:BE:77:ED:16:FC:FD
X509v3 Authority Key Identifier:
keyid:59:BF:F5:F1:6E:CB:26:8B:15:97:DA:1B:3A:D3:0A:F4:0F:CE:77:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wb_18W7LJosVl9obOtMK9A_Odxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/7d5480-60a7-4193-bf34-bd849b04d10a/1/o2K2NplD6BtqWkA-W6m-d-0W_P0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/7d5480-60a7-4193-bf34-bd849b04d10a/1/Wb_18W7LJosVl9obOtMK9A_Odxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:a440::/29
Signature Algorithm: sha256WithRSAEncryption
b0:5a:e6:78:3c:04:9e:22:39:aa:e3:22:73:b6:95:ac:e7:58:
bf:b1:cc:1b:3e:0b:83:61:25:b8:ab:66:8b:ad:95:2a:ed:af:
7d:b0:f9:fa:32:9f:86:44:6b:16:ad:38:d2:8f:75:c0:66:a8:
13:0b:01:de:9a:cf:91:67:86:6f:ae:ef:fb:07:d1:b9:03:55:
e5:af:d1:b6:d9:97:39:d4:4e:ce:ed:92:3f:94:38:b7:fa:ea:
0b:70:aa:7e:f6:7f:d3:96:9b:94:17:54:4c:7f:a0:79:8d:34:
20:98:11:88:07:4f:52:37:31:88:58:5f:5f:8c:32:27:a9:dd:
f6:aa:fb:e5:d9:ea:b6:ed:79:7a:ce:5d:29:b3:68:17:e5:95:
cd:87:24:1b:3d:68:95:3e:a8:b9:08:64:62:1e:7a:93:f4:7e:
04:c8:49:1f:3b:20:00:8a:30:3a:c8:ce:c6:92:98:b7:07:66:
ed:0a:c0:28:9e:b3:e9:97:f8:1f:39:88:04:da:2c:6a:1d:77:
4f:5f:2a:6d:b0:9c:96:e7:ad:6b:64:8c:c9:45:4a:f9:a1:e8:
32:65:97:b5:42:55:53:9f:08:e8:fa:66:f8:1b:bc:b0:05:df:
2a:36:84:27:0e:9a:86:6f:53:39:f5:78:cf:45:d8:34:02:dc:
eb:c0:c1:1a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQljwZIXFQHzUAEzulESCxxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5YmZmNWYxNmVjYjI2OGIxNTk3ZGExYjNhZDMwYWY0MGZj
ZTc3MTcwHhcNMjUwMTAyMDU0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzYyYjYzNjk5NDNlODFiNmE1YTQwM2U1YmE5YmU3N2VkMTZmY2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCtFoA5ZrpmPAf9HmIesSpZKr++k
Y1O88qc2u3+ecQq8KlfjU9YEvb2Fb4knKb3fTzE1Cjgv/b64Cc2s+iuK04fLGFaI
p5adiP2mzzZ34Ip7m85T4RaitvR1qKEQnZd2Un0grrypV17HplG2yom/mqJ7FEYx
oAJLKGNoUJrMAkipynN1t9QU9c73SKEupeUBm++kgMDgR7iroGnh4CKdyuC91DpZ
tpgdkpLZX5sC0QmyV6B3xiP4ktW608aGHAJd6vDmbFFsk/3HIhm4+Nn7j8IsdaN1
Oq0AEcO4hE64p/xXsJU1yIb5AHR4A5O9/QyQjQgm3hljaiGJM81Qf+NbYQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKNitjaZQ+gbalpAPlupvnftFvz9MB8GA1UdIwQY
MBaAFFm/9fFuyyaLFZfaGzrTCvQPzncXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2JfMThXN0xKb3NWbDlvYk90TUs5QV9PZHhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS83ZDU0ODAtNjBhNy00MTkzLWJmMzQt
YmQ4NDliMDRkMTBhLzEvbzJLMk5wbEQ2QnRxV2tBLVc2bS1kLTBXX1AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS83ZDU0ODAtNjBhNy00MTkzLWJmMzQtYmQ4NDliMDRkMTBh
LzEvV2JfMThXN0xKb3NWbDlvYk90TUs5QV9PZHhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgqkQDAN
BgkqhkiG9w0BAQsFAAOCAQEAsFrmeDwEniI5quMic7aVrOdYv7HMGz4Lg2EluKtm
i62VKu2vfbD5+jKfhkRrFq040o91wGaoEwsB3prPkWeGb67v+wfRuQNV5a/RttmX
OdROzu2SP5Q4t/rqC3CqfvZ/05ablBdUTH+geY00IJgRiAdPUjcxiFhfX4wyJ6nd
9qr75dnqtu15es5dKbNoF+WVzYckGz1olT6ouQhkYh56k/R+BMhJHzsgAIowOsjO
xpKYtwdm7QrAKJ6z6Zf4HzmIBNosah13T18qbbCclueta2SMyUVK+aHoMmWXtUJV
U58I6Ppm+Bu8sAXfKjaEJw6ahm9TOfV4z0XYNALc68DBGg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 07:08:27 2025 by rpki-client