Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/OQadFX-qT3gCoM0N-bZt3P6oHFk.roa
File: OQadFX-qT3gCoM0N-bZt3P6oHFk.roa (raw, json)
Hash identifier: 46o7jeEMiMdTNObDyI76FFzvM1LIe1/KQjE4TCfjPsc=
Subject key identifier: 39:06:9D:15:7F:AA:4F:78:02:A0:CD:0D:F9:B6:6D:DC:FE:A8:1C:59
Certificate issuer: /CN=ee31367df6d1861071c92bae726523326f45ba2a
Certificate serial: 019423D72BBEC9E0AA628701894834D2E27E
Authority key identifier: EE:31:36:7D:F6:D1:86:10:71:C9:2B:AE:72:65:23:32:6F:45:BA:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7jE2ffbRhhBxySuucmUjMm9Fuio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/OQadFX-qT3gCoM0N-bZt3P6oHFk.roa
Signing time: Wed 01 Jan 2025 21:48:11 +0000
ROA not before: Wed 01 Jan 2025 21:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211998
IP address blocks: 2a0e:1cc0:5::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:2b:be:c9:e0:aa:62:87:01:89:48:34:d2:e2:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee31367df6d1861071c92bae726523326f45ba2a
Validity
Not Before: Jan 1 21:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=39069d157faa4f7802a0cd0df9b66ddcfea81c59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:5d:41:03:87:20:8b:1e:1e:94:95:94:30:bf:
34:fc:f2:e7:cb:86:24:2b:3d:e4:65:be:70:b0:2c:
9a:af:ca:61:24:94:dd:6f:e8:a5:92:51:64:93:ac:
14:91:df:c7:9b:7a:4e:63:52:2f:c9:5a:15:4e:3c:
82:3d:05:0d:89:39:58:25:d2:e9:84:b2:37:20:2f:
66:00:3a:37:46:01:13:46:26:49:98:30:11:5c:4b:
b2:49:69:5e:ba:73:74:6a:5c:65:ca:65:a8:73:fa:
1b:a9:b9:28:d3:41:b6:3e:b8:a7:75:9a:68:33:61:
a8:63:13:86:6f:5e:e8:20:92:cb:3f:51:c2:36:ab:
69:b9:b9:38:1e:1e:69:e2:ad:09:a5:5c:5a:18:b1:
39:20:90:c7:b2:dd:62:18:42:05:18:5a:20:46:2c:
10:44:0b:1f:5c:15:d6:d8:4b:a1:9d:da:7c:89:02:
d7:ea:1d:02:42:2e:b4:10:65:75:22:24:18:20:f9:
60:36:56:c4:ca:96:11:dc:64:a0:0c:1c:62:fb:2a:
69:b2:54:16:cf:c5:d4:ba:81:7c:b2:b6:0a:66:af:
8b:03:cd:87:c9:cc:c8:2f:d0:9d:b4:78:1b:fd:e4:
58:bd:6f:98:c1:d8:2b:9c:08:e6:ab:38:b6:e1:01:
72:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:06:9D:15:7F:AA:4F:78:02:A0:CD:0D:F9:B6:6D:DC:FE:A8:1C:59
X509v3 Authority Key Identifier:
keyid:EE:31:36:7D:F6:D1:86:10:71:C9:2B:AE:72:65:23:32:6F:45:BA:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7jE2ffbRhhBxySuucmUjMm9Fuio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/OQadFX-qT3gCoM0N-bZt3P6oHFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/7jE2ffbRhhBxySuucmUjMm9Fuio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1cc0:5::/48
Signature Algorithm: sha256WithRSAEncryption
a4:00:6d:68:9c:76:7c:ed:06:67:b1:3d:5b:9f:28:ec:de:f3:
f5:80:f6:23:e8:71:b7:f9:8b:16:a5:f6:83:72:c7:cc:a7:49:
83:fb:32:4e:b0:29:80:e2:90:01:5a:62:35:18:f3:fb:23:32:
ea:b5:f4:a9:88:22:c2:e3:0d:df:85:ba:c4:a6:ac:46:07:d8:
9f:ab:23:6c:31:48:5e:e7:8c:5c:9e:0f:f7:a8:5c:f9:f4:86:
10:49:bc:92:0a:91:99:16:96:3a:ac:d3:00:1b:4b:a2:8b:c8:
e8:3a:60:91:ac:bf:a0:9c:ef:29:37:8d:f4:2d:a9:5c:f8:f3:
d5:01:84:32:1d:47:9c:5a:39:4a:70:0f:0c:dc:96:81:86:42:
b6:61:78:89:b8:6a:31:13:f7:2e:84:1a:eb:14:8a:5f:fa:8d:
d7:15:61:4e:6f:84:82:f3:e6:d2:84:c2:d4:f1:ce:34:ac:70:
91:2b:a7:bb:bb:17:7e:a2:c3:85:7e:aa:a4:8d:44:f7:03:0d:
b3:b1:8f:66:e2:1a:5b:5a:66:9d:e3:ca:e6:ea:29:9d:96:ee:
df:d9:c2:bd:32:c4:10:16:e1:8e:1a:5f:c3:8a:92:f9:b4:51:
0d:3d:9e:f7:7d:7a:6d:9c:66:8d:ad:49:ee:8d:2f:42:fd:2c:
64:01:53:09
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQj1yu+yeCqYocBiUg00uJ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMzEzNjdkZjZkMTg2MTA3MWM5MmJhZTcyNjUyMzMyNmY0
NWJhMmEwHhcNMjUwMTAxMjE0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTA2OWQxNTdmYWE0Zjc4MDJhMGNkMGRmOWI2NmRkY2ZlYTgxYzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvV1BA4cgix4elJWUML80/PLny4Yk
Kz3kZb5wsCyar8phJJTdb+ilklFkk6wUkd/Hm3pOY1IvyVoVTjyCPQUNiTlYJdLp
hLI3IC9mADo3RgETRiZJmDARXEuySWleunN0alxlymWoc/obqbko00G2PrindZpo
M2GoYxOGb17oIJLLP1HCNqtpubk4Hh5p4q0JpVxaGLE5IJDHst1iGEIFGFogRiwQ
RAsfXBXW2Euhndp8iQLX6h0CQi60EGV1IiQYIPlgNlbEypYR3GSgDBxi+yppslQW
z8XUuoF8srYKZq+LA82HyczIL9CdtHgb/eRYvW+YwdgrnAjmqzi24QFybwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDkGnRV/qk94AqDNDfm2bdz+qBxZMB8GA1UdIwQY
MBaAFO4xNn320YYQcckrrnJlIzJvRboqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2pFMmZmYlJoaEJ4eVN1dWNtVWpNbTlGdWlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8xYmI0ZGQtZTljNC00ZDNkLTlhM2It
MTE1OWRiZmJlZDU0LzEvT1FhZEZYLXFUM2dDb00wTi1iWnQzUDZvSEZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8xYmI0ZGQtZTljNC00ZDNkLTlhM2ItMTE1OWRiZmJlZDU0
LzEvN2pFMmZmYlJoaEJ4eVN1dWNtVWpNbTlGdWlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg4cwAAF
MA0GCSqGSIb3DQEBCwUAA4IBAQCkAG1onHZ87QZnsT1bnyjs3vP1gPYj6HG3+YsW
pfaDcsfMp0mD+zJOsCmA4pABWmI1GPP7IzLqtfSpiCLC4w3fhbrEpqxGB9ifqyNs
MUhe54xcng/3qFz59IYQSbySCpGZFpY6rNMAG0uii8joOmCRrL+gnO8pN430Lalc
+PPVAYQyHUecWjlKcA8M3JaBhkK2YXiJuGoxE/cuhBrrFIpf+o3XFWFOb4SC8+bS
hMLU8c40rHCRK6e7uxd+osOFfqqkjUT3Aw2zsY9m4hpbWmad48rm6imdlu7f2cK9
MsQQFuGOGl/DipL5tFENPZ73fXptnGaNrUnujS9C/SxkAVMJ
-----END CERTIFICATE-----
Generated at Thu Apr 10 03:09:37 2025 by rpki-client