Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/ohTlEE-9-hCPb5DTk-_fGsRCE_A.roa
File: ohTlEE-9-hCPb5DTk-_fGsRCE_A.roa (raw, json)
Hash identifier: x8jCPCcQdObbaBTAaMbUaPRjH4TWD/Pqc9qCuIKOouA=
Subject key identifier: A2:14:E5:10:4F:BD:FA:10:8F:6F:90:D3:93:EF:DF:1A:C4:42:13:F0
Certificate issuer: /CN=ee31367df6d1861071c92bae726523326f45ba2a
Certificate serial: 019423D724BD35C2BDDD88575E3CAFBBCBAF
Authority key identifier: EE:31:36:7D:F6:D1:86:10:71:C9:2B:AE:72:65:23:32:6F:45:BA:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7jE2ffbRhhBxySuucmUjMm9Fuio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/ohTlEE-9-hCPb5DTk-_fGsRCE_A.roa
Signing time: Wed 01 Jan 2025 21:48:09 +0000
ROA not before: Wed 01 Jan 2025 21:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 133480
IP address blocks: 2a0e:1cc0:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:24:bd:35:c2:bd:dd:88:57:5e:3c:af:bb:cb:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee31367df6d1861071c92bae726523326f45ba2a
Validity
Not Before: Jan 1 21:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a214e5104fbdfa108f6f90d393efdf1ac44213f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f1:91:ac:5f:b7:94:16:04:f0:d4:23:45:0c:
99:06:89:3c:e6:77:03:55:b4:db:39:15:9b:49:5d:
0c:74:12:10:9f:a1:7d:50:66:2f:68:77:6c:45:34:
67:4a:b6:bf:cd:67:df:73:05:f0:69:dd:9c:42:3d:
93:2f:bf:e4:af:b4:28:3a:4e:17:bf:94:77:9a:8c:
9f:c3:af:d2:16:66:12:41:41:69:42:2c:82:cc:39:
a7:bd:bf:7f:0d:b7:cd:af:27:14:53:d0:ce:4b:ec:
77:93:5e:b4:f8:37:e7:e3:f9:ed:56:e2:d4:f1:8a:
68:d7:7f:fe:0b:d4:ea:51:1b:70:dd:a9:8f:d6:c5:
34:f9:9e:6c:dc:ad:64:8b:f7:4e:3e:24:fa:d2:aa:
cf:96:b0:b9:32:89:37:62:08:99:83:0f:03:4b:83:
20:50:5e:73:ad:cd:3f:0e:38:e8:1b:c9:e5:d3:86:
a1:89:e8:6a:55:cd:6c:e0:34:d0:12:ad:b4:22:e4:
5c:ad:2c:86:38:25:cc:d8:e2:48:53:a8:56:a1:9c:
3f:7d:c7:6c:ba:80:78:29:bd:44:ed:c5:81:7e:41:
03:75:6f:f5:90:50:96:28:d2:da:bd:21:a7:cb:17:
38:41:39:37:c7:22:54:aa:53:71:0f:04:2c:db:cc:
0c:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:14:E5:10:4F:BD:FA:10:8F:6F:90:D3:93:EF:DF:1A:C4:42:13:F0
X509v3 Authority Key Identifier:
keyid:EE:31:36:7D:F6:D1:86:10:71:C9:2B:AE:72:65:23:32:6F:45:BA:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7jE2ffbRhhBxySuucmUjMm9Fuio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/ohTlEE-9-hCPb5DTk-_fGsRCE_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/7jE2ffbRhhBxySuucmUjMm9Fuio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1cc0:2::/48
Signature Algorithm: sha256WithRSAEncryption
2d:78:74:b7:d3:e7:df:94:31:44:cf:5e:1f:e9:ca:a6:d6:be:
32:ce:44:3b:53:4e:04:a9:e4:4c:73:e3:7c:1d:25:8a:9a:0f:
f8:1c:69:1f:20:26:b1:74:b6:81:52:2a:9f:29:09:17:3f:3d:
7b:26:a2:66:62:da:18:e5:db:b2:0a:82:3c:f8:33:f4:67:2d:
1a:23:37:92:c5:e4:ce:08:ed:0b:2b:37:f7:8a:48:0c:d5:da:
07:97:43:c3:99:7b:e5:83:95:cd:be:cd:f8:15:db:ba:c3:b7:
93:f2:a2:70:28:8b:1c:3c:20:51:6d:6d:82:37:15:45:46:7c:
d5:4e:71:aa:d5:6f:79:25:e2:b5:18:32:1a:20:13:24:b4:fa:
b8:33:92:26:20:88:83:f6:21:5e:8e:72:8d:39:a9:d8:26:7e:
36:ea:d7:f1:4f:0e:1f:dc:0b:e6:60:7a:21:48:32:0e:5b:03:
d2:25:1e:c4:da:c2:26:e2:11:cb:42:f6:29:63:1c:e4:8a:f6:
6f:ae:7f:38:ca:0c:a3:37:fe:94:d0:55:0a:70:c4:fc:fd:3e:
12:4a:a3:48:27:b1:f9:3c:08:1e:5f:90:fd:c8:d4:4a:d6:62:
00:2c:04:3e:6e:9d:52:8c:8b:37:cb:5e:2a:22:13:0a:10:31:
5f:d1:34:da
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQj1yS9NcK93YhXXjyvu8uvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMzEzNjdkZjZkMTg2MTA3MWM5MmJhZTcyNjUyMzMyNmY0
NWJhMmEwHhcNMjUwMTAxMjE0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjE0ZTUxMDRmYmRmYTEwOGY2ZjkwZDM5M2VmZGYxYWM0NDIxM2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfGRrF+3lBYE8NQjRQyZBok85ncD
VbTbORWbSV0MdBIQn6F9UGYvaHdsRTRnSra/zWffcwXwad2cQj2TL7/kr7QoOk4X
v5R3moyfw6/SFmYSQUFpQiyCzDmnvb9/DbfNrycUU9DOS+x3k160+Dfn4/ntVuLU
8Ypo13/+C9TqURtw3amP1sU0+Z5s3K1ki/dOPiT60qrPlrC5Mok3YgiZgw8DS4Mg
UF5zrc0/DjjoG8nl04ahiehqVc1s4DTQEq20IuRcrSyGOCXM2OJIU6hWoZw/fcds
uoB4Kb1E7cWBfkEDdW/1kFCWKNLavSGnyxc4QTk3xyJUqlNxDwQs28wMHQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKIU5RBPvfoQj2+Q05Pv3xrEQhPwMB8GA1UdIwQY
MBaAFO4xNn320YYQcckrrnJlIzJvRboqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2pFMmZmYlJoaEJ4eVN1dWNtVWpNbTlGdWlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8xYmI0ZGQtZTljNC00ZDNkLTlhM2It
MTE1OWRiZmJlZDU0LzEvb2hUbEVFLTktaENQYjVEVGstX2ZHc1JDRV9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8xYmI0ZGQtZTljNC00ZDNkLTlhM2ItMTE1OWRiZmJlZDU0
LzEvN2pFMmZmYlJoaEJ4eVN1dWNtVWpNbTlGdWlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg4cwAAC
MA0GCSqGSIb3DQEBCwUAA4IBAQAteHS30+fflDFEz14f6cqm1r4yzkQ7U04EqeRM
c+N8HSWKmg/4HGkfICaxdLaBUiqfKQkXPz17JqJmYtoY5duyCoI8+DP0Zy0aIzeS
xeTOCO0LKzf3ikgM1doHl0PDmXvlg5XNvs34Fdu6w7eT8qJwKIscPCBRbW2CNxVF
RnzVTnGq1W95JeK1GDIaIBMktPq4M5ImIIiD9iFejnKNOanYJn426tfxTw4f3Avm
YHohSDIOWwPSJR7E2sIm4hHLQvYpYxzkivZvrn84ygyjN/6U0FUKcMT8/T4SSqNI
J7H5PAgeX5D9yNRK1mIALAQ+bp1SjIs3y14qIhMKEDFf0TTa
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:31:44 2025 by rpki-client