Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/2a5623-f5c6-4315-8b7b-25f9336f9c77/1/oTQgsaGNzG-tP3gw41WQkR1Ao1k.roa
File: oTQgsaGNzG-tP3gw41WQkR1Ao1k.roa (raw, json)
Hash identifier: 7z7sBSmbI4SDQxcoIyZVUMo9vrHqt+VYG4RkV+1ZgF0=
Subject key identifier: A1:34:20:B1:A1:8D:CC:6F:AD:3F:78:30:E3:55:90:91:1D:40:A3:59
Certificate issuer: /CN=119109f0ef595ea8b68586483dbc6fb3cfe56f2b
Certificate serial: 0185718C437644ADD2B95E3A050A564B724C
Authority key identifier: 11:91:09:F0:EF:59:5E:A8:B6:85:86:48:3D:BC:6F:B3:CF:E5:6F:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EZEJ8O9ZXqi2hYZIPbxvs8_lbys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/2a5623-f5c6-4315-8b7b-25f9336f9c77/1/oTQgsaGNzG-tP3gw41WQkR1Ao1k.roa
Signing time: Mon 02 Jan 2023 08:14:55 +0000
ROA not before: Mon 02 Jan 2023 08:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25369
IP address blocks: 2a12:6980::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:43:76:44:ad:d2:b9:5e:3a:05:0a:56:4b:72:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=119109f0ef595ea8b68586483dbc6fb3cfe56f2b
Validity
Not Before: Jan 2 08:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a13420b1a18dcc6fad3f7830e35590911d40a359
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:8f:4e:ee:4b:0d:a3:7a:a3:b4:a6:18:73:6d:
45:f5:cf:83:3e:ab:01:cd:b6:7b:be:e7:6c:30:4d:
d6:c5:d0:9a:a3:0e:3f:ec:43:dc:17:77:3b:a5:92:
52:ef:db:ac:64:76:9c:5d:8e:5e:d5:15:e3:4a:c8:
63:ab:d0:9b:9c:60:7d:e6:a0:99:1e:5c:85:da:de:
5d:79:d0:92:10:59:8c:d7:2e:74:70:b5:b7:e1:62:
cb:35:10:4c:89:3e:d4:c4:e2:78:d7:7a:c6:28:41:
c7:b4:13:e2:d2:3e:20:a3:7e:93:6e:f3:4a:f5:74:
c2:ad:cb:17:f8:c3:a2:b8:26:93:36:99:3b:b1:fa:
b4:f9:07:62:27:17:1a:ff:39:8e:3b:ff:43:f7:cf:
90:4c:30:39:ad:d9:c6:d2:99:c3:ee:4d:8d:b5:a3:
e8:f2:b3:5c:6b:ce:c1:be:cb:c5:26:9d:d3:02:83:
d0:1f:2a:73:57:94:b1:e6:83:4e:10:5d:d1:38:e3:
d6:e0:d8:63:1e:8e:97:c7:87:60:a5:88:88:f0:e7:
6d:e1:08:b1:98:b0:9e:17:d3:02:a1:b9:ba:55:5e:
79:56:f1:91:7f:06:cd:df:7e:46:9c:96:6c:67:a5:
ce:87:15:74:45:16:91:0b:d1:61:98:8c:e5:eb:3a:
25:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:34:20:B1:A1:8D:CC:6F:AD:3F:78:30:E3:55:90:91:1D:40:A3:59
X509v3 Authority Key Identifier:
keyid:11:91:09:F0:EF:59:5E:A8:B6:85:86:48:3D:BC:6F:B3:CF:E5:6F:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EZEJ8O9ZXqi2hYZIPbxvs8_lbys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/2a5623-f5c6-4315-8b7b-25f9336f9c77/1/oTQgsaGNzG-tP3gw41WQkR1Ao1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/2a5623-f5c6-4315-8b7b-25f9336f9c77/1/EZEJ8O9ZXqi2hYZIPbxvs8_lbys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:6980::/29
Signature Algorithm: sha256WithRSAEncryption
47:81:b7:13:a7:1b:c4:10:dc:27:e9:19:7f:d4:ef:a9:ec:10:
e5:18:dd:4a:68:89:53:a0:03:dd:0d:ed:90:08:b1:e8:29:66:
d9:fb:c1:a2:df:3f:91:cf:0c:69:91:29:8e:06:b2:6f:2c:b0:
1b:3f:ab:b9:5d:ac:42:8d:5d:73:28:88:e2:47:f8:f2:64:f5:
05:be:67:bf:5a:cd:24:c5:24:c5:48:da:70:6d:e4:01:40:2f:
58:2d:b7:e4:f5:aa:5e:1b:66:be:1b:f5:ce:51:39:b7:d3:1b:
b2:23:98:df:f3:e0:bc:6a:bd:53:07:ea:af:fd:9f:52:3c:a8:
35:c1:c1:83:31:cd:d4:25:12:d0:6c:80:a0:17:66:ef:62:37:
ef:bd:92:e7:fe:10:f7:c3:51:04:3b:5f:f5:cc:a7:4f:c9:91:
98:df:72:0f:84:b0:7d:b1:e4:6e:3e:1b:25:5e:32:be:25:d4:
e1:a3:81:fa:a0:e1:78:c2:1a:4b:d3:2e:51:5f:f2:ff:49:0a:
af:9d:67:d0:9d:da:69:0d:25:ff:89:2d:f3:b9:73:a1:11:51:
e1:f5:b3:5d:26:dc:3a:9e:86:81:f3:69:4f:86:e1:0f:b2:47:
f5:4e:a4:60:cc:af:73:0a:8b:e5:0a:96:d7:ea:9b:73:be:ef:
a8:26:22:35
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVxjEN2RK3SuV46BQpWS3JMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExOTEwOWYwZWY1OTVlYThiNjg1ODY0ODNkYmM2ZmIzY2Zl
NTZmMmIwHhcNMjMwMTAyMDgxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTM0MjBiMWExOGRjYzZmYWQzZjc4MzBlMzU1OTA5MTFkNDBhMzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgo9O7ksNo3qjtKYYc21F9c+DPqsB
zbZ7vudsME3WxdCaow4/7EPcF3c7pZJS79usZHacXY5e1RXjSshjq9CbnGB95qCZ
HlyF2t5dedCSEFmM1y50cLW34WLLNRBMiT7UxOJ413rGKEHHtBPi0j4go36TbvNK
9XTCrcsX+MOiuCaTNpk7sfq0+QdiJxca/zmOO/9D98+QTDA5rdnG0pnD7k2NtaPo
8rNca87BvsvFJp3TAoPQHypzV5Sx5oNOEF3ROOPW4NhjHo6Xx4dgpYiI8Odt4Qix
mLCeF9MCobm6VV55VvGRfwbN335GnJZsZ6XOhxV0RRaRC9FhmIzl6zolOwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKE0ILGhjcxvrT94MONVkJEdQKNZMB8GA1UdIwQY
MBaAFBGRCfDvWV6otoWGSD28b7PP5W8rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVpFSjhPOVpYcWkyaFlaSVBieHZzOF9sYnlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yYTU2MjMtZjVjNi00MzE1LThiN2It
MjVmOTMzNmY5Yzc3LzEvb1RRZ3NhR056Ry10UDNndzQxV1FrUjFBbzFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yYTU2MjMtZjVjNi00MzE1LThiN2ItMjVmOTMzNmY5Yzc3
LzEvRVpFSjhPOVpYcWkyaFlaSVBieHZzOF9sYnlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhJpgDAN
BgkqhkiG9w0BAQsFAAOCAQEAR4G3E6cbxBDcJ+kZf9TvqewQ5RjdSmiJU6AD3Q3t
kAix6Clm2fvBot8/kc8MaZEpjgaybyywGz+ruV2sQo1dcyiI4kf48mT1Bb5nv1rN
JMUkxUjacG3kAUAvWC235PWqXhtmvhv1zlE5t9MbsiOY3/PgvGq9Uwfqr/2fUjyo
NcHBgzHN1CUS0GyAoBdm72I3772S5/4Q98NRBDtf9cynT8mRmN9yD4SwfbHkbj4b
JV4yviXU4aOB+qDheMIaS9MuUV/y/0kKr51n0J3aaQ0l/4kt87lzoRFR4fWzXSbc
Op6GgfNpT4bhD7JH9U6kYMyvcwqL5QqW1+qbc77vqCYiNQ==
-----END CERTIFICATE-----
Generated at Wed Mar 12 12:55:09 2025 by rpki-client