Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/oWUAsWA19Nwqo-9lFiKhQ30_8LU.roa
File: oWUAsWA19Nwqo-9lFiKhQ30_8LU.roa (raw, json)
Hash identifier: XacaKsVEwgKznPiKu9cdPcl3AAnFSEIX7QlgLtGP+Hs=
Subject key identifier: A1:65:00:B1:60:35:F4:DC:2A:A3:EF:65:16:22:A1:43:7D:3F:F0:B5
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 019425FDDE6F30A022A6A453CE94D49B0299
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/oWUAsWA19Nwqo-9lFiKhQ30_8LU.roa
Signing time: Thu 02 Jan 2025 07:49:41 +0000
ROA not before: Thu 02 Jan 2025 07:49:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204909
IP address blocks: 2a06:e881:3700::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:de:6f:30:a0:22:a6:a4:53:ce:94:d4:9b:02:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Jan 2 07:49:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a16500b16035f4dc2aa3ef651622a1437d3ff0b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:88:3d:cf:9f:dd:d3:1b:29:c0:95:c5:17:48:
28:c3:78:d0:b2:37:b9:c1:f5:02:5e:04:09:c4:55:
27:1d:4d:a6:8a:b9:ca:42:b5:49:fd:3b:d0:31:7c:
ad:f6:cf:40:56:dd:1f:39:53:d7:8c:fe:5b:ab:46:
dd:45:b4:9c:a9:c9:43:ff:80:ee:81:16:02:8c:dc:
b3:b5:b2:d0:ca:59:23:2b:86:69:b5:80:ca:06:25:
86:44:82:b6:c8:4e:7c:5c:69:85:70:21:60:e5:9e:
da:6b:11:3a:b3:8b:64:3d:74:22:6a:de:45:b5:1f:
ce:79:f3:ca:36:63:04:97:b0:c6:af:9b:35:ed:e4:
e9:05:0c:f2:55:72:d9:86:bf:f2:27:97:94:d0:e1:
38:f2:30:bd:ad:04:94:b9:a8:83:88:ac:29:47:a1:
27:08:ec:63:7d:80:97:e3:67:1b:9f:a8:70:1e:37:
3a:57:d8:9f:9d:e2:6b:58:4a:c8:a1:0c:a8:d2:13:
f6:9e:6a:32:b4:b1:0e:90:05:4b:e3:6c:1a:55:8d:
62:53:7b:cf:05:8f:00:e0:9d:ed:b2:11:d2:89:71:
37:3b:04:6e:7d:a3:67:b4:08:ae:df:0f:df:b5:bb:
94:ae:a6:f7:b2:6b:16:fe:56:45:60:c8:f4:58:5c:
8e:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:65:00:B1:60:35:F4:DC:2A:A3:EF:65:16:22:A1:43:7D:3F:F0:B5
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/oWUAsWA19Nwqo-9lFiKhQ30_8LU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:e881:3700::/44
Signature Algorithm: sha256WithRSAEncryption
35:be:f2:02:bb:4d:1f:92:6a:73:e1:32:dd:43:2a:e3:88:da:
be:bd:cf:b6:dc:85:88:53:2f:74:df:3f:32:18:e0:ed:56:50:
2a:5f:93:8e:7a:2d:65:05:77:49:94:ad:ca:a8:9d:ee:b3:37:
42:5e:d5:22:57:0f:c1:0b:75:a0:d7:d9:b2:d5:94:40:68:d0:
0b:82:08:9b:21:4e:47:bc:46:ed:d9:59:1e:92:2d:0a:7e:4b:
dd:98:e4:e1:b8:cf:3a:0c:51:07:a9:d4:fa:61:ec:71:66:00:
e1:ee:bb:c9:38:47:16:15:b8:17:2f:5a:a3:bc:43:f0:ed:01:
ab:af:d6:9a:16:59:31:03:ba:f8:05:fa:fc:d2:ac:51:4c:6d:
85:8a:c7:6d:2f:5f:1d:43:38:14:5f:d0:9a:b5:e3:9d:76:50:
50:15:8e:f3:8b:e8:ea:30:99:5a:ab:d8:f7:86:2c:ee:f4:ff:
46:33:8a:ce:cb:30:03:e8:f6:10:fd:32:e0:11:23:ce:93:33:
8a:51:55:62:42:f7:25:a6:eb:e0:af:4f:7d:96:e2:2f:e1:ca:
32:d9:e8:31:f3:48:af:98:cb:81:d9:2c:04:89:59:98:55:82:
a0:07:3b:6e:fe:f1:7e:1e:8e:34:9b:dc:d4:df:d5:86:41:41:
fa:bb:b3:8e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQl/d5vMKAipqRTzpTUmwKZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjUwMTAyMDc0OTQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTY1MDBiMTYwMzVmNGRjMmFhM2VmNjUxNjIyYTE0MzdkM2ZmMGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIg9z5/d0xspwJXFF0gow3jQsje5
wfUCXgQJxFUnHU2mirnKQrVJ/TvQMXyt9s9AVt0fOVPXjP5bq0bdRbScqclD/4Du
gRYCjNyztbLQylkjK4ZptYDKBiWGRIK2yE58XGmFcCFg5Z7aaxE6s4tkPXQiat5F
tR/OefPKNmMEl7DGr5s17eTpBQzyVXLZhr/yJ5eU0OE48jC9rQSUuaiDiKwpR6En
COxjfYCX42cbn6hwHjc6V9ifneJrWErIoQyo0hP2nmoytLEOkAVL42waVY1iU3vP
BY8A4J3tshHSiXE3OwRufaNntAiu3w/ftbuUrqb3smsW/lZFYMj0WFyOeQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKFlALFgNfTcKqPvZRYioUN9P/C1MB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvb1dVQXNXQTE5Tndxby05bEZpS2hRMzBfOExVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgbogTcA
MA0GCSqGSIb3DQEBCwUAA4IBAQA1vvICu00fkmpz4TLdQyrjiNq+vc+23IWIUy90
3z8yGODtVlAqX5OOei1lBXdJlK3KqJ3uszdCXtUiVw/BC3Wg19my1ZRAaNALggib
IU5HvEbt2Vkeki0KfkvdmOThuM86DFEHqdT6YexxZgDh7rvJOEcWFbgXL1qjvEPw
7QGrr9aaFlkxA7r4Bfr80qxRTG2FisdtL18dQzgUX9CateOddlBQFY7zi+jqMJla
q9j3hizu9P9GM4rOyzAD6PYQ/TLgESPOkzOKUVViQvclpuvgr099luIv4coy2egx
80ivmMuB2SwEiVmYVYKgBztu/vF+Ho40m9zU39WGQUH6u7OO
-----END CERTIFICATE-----
Generated at Wed Apr 9 19:36:20 2025 by rpki-client