Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/a20101-1c9f-44c5-8077-5190f7869a7f/1/oGPLcgnT5_jMQFeXtQh3bXaXriM.roa
File: oGPLcgnT5_jMQFeXtQh3bXaXriM.roa (raw, json)
Hash identifier: QUvCaj08Q2TK+WnTDqsu5pyPq9XzMOcObz9WAotvcYU=
Subject key identifier: A0:63:CB:72:09:D3:E7:F8:CC:40:57:97:B5:08:77:6D:76:97:AE:23
Certificate issuer: /CN=996f903f91a85a60c546ee1141348cc3c8036927
Certificate serial: 0194228DACD71057EECCEE0A7080EED345BC
Authority key identifier: 99:6F:90:3F:91:A8:5A:60:C5:46:EE:11:41:34:8C:C3:C8:03:69:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mW-QP5GoWmDFRu4RQTSMw8gDaSc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/a20101-1c9f-44c5-8077-5190f7869a7f/1/oGPLcgnT5_jMQFeXtQh3bXaXriM.roa
Signing time: Wed 01 Jan 2025 15:48:17 +0000
ROA not before: Wed 01 Jan 2025 15:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198333
IP address blocks: 2001:67c:1988::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:ac:d7:10:57:ee:cc:ee:0a:70:80:ee:d3:45:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=996f903f91a85a60c546ee1141348cc3c8036927
Validity
Not Before: Jan 1 15:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a063cb7209d3e7f8cc405797b508776d7697ae23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:9b:97:06:ba:6f:84:f3:f7:f9:ab:0a:96:ea:
2e:f9:18:d9:6d:49:8b:83:dd:b1:ad:7d:80:df:35:
c1:c9:ac:50:f3:56:e2:e2:78:93:47:e9:c4:c1:65:
2e:17:b6:21:34:9e:93:d3:72:2f:b6:d4:18:2a:02:
07:3a:62:4a:f0:2d:e0:a9:a7:a6:90:28:4a:ac:26:
60:b9:c6:bd:23:d9:0f:ac:04:26:c0:b0:95:60:e9:
f2:58:1e:84:e5:a0:4f:d0:f1:81:55:34:bf:bf:b8:
67:d1:db:e9:8a:2f:4d:00:66:3e:e7:ee:7b:3e:e6:
be:08:bc:9f:d5:17:e8:c1:75:3b:46:8a:ad:88:ac:
34:e5:83:c6:f3:3b:76:e9:5c:b5:ee:35:ad:12:f1:
5e:94:30:bb:cc:58:ac:14:58:ac:8e:04:fb:ee:06:
75:3b:ae:c7:31:37:56:3b:26:1c:0c:9d:0b:97:5c:
fe:fb:83:8a:67:93:fe:1f:b4:60:8c:20:c3:a0:fd:
a3:83:14:05:08:a0:7d:43:e6:dc:41:70:14:2c:33:
5c:79:c9:41:03:5f:f7:22:57:dc:ce:45:20:65:6c:
16:5f:2a:49:0b:2f:5e:86:41:9e:83:d4:40:d5:1c:
39:40:1d:8a:b1:32:89:0a:99:f0:04:a4:89:d2:8a:
77:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:63:CB:72:09:D3:E7:F8:CC:40:57:97:B5:08:77:6D:76:97:AE:23
X509v3 Authority Key Identifier:
keyid:99:6F:90:3F:91:A8:5A:60:C5:46:EE:11:41:34:8C:C3:C8:03:69:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mW-QP5GoWmDFRu4RQTSMw8gDaSc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/a20101-1c9f-44c5-8077-5190f7869a7f/1/oGPLcgnT5_jMQFeXtQh3bXaXriM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/a20101-1c9f-44c5-8077-5190f7869a7f/1/mW-QP5GoWmDFRu4RQTSMw8gDaSc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1988::/48
Signature Algorithm: sha256WithRSAEncryption
45:48:99:af:90:1f:90:5b:ea:a0:d0:36:1d:5e:7e:0d:0b:a0:
12:b0:67:f0:34:11:01:3c:17:f0:06:ac:d7:37:d0:da:e0:c6:
bc:2c:f6:c9:70:85:74:44:13:4b:ac:ec:3c:31:67:96:4e:d1:
01:c2:c8:1c:b9:3f:63:24:ac:3b:4f:b2:5c:0a:ee:d5:1d:c2:
5b:43:15:0d:f9:a0:cb:c6:4a:10:c0:bb:87:c2:75:d5:ae:8e:
37:e0:5e:58:63:be:92:49:db:08:da:3d:5b:4e:fd:64:0d:f5:
f6:ba:d3:30:4c:0f:9b:79:fd:4e:12:ed:0d:23:aa:50:f2:41:
cc:29:08:cd:b4:d7:ba:54:9d:3b:7e:51:64:2a:94:6e:43:d2:
0a:f1:c1:65:ab:91:cf:06:9c:27:7e:e3:60:60:92:29:02:f2:
e6:ac:6f:ed:51:22:94:e9:25:34:36:00:cd:18:82:87:51:80:
5c:91:07:c7:0d:89:e0:9c:95:65:f8:20:3f:c4:6e:c7:71:54:
76:13:02:e7:68:cc:f8:cd:b9:27:cf:b8:c8:78:fc:88:4d:f0:
59:48:c2:f6:a1:d9:e7:1e:88:6d:84:4a:3a:a7:dd:13:ca:ac:
ef:0f:3c:8b:01:63:af:d4:ca:b2:07:97:ff:e2:87:c0:2e:b7:
1b:7d:56:66
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQijazXEFfuzO4KcIDu00W8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NmY5MDNmOTFhODVhNjBjNTQ2ZWUxMTQxMzQ4Y2MzYzgw
MzY5MjcwHhcNMjUwMTAxMTU0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDYzY2I3MjA5ZDNlN2Y4Y2M0MDU3OTdiNTA4Nzc2ZDc2OTdhZTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ZuXBrpvhPP3+asKluou+RjZbUmL
g92xrX2A3zXByaxQ81bi4niTR+nEwWUuF7YhNJ6T03IvttQYKgIHOmJK8C3gqaem
kChKrCZguca9I9kPrAQmwLCVYOnyWB6E5aBP0PGBVTS/v7hn0dvpii9NAGY+5+57
Pua+CLyf1RfowXU7RoqtiKw05YPG8zt26Vy17jWtEvFelDC7zFisFFisjgT77gZ1
O67HMTdWOyYcDJ0Ll1z++4OKZ5P+H7RgjCDDoP2jgxQFCKB9Q+bcQXAULDNceclB
A1/3IlfczkUgZWwWXypJCy9ehkGeg9RA1Rw5QB2KsTKJCpnwBKSJ0op3RwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKBjy3IJ0+f4zEBXl7UId212l64jMB8GA1UdIwQY
MBaAFJlvkD+RqFpgxUbuEUE0jMPIA2knMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVctUVA1R29XbURGUnU0UlFUU013OGdEYVNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9hMjAxMDEtMWM5Zi00NGM1LTgwNzct
NTE5MGY3ODY5YTdmLzEvb0dQTGNnblQ1X2pNUUZlWHRRaDNiWGFYcmlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9hMjAxMDEtMWM5Zi00NGM1LTgwNzctNTE5MGY3ODY5YTdm
LzEvbVctUVA1R29XbURGUnU0UlFUU013OGdEYVNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBmI
MA0GCSqGSIb3DQEBCwUAA4IBAQBFSJmvkB+QW+qg0DYdXn4NC6ASsGfwNBEBPBfw
BqzXN9Da4Ma8LPbJcIV0RBNLrOw8MWeWTtEBwsgcuT9jJKw7T7JcCu7VHcJbQxUN
+aDLxkoQwLuHwnXVro434F5YY76SSdsI2j1bTv1kDfX2utMwTA+bef1OEu0NI6pQ
8kHMKQjNtNe6VJ07flFkKpRuQ9IK8cFlq5HPBpwnfuNgYJIpAvLmrG/tUSKU6SU0
NgDNGIKHUYBckQfHDYngnJVl+CA/xG7HcVR2EwLnaMz4zbknz7jIePyITfBZSML2
odnnHohthEo6p90TyqzvDzyLAWOv1MqyB5f/4ofALrcbfVZm
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:08:17 2025 by rpki-client