Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/O0gbOkXz9uAbPUR5VVRrF_PvbYQ.roa
File: O0gbOkXz9uAbPUR5VVRrF_PvbYQ.roa (raw, json)
Hash identifier: JcmIHwdDGCYsmNAdAm8vBAUnuq5l4ZFb5XPq2AQJESo=
Subject key identifier: 3B:48:1B:3A:45:F3:F6:E0:1B:3D:44:79:55:54:6B:17:F3:EF:6D:84
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 019425FDC63A99CFCE5F2D267D2ADB5A8AFF
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/O0gbOkXz9uAbPUR5VVRrF_PvbYQ.roa
Signing time: Thu 02 Jan 2025 07:49:35 +0000
ROA not before: Thu 02 Jan 2025 07:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213324
IP address blocks: 2a07:3500:1a50::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:c6:3a:99:cf:ce:5f:2d:26:7d:2a:db:5a:8a:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Jan 2 07:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3b481b3a45f3f6e01b3d447955546b17f3ef6d84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:fe:ef:d3:5e:82:4b:34:fc:0e:3d:7b:3a:31:
00:93:7d:cb:e5:b7:aa:e8:d8:f8:9c:35:4e:20:05:
a0:eb:d3:cf:27:d5:5e:28:dd:d5:5c:b4:dd:84:47:
32:40:cb:37:54:dd:27:5c:d4:33:6e:4e:93:69:67:
93:09:02:e8:4e:01:cd:2b:fb:22:68:16:a6:d3:d6:
66:2c:c1:45:74:25:be:7a:ae:99:b2:e5:b7:25:d7:
85:b2:68:82:a1:b5:40:f6:10:87:98:2f:e9:63:7a:
1a:6c:a5:fe:80:a0:8a:2a:ad:5f:3f:f7:25:f1:2e:
95:ff:5c:ca:13:de:85:83:a3:0f:c4:2b:19:4e:15:
c8:fa:ce:8e:f2:ad:88:c9:8d:b5:83:57:5c:3e:48:
bf:11:38:f6:5a:3f:32:1e:f9:8b:02:73:84:d5:f0:
cf:f5:e9:6c:37:cd:e2:5e:b7:ca:2b:65:45:41:73:
61:60:79:78:51:e1:4a:6f:f8:64:d0:ad:da:18:19:
50:d0:28:e4:7d:d8:0c:67:de:bf:69:5f:b9:15:ad:
9d:bf:05:65:be:90:13:60:72:39:f1:9f:6b:f2:33:
2a:f7:a1:0e:8b:10:38:69:72:9e:70:08:02:f0:66:
ed:f5:67:61:26:84:85:cb:b7:0e:e2:22:9e:16:38:
80:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:48:1B:3A:45:F3:F6:E0:1B:3D:44:79:55:54:6B:17:F3:EF:6D:84
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/O0gbOkXz9uAbPUR5VVRrF_PvbYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:3500:1a50::/48
Signature Algorithm: sha256WithRSAEncryption
45:35:ea:57:9f:e2:0f:00:94:c9:b3:1f:2a:c6:f0:e7:05:ae:
95:22:05:c6:37:c9:3e:5c:9e:b8:1a:0c:ce:9f:ee:5d:c6:b6:
2c:43:3a:65:62:8c:00:a1:83:3e:3e:96:0c:cf:c0:e6:9f:c9:
ed:03:ac:9b:f1:6a:a5:d8:ad:f3:a1:a7:a8:d0:c4:60:cf:c9:
08:3b:af:17:59:ff:f8:f9:df:2c:90:3e:73:f8:ef:32:3e:0c:
10:ff:b5:d6:a3:29:7f:6b:81:b1:4c:fe:6c:7c:19:87:c7:67:
c5:e4:c8:80:37:5e:b0:45:46:c3:4d:70:01:fb:a2:a7:d5:9c:
a8:93:85:c3:0f:40:ab:12:b0:11:08:e4:00:46:fc:0a:eb:9d:
5f:ad:d9:9f:e5:6f:05:6c:17:a2:50:80:63:c8:ed:05:f3:c8:
18:d4:e7:84:20:17:9a:60:ff:c2:45:26:bc:10:7c:03:67:31:
d0:dc:9e:48:13:35:47:b4:16:f7:7c:b0:59:a4:3b:c6:ee:9b:
a1:53:50:c0:8f:80:26:67:2f:84:9e:e0:5f:3c:ff:ac:ae:29:
f7:a3:69:18:1b:a5:67:53:bb:12:56:b4:e0:1b:ff:89:43:1c:
13:3b:f7:2f:e8:1e:ee:99:12:32:6b:fe:3d:5d:52:53:a1:93:
45:1c:5d:c1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQl/cY6mc/OXy0mfSrbWor/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjUwMTAyMDc0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjQ4MWIzYTQ1ZjNmNmUwMWIzZDQ0Nzk1NTU0NmIxN2YzZWY2ZDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtP7v016CSzT8Dj17OjEAk33L5beq
6Nj4nDVOIAWg69PPJ9VeKN3VXLTdhEcyQMs3VN0nXNQzbk6TaWeTCQLoTgHNK/si
aBam09ZmLMFFdCW+eq6ZsuW3JdeFsmiCobVA9hCHmC/pY3oabKX+gKCKKq1fP/cl
8S6V/1zKE96Fg6MPxCsZThXI+s6O8q2IyY21g1dcPki/ETj2Wj8yHvmLAnOE1fDP
9elsN83iXrfKK2VFQXNhYHl4UeFKb/hk0K3aGBlQ0CjkfdgMZ96/aV+5Fa2dvwVl
vpATYHI58Z9r8jMq96EOixA4aXKecAgC8Gbt9WdhJoSFy7cO4iKeFjiAjwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDtIGzpF8/bgGz1EeVVUaxfz722EMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvTzBnYk9rWHo5dUFiUFVSNVZWUnJGX1B2YllRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgc1ABpQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBFNepXn+IPAJTJsx8qxvDnBa6VIgXGN8k+XJ64
GgzOn+5dxrYsQzplYowAoYM+PpYMz8Dmn8ntA6yb8Wql2K3zoaeo0MRgz8kIO68X
Wf/4+d8skD5z+O8yPgwQ/7XWoyl/a4GxTP5sfBmHx2fF5MiAN16wRUbDTXAB+6Kn
1Zyok4XDD0CrErARCOQARvwK651frdmf5W8FbBeiUIBjyO0F88gY1OeEIBeaYP/C
RSa8EHwDZzHQ3J5IEzVHtBb3fLBZpDvG7puhU1DAj4AmZy+EnuBfPP+srin3o2kY
G6VnU7sSVrTgG/+JQxwTO/cv6B7umRIya/49XVJToZNFHF3B
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:46:13 2025 by rpki-client