Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/oB4nBj4XrOOepqFsNxnVaNx0L-Q.roa
File: oB4nBj4XrOOepqFsNxnVaNx0L-Q.roa (raw, json)
Hash identifier: u5+zktI8MHGnKbkPD6/QqqJuS6A1LQ4SBogC7c5d6Uk=
Subject key identifier: A0:1E:27:06:3E:17:AC:E3:9E:A6:A1:6C:37:19:D5:68:DC:74:2F:E4
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 019464E2C8326DEE2B709C202526165EEA25
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/oB4nBj4XrOOepqFsNxnVaNx0L-Q.roa
Signing time: Tue 14 Jan 2025 12:56:11 +0000
ROA not before: Tue 14 Jan 2025 12:56:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31898
IP address blocks: 2a04:9a00:14c0::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:64:e2:c8:32:6d:ee:2b:70:9c:20:25:26:16:5e:ea:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Jan 14 12:56:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a01e27063e17ace39ea6a16c3719d568dc742fe4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:07:0c:77:1f:2a:27:b3:06:5d:b9:40:76:5c:
b1:8a:40:7d:4a:18:67:25:da:9e:d2:36:17:92:31:
59:7c:63:8b:91:e9:bd:84:75:95:3e:37:55:01:b3:
51:28:92:5d:49:2d:e1:2d:25:d6:8b:d6:d0:61:14:
20:61:e9:54:86:ea:92:dc:a2:aa:10:12:04:52:cd:
e1:6e:dd:b2:cb:df:f4:c1:80:4b:6a:5c:c3:63:41:
66:2f:bf:3b:c9:50:f6:27:2b:a9:25:c6:30:12:38:
0f:dd:f4:af:8b:6f:25:f1:58:b6:9b:4d:c1:19:a9:
82:3e:15:d6:eb:97:7b:28:a3:5c:44:2e:f7:9a:10:
4a:f3:72:b9:67:32:4c:08:cc:3c:7b:11:c6:e0:33:
26:d8:29:57:66:de:67:34:70:29:12:3b:0f:0d:28:
8f:35:d4:57:5b:e5:77:dc:ba:04:5e:6a:63:e1:86:
ec:d9:60:29:a2:16:d8:dc:dd:9e:e5:48:73:75:3e:
1d:53:6e:bb:4e:95:9d:35:67:a2:72:da:be:4f:d2:
12:bc:c1:44:5b:f8:99:ff:ed:48:8b:1f:d2:77:db:
ef:ee:ff:ed:90:83:25:bf:8d:56:a1:d6:09:0c:01:
3b:e0:93:b5:86:68:ca:01:74:38:3c:eb:0c:f9:da:
bf:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:1E:27:06:3E:17:AC:E3:9E:A6:A1:6C:37:19:D5:68:DC:74:2F:E4
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/oB4nBj4XrOOepqFsNxnVaNx0L-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:9a00:14c0::/44
Signature Algorithm: sha256WithRSAEncryption
42:6a:6b:d0:1c:ea:78:51:b0:c8:be:88:e2:83:ff:ee:4d:2b:
02:f3:f6:de:55:b2:62:10:d5:cd:d9:9f:57:9b:41:fb:ac:df:
5d:73:c2:a4:d1:2b:4b:02:bc:6b:16:7e:ab:8e:58:a3:a0:99:
a3:5c:db:bd:69:82:06:67:f1:9e:72:db:17:09:e3:92:a2:18:
1a:1e:e1:8d:48:9b:39:b1:6b:de:ae:42:62:83:6e:2a:bd:cf:
e3:ec:ed:14:f9:e3:ac:09:fc:02:be:48:a0:ee:16:fe:93:8b:
62:38:eb:bb:90:5a:f2:30:44:3e:0c:e9:39:4f:ac:c4:1f:a7:
3d:5e:82:9a:d4:84:02:c0:5d:b8:32:c6:46:ce:c4:7b:40:07:
b6:2d:15:05:14:93:2a:bc:e1:91:88:a7:4a:81:7e:d7:59:e8:
dc:2f:17:1e:42:b4:70:9b:a6:4e:90:69:7b:7a:ca:da:b5:12:
f6:4f:a7:e0:65:a1:73:e3:6e:4f:e6:71:37:cb:ec:52:36:ba:
bf:bd:53:57:cc:6d:13:63:a9:74:6a:ea:74:ed:51:fa:2a:aa:
e9:bc:4d:33:49:e0:51:f9:34:57:c2:0e:4e:b9:25:60:ec:82:
a9:06:ad:f4:cb:93:11:0a:9e:c6:fa:68:8f:f0:78:41:43:2c:
08:85:84:b3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZRk4sgybe4rcJwgJSYWXuolMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjUwMTE0MTI1NjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDFlMjcwNjNlMTdhY2UzOWVhNmExNmMzNzE5ZDU2OGRjNzQyZmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQcMdx8qJ7MGXblAdlyxikB9Shhn
Jdqe0jYXkjFZfGOLkem9hHWVPjdVAbNRKJJdSS3hLSXWi9bQYRQgYelUhuqS3KKq
EBIEUs3hbt2yy9/0wYBLalzDY0FmL787yVD2JyupJcYwEjgP3fSvi28l8Vi2m03B
GamCPhXW65d7KKNcRC73mhBK83K5ZzJMCMw8exHG4DMm2ClXZt5nNHApEjsPDSiP
NdRXW+V33LoEXmpj4Ybs2WApohbY3N2e5UhzdT4dU267TpWdNWeictq+T9ISvMFE
W/iZ/+1Iix/Sd9vv7v/tkIMlv41WodYJDAE74JO1hmjKAXQ4POsM+dq/9QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKAeJwY+F6zjnqahbDcZ1WjcdC/kMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvb0I0bkJqNFhyT09lcHFGc054blZhTngwTC1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgSaABTA
MA0GCSqGSIb3DQEBCwUAA4IBAQBCamvQHOp4UbDIvojig//uTSsC8/beVbJiENXN
2Z9Xm0H7rN9dc8Kk0StLArxrFn6rjlijoJmjXNu9aYIGZ/GectsXCeOSohgaHuGN
SJs5sWverkJig24qvc/j7O0U+eOsCfwCvkig7hb+k4tiOOu7kFryMEQ+DOk5T6zE
H6c9XoKa1IQCwF24MsZGzsR7QAe2LRUFFJMqvOGRiKdKgX7XWejcLxceQrRwm6ZO
kGl7esratRL2T6fgZaFz425P5nE3y+xSNrq/vVNXzG0TY6l0aup07VH6KqrpvE0z
SeBR+TRXwg5OuSVg7IKpBq30y5MRCp7G+miP8HhBQywIhYSz
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:22 2025 by rpki-client