Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/72d226-c3b0-41f3-b4db-83fd7382ff13/1/OzPl_xNZVwXpyvMZbT7xWwVNG4c.roa
File: OzPl_xNZVwXpyvMZbT7xWwVNG4c.roa (raw, json)
Hash identifier: wvBV2C2Eawc8pQE+0dfFWXXWr4Bs74pJsKlWlBlaV9E=
Subject key identifier: 3B:33:E5:FF:13:59:57:05:E9:CA:F3:19:6D:3E:F1:5B:05:4D:1B:87
Certificate issuer: /CN=50b90a5e158ba0908fdc83cc4243fe40c6dab423
Certificate serial: 09F3CA30
Authority key identifier: 50:B9:0A:5E:15:8B:A0:90:8F:DC:83:CC:42:43:FE:40:C6:DA:B4:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ULkKXhWLoJCP3IPMQkP-QMbatCM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/72d226-c3b0-41f3-b4db-83fd7382ff13/1/OzPl_xNZVwXpyvMZbT7xWwVNG4c.roa
Signing time: Sat 01 Jan 2022 09:59:13 +0000
ROA not before: Sat 01 Jan 2022 09:59:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213042
IP address blocks: 2a09:be40:1200::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 166971952 (0x9f3ca30)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50b90a5e158ba0908fdc83cc4243fe40c6dab423
Validity
Not Before: Jan 1 09:59:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3b33e5ff13595705e9caf3196d3ef15b054d1b87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:1d:20:9c:cc:de:a4:9d:b6:2e:45:7e:af:34:
27:4d:74:cf:89:4a:f0:50:8b:e6:02:c9:7a:60:1a:
9e:aa:e3:c6:96:8c:e1:e1:2e:78:d9:17:b2:50:16:
90:58:79:ae:56:81:75:41:9e:78:b6:49:e0:c6:9c:
72:84:a7:e6:20:ba:5a:6c:59:9f:96:7e:2f:c9:5e:
26:e7:2e:46:0d:ff:25:4d:9c:aa:25:b9:ea:6a:ff:
3f:5c:8b:d6:17:30:05:f9:b3:a3:bc:15:7c:76:c2:
10:b1:87:5e:54:5a:d9:83:88:1c:4c:ea:5e:66:0c:
fb:22:5a:de:68:92:df:94:26:8f:a3:f0:f2:5f:33:
45:92:5d:f9:3e:48:77:88:cc:75:95:f0:17:ae:79:
20:7f:d4:00:c6:9c:1e:b9:e8:b4:bc:7f:a0:1d:17:
f7:5f:b6:9d:bd:f6:a9:2f:c0:9e:4f:42:ea:e4:22:
b9:42:c7:4f:33:7f:21:1a:f3:7e:49:55:ea:00:fb:
dd:ee:24:fe:f0:d5:44:c0:a8:dc:f5:0b:b1:d0:71:
3e:d4:6a:70:1d:d6:a0:a7:96:2a:99:fd:62:e7:d2:
3b:a7:81:07:47:ba:53:d4:97:b7:34:0d:13:2d:4b:
87:86:ce:e9:ee:7d:c6:d7:00:b8:8e:a7:16:11:e8:
5f:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:33:E5:FF:13:59:57:05:E9:CA:F3:19:6D:3E:F1:5B:05:4D:1B:87
X509v3 Authority Key Identifier:
keyid:50:B9:0A:5E:15:8B:A0:90:8F:DC:83:CC:42:43:FE:40:C6:DA:B4:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ULkKXhWLoJCP3IPMQkP-QMbatCM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/72d226-c3b0-41f3-b4db-83fd7382ff13/1/OzPl_xNZVwXpyvMZbT7xWwVNG4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/72d226-c3b0-41f3-b4db-83fd7382ff13/1/ULkKXhWLoJCP3IPMQkP-QMbatCM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:be40:1200::/40
Signature Algorithm: sha256WithRSAEncryption
7f:32:9e:51:88:05:98:37:e8:70:87:6e:a5:57:5c:a2:f8:4a:
57:dc:4c:78:c7:66:c5:63:30:89:ab:13:30:ad:94:bf:ab:52:
72:c7:fa:bd:31:21:57:d0:8c:be:f8:89:da:30:f2:c0:21:dc:
0f:72:f0:d8:53:8f:44:38:e2:9d:62:2d:26:1c:e5:58:eb:14:
b1:18:c1:35:61:24:a4:ea:8e:16:67:15:22:87:ac:7f:6c:8e:
e4:b4:76:bb:99:88:44:1e:4c:b5:b4:4a:e0:33:38:ad:d9:d0:
ca:35:60:11:ff:a9:f3:8e:49:48:15:55:0c:89:5c:f1:d7:3c:
21:a5:b2:46:8b:ce:78:f8:42:a9:4f:83:b1:29:de:8d:a0:88:
0d:77:5d:9c:9d:4b:d9:9d:23:5e:7f:66:41:8a:2b:00:d8:49:
0e:7e:1f:92:06:42:bc:6a:fe:cc:50:7d:28:16:03:34:21:a6:
45:cc:6f:5a:b4:c8:7e:3a:3f:38:7e:70:92:bf:52:0b:44:63:
f4:81:93:82:fe:35:7a:b2:4e:32:1b:11:01:ec:ed:7e:50:75:
af:4e:55:b9:67:65:55:36:76:54:06:a6:bd:6a:8e:98:63:c6:
d5:36:20:a4:5b:c6:2a:50:63:1c:8e:2f:2c:32:ba:cb:4e:be:
3d:0e:ca:40
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIECfPKMDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MGI5MGE1ZTE1OGJhMDkwOGZkYzgzY2M0MjQzZmU0MGM2ZGFiNDIzMB4XDTIyMDEw
MTA5NTkxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2IzM2U1ZmYxMzU5
NTcwNWU5Y2FmMzE5NmQzZWYxNWIwNTRkMWI4NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMkdIJzM3qSdti5Ffq80J010z4lK8FCL5gLJemAanqrjxpaM
4eEueNkXslAWkFh5rlaBdUGeeLZJ4MaccoSn5iC6WmxZn5Z+L8leJucuRg3/JU2c
qiW56mr/P1yL1hcwBfmzo7wVfHbCELGHXlRa2YOIHEzqXmYM+yJa3miS35Qmj6Pw
8l8zRZJd+T5Id4jMdZXwF655IH/UAMacHrnotLx/oB0X91+2nb32qS/Ank9C6uQi
uULHTzN/IRrzfklV6gD73e4k/vDVRMCo3PULsdBxPtRqcB3WoKeWKpn9YufSO6eB
B0e6U9SXtzQNEy1Lh4bO6e59xtcAuI6nFhHoX2MCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBQ7M+X/E1lXBenK8xltPvFbBU0bhzAfBgNVHSMEGDAWgBRQuQpeFYugkI/c
g8xCQ/5Axtq0IzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VMa0tYaFdMb0pDUDNJUE1Ra1AtUU1iYXRDTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvNzJkMjI2LWMzYjAtNDFmMy1iNGRiLTgzZmQ3MzgyZmYxMy8x
L096UGxfeE5aVndYcHl2TVpiVDd4V3dWTkc0Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
NzJkMjI2LWMzYjAtNDFmMy1iNGRiLTgzZmQ3MzgyZmYxMy8xL1VMa0tYaFdMb0pD
UDNJUE1Ra1AtUU1iYXRDTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoJvkASMA0GCSqGSIb3DQEBCwUA
A4IBAQB/Mp5RiAWYN+hwh26lV1yi+EpX3Ex4x2bFYzCJqxMwrZS/q1Jyx/q9MSFX
0Iy++InaMPLAIdwPcvDYU49EOOKdYi0mHOVY6xSxGME1YSSk6o4WZxUih6x/bI7k
tHa7mYhEHky1tErgMzit2dDKNWAR/6nzjklIFVUMiVzx1zwhpbJGi854+EKpT4Ox
Kd6NoIgNd12cnUvZnSNef2ZBiisA2EkOfh+SBkK8av7MUH0oFgM0IaZFzG9atMh+
Oj84fnCSv1ILRGP0gZOC/jV6sk4yGxEB7O1+UHWvTlW5Z2VVNnZUBqa9ao6YY8bV
NiCkW8YqUGMcji8sMrrLTr49DspA
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:09:59 2025 by rpki-client