Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/o_IvgBnOjTy1j7d72GzK6oM4hfw.roa
File: o_IvgBnOjTy1j7d72GzK6oM4hfw.roa (raw, json)
Hash identifier: YBqaZ6LWvVycNbV8oafe8kViFmPnqTKuZYSmWMyAc/4=
Subject key identifier: A3:F2:2F:80:19:CE:8D:3C:B5:8F:B7:7B:D8:6C:CA:EA:83:38:85:FC
Certificate issuer: /CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Certificate serial: 019421B21DB081050F368DDDA315F3E994C6
Authority key identifier: 5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/o_IvgBnOjTy1j7d72GzK6oM4hfw.roa
Signing time: Wed 01 Jan 2025 11:48:28 +0000
ROA not before: Wed 01 Jan 2025 11:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2546
IP address blocks: 2001:648:2120::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:1d:b0:81:05:0f:36:8d:dd:a3:15:f3:e9:94:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Validity
Not Before: Jan 1 11:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a3f22f8019ce8d3cb58fb77bd86ccaea833885fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d7:21:27:34:8f:3b:5e:4b:4f:7b:f2:d1:21:
79:78:4d:7b:94:06:32:70:03:e7:89:b5:a0:5d:b1:
24:47:c7:8b:86:f8:ca:14:5d:19:c2:97:ce:dc:78:
5a:3f:6c:06:16:c5:1d:c2:a4:ed:6f:ae:00:9f:45:
66:f9:6c:53:1a:e4:4b:28:2b:00:4c:37:a9:95:6c:
3d:49:1f:b2:08:96:79:5f:dd:9e:56:19:e0:ef:de:
07:cd:ce:30:a1:6e:bb:5c:83:dc:ee:80:54:0a:05:
fa:e0:ef:b3:c3:40:f3:26:2e:16:1a:a7:49:9c:b9:
3f:f3:9e:56:d6:68:a3:29:46:e0:f6:13:ea:d3:12:
9b:3b:42:3e:da:21:14:ac:03:d1:e2:8a:fb:fd:f0:
a6:71:84:f1:78:f3:d5:60:66:f0:88:a3:d9:97:c2:
65:34:46:46:9a:0a:77:51:b8:a2:8a:b8:2b:a7:5c:
ce:73:4c:20:d0:2a:70:9e:ad:f5:db:39:2a:0a:ef:
f8:23:1f:67:a4:da:b3:15:3a:98:38:d3:30:7f:3b:
1a:ca:38:dd:92:21:e3:03:2b:09:f6:41:6a:45:d0:
fd:b0:94:35:58:ba:c8:e1:22:c2:52:20:1e:98:b6:
f8:08:5a:48:ed:d1:07:26:40:c3:9e:33:35:29:d5:
04:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:F2:2F:80:19:CE:8D:3C:B5:8F:B7:7B:D8:6C:CA:EA:83:38:85:FC
X509v3 Authority Key Identifier:
keyid:5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/o_IvgBnOjTy1j7d72GzK6oM4hfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:648:2120::/48
Signature Algorithm: sha256WithRSAEncryption
22:22:98:50:a0:a8:48:6e:42:55:d8:a4:a8:c4:e6:2b:9a:a4:
5a:1e:ac:5d:1c:4a:85:62:6b:96:32:41:ab:d5:50:6d:c2:c9:
6b:20:03:ea:87:5f:28:c3:a1:7c:4f:62:e5:a0:9a:7d:87:c0:
4d:3f:b4:7d:9f:29:b7:04:b5:f0:9d:12:62:5a:bd:83:91:01:
05:a2:19:6c:c0:83:1e:de:c3:7a:d9:0e:7d:3f:91:1f:24:f0:
38:45:bc:e9:51:80:71:33:9e:ba:f2:ee:02:35:72:65:58:64:
52:43:b1:f2:6e:0a:e7:ce:18:04:16:d6:f8:b6:f8:95:1c:b4:
ef:50:f5:63:72:6e:d3:09:82:72:35:5b:5a:29:ab:09:98:ed:
e1:bb:e0:26:78:a6:a3:02:30:d9:5b:be:49:8c:97:02:78:51:
54:f0:a8:dc:8c:cc:42:fe:1f:5b:36:9a:f8:7c:54:66:bb:9a:
e4:ba:13:af:b0:02:67:f5:11:1f:f2:13:cc:4c:50:47:03:e7:
61:97:9d:5e:5e:b4:36:84:f8:fe:85:5f:ee:a7:5e:e2:7b:eb:
02:09:ef:7c:80:3d:ff:6b:81:40:7e:da:2e:0a:67:71:ea:a5:
69:dc:8e:d7:95:9b:02:9a:09:55:e1:a7:6b:b1:8a:a2:d8:23:
4f:75:0a:9d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQhsh2wgQUPNo3doxXz6ZTGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNmY5Mjk1NTIxZGYzMGExNThmNTA2YmE3Y2I4NzNhYjk1
MjlkYzMwHhcNMjUwMTAxMTE0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2YyMmY4MDE5Y2U4ZDNjYjU4ZmI3N2JkODZjY2FlYTgzMzg4NWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNchJzSPO15LT3vy0SF5eE17lAYy
cAPnibWgXbEkR8eLhvjKFF0ZwpfO3HhaP2wGFsUdwqTtb64An0Vm+WxTGuRLKCsA
TDeplWw9SR+yCJZ5X92eVhng794Hzc4woW67XIPc7oBUCgX64O+zw0DzJi4WGqdJ
nLk/855W1mijKUbg9hPq0xKbO0I+2iEUrAPR4or7/fCmcYTxePPVYGbwiKPZl8Jl
NEZGmgp3Ubiiirgrp1zOc0wg0Cpwnq312zkqCu/4Ix9npNqzFTqYONMwfzsayjjd
kiHjAysJ9kFqRdD9sJQ1WLrI4SLCUiAemLb4CFpI7dEHJkDDnjM1KdUEWwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKPyL4AZzo08tY+3e9hsyuqDOIX8MB8GA1UdIwQY
MBaAFFpvkpVSHfMKFY9Qa6fLhzq5Up3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2Ut
YWFhNDU1M2QyYWJkLzEvb19JdmdCbk9qVHkxajdkNzJHeks2b000aGZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2UtYWFhNDU1M2QyYWJk
LzEvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGSCEg
MA0GCSqGSIb3DQEBCwUAA4IBAQAiIphQoKhIbkJV2KSoxOYrmqRaHqxdHEqFYmuW
MkGr1VBtwslrIAPqh18ow6F8T2LloJp9h8BNP7R9nym3BLXwnRJiWr2DkQEFohls
wIMe3sN62Q59P5EfJPA4RbzpUYBxM5668u4CNXJlWGRSQ7HybgrnzhgEFtb4tviV
HLTvUPVjcm7TCYJyNVtaKasJmO3hu+AmeKajAjDZW75JjJcCeFFU8KjcjMxC/h9b
Npr4fFRmu5rkuhOvsAJn9REf8hPMTFBHA+dhl51eXrQ2hPj+hV/up17ie+sCCe98
gD3/a4FAftouCmdx6qVp3I7XlZsCmglV4adrsYqi2CNPdQqd
-----END CERTIFICATE-----
Generated at Mon Apr 28 17:57:40 2025 by rpki-client