Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/zTpcEm0c5qyWV8kaMxaycOIHNiA.roa
File: zTpcEm0c5qyWV8kaMxaycOIHNiA.roa (raw, json)
Hash identifier: Z8Kn1TX8eKLa2Gi/++TgVwd87J6hbYR+jmiRrR5aZz4=
Subject key identifier: CD:3A:5C:12:6D:1C:E6:AC:96:57:C9:1A:33:16:B2:70:E2:07:36:20
Certificate issuer: /CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Certificate serial: 0194266C2605C22CB727FADB202C608769B9
Authority key identifier: 88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/zTpcEm0c5qyWV8kaMxaycOIHNiA.roa
Signing time: Thu 02 Jan 2025 09:50:09 +0000
ROA not before: Thu 02 Jan 2025 09:50:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197619
IP address blocks: 2a05:f300::/29 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:26:05:c2:2c:b7:27:fa:db:20:2c:60:87:69:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Validity
Not Before: Jan 2 09:50:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd3a5c126d1ce6ac9657c91a3316b270e2073620
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:2b:d6:16:89:4a:a6:bd:da:c1:8f:12:9a:38:
ea:7d:64:0b:d6:ba:a9:74:64:cc:d5:ad:71:d8:0f:
ef:ed:9e:f9:9c:d3:16:36:fb:e3:73:c9:aa:56:60:
d2:7b:f4:1e:f9:5d:9e:8a:d8:b8:c2:ad:13:08:ec:
0e:6b:2a:fa:17:40:5a:38:3a:af:b9:3d:c8:25:75:
72:e2:73:5c:39:a0:29:f5:40:c4:ab:fb:18:41:de:
61:ee:47:a8:f7:ef:79:c9:e0:4f:07:e9:21:64:76:
e6:4c:61:e1:80:47:72:c5:e1:a4:ee:7f:65:07:2c:
06:63:60:4a:bc:d9:0b:8f:16:9c:be:02:5d:20:cd:
cd:cc:ee:95:79:9a:96:9f:2f:70:8f:c3:82:32:9c:
9d:15:b6:00:f2:4d:98:aa:3e:ff:c8:4b:bb:16:30:
c0:81:d5:d7:ce:e4:09:39:0e:76:e2:bc:7e:ec:63:
4f:ce:bd:e4:c9:60:46:e0:d1:48:cd:fc:dd:78:52:
77:cd:e5:03:45:eb:ed:8b:64:47:d4:74:1d:77:67:
6f:32:c1:d4:79:13:3b:3d:6e:b0:33:ce:36:7e:02:
18:55:c0:68:50:46:f5:77:ef:09:92:a3:e6:a3:ee:
6e:2d:c6:8c:33:10:4d:ac:99:9c:72:bd:14:7a:57:
ae:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:3A:5C:12:6D:1C:E6:AC:96:57:C9:1A:33:16:B2:70:E2:07:36:20
X509v3 Authority Key Identifier:
keyid:88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/zTpcEm0c5qyWV8kaMxaycOIHNiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:f300::/29
Signature Algorithm: sha256WithRSAEncryption
76:e6:44:07:04:ea:da:e1:e5:8f:cc:4d:3f:99:36:08:08:c1:
52:44:d9:8d:a4:bd:9f:bf:db:8b:de:7b:15:0e:19:20:48:a2:
40:9e:0a:0d:34:c9:0f:4b:6e:cc:7a:cb:9f:7a:7b:d0:54:a4:
80:e0:86:be:b7:e2:e3:36:4b:0f:ed:5e:a8:8f:2d:6a:10:0e:
e2:fd:9c:6d:05:29:b9:55:05:4d:ac:d4:7c:e4:e9:09:9d:c5:
54:31:2d:cc:75:8b:00:0c:f9:cf:57:1d:e0:9e:41:dc:e4:db:
84:59:26:8e:eb:40:69:83:bd:35:88:64:04:f4:49:d4:71:a0:
ef:aa:74:dc:bb:fe:de:64:e6:55:82:d6:78:65:06:ea:3d:db:
79:33:74:d9:b5:1b:14:6e:53:d5:80:89:57:78:30:7f:c8:57:
a5:60:d9:01:0a:5a:da:26:51:6a:df:8f:16:39:8c:58:dd:dd:
2f:31:64:78:af:3c:3b:47:ae:88:ba:ee:c2:01:05:05:0f:fa:
6f:24:b8:6c:eb:c0:d0:c0:7d:4b:45:b3:eb:85:d1:83:71:88:
a9:80:b3:5c:c4:1e:48:6f:a2:be:cb:95:14:20:fd:53:f3:98:
9e:b7:59:3e:8c:04:2a:ff:d8:07:4d:e8:8c:c6:42:83:25:15:
6f:c3:20:b6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQmbCYFwiy3J/rbICxgh2m5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YjIxM2JmMTYyNzU0OGVmZGZiMWIyZTI2NDViYWFmMWQ5
ODNhYTAwHhcNMjUwMTAyMDk1MDA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDNhNWMxMjZkMWNlNmFjOTY1N2M5MWEzMzE2YjI3MGUyMDczNjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnivWFolKpr3awY8SmjjqfWQL1rqp
dGTM1a1x2A/v7Z75nNMWNvvjc8mqVmDSe/Qe+V2eiti4wq0TCOwOayr6F0BaODqv
uT3IJXVy4nNcOaAp9UDEq/sYQd5h7keo9+95yeBPB+khZHbmTGHhgEdyxeGk7n9l
BywGY2BKvNkLjxacvgJdIM3NzO6VeZqWny9wj8OCMpydFbYA8k2Yqj7/yEu7FjDA
gdXXzuQJOQ524rx+7GNPzr3kyWBG4NFIzfzdeFJ3zeUDRevti2RH1HQdd2dvMsHU
eRM7PW6wM842fgIYVcBoUEb1d+8JkqPmo+5uLcaMMxBNrJmccr0Ueleu4QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFM06XBJtHOasllfJGjMWsnDiBzYgMB8GA1UdIwQY
MBaAFIiyE78WJ1SO/fsbLiZFuq8dmDqgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2Ut
NzI3MzVlMTE4ZDUxLzEvelRwY0VtMGM1cXlXVjhrYU14YXljT0lITmlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2UtNzI3MzVlMTE4ZDUx
LzEvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgXzADAN
BgkqhkiG9w0BAQsFAAOCAQEAduZEBwTq2uHlj8xNP5k2CAjBUkTZjaS9n7/bi957
FQ4ZIEiiQJ4KDTTJD0tuzHrLn3p70FSkgOCGvrfi4zZLD+1eqI8tahAO4v2cbQUp
uVUFTazUfOTpCZ3FVDEtzHWLAAz5z1cd4J5B3OTbhFkmjutAaYO9NYhkBPRJ1HGg
76p03Lv+3mTmVYLWeGUG6j3beTN02bUbFG5T1YCJV3gwf8hXpWDZAQpa2iZRat+P
FjmMWN3dLzFkeK88O0euiLruwgEFBQ/6byS4bOvA0MB9S0Wz64XRg3GIqYCzXMQe
SG+ivsuVFCD9U/OYnrdZPowEKv/YB03ojMZCgyUVb8Mgtg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:54:30 2025 by rpki-client