Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/b694b8-8211-4c06-9c81-7b35397af2f7/1/zvXh2JmULYTuuJGfZa88vbAc7K8.roa
File: zvXh2JmULYTuuJGfZa88vbAc7K8.roa (raw, json)
Hash identifier: XQvzCYYY2c/DWeWDz/HVl73sGmFpwXBX4BVFr0eF6dM=
Subject key identifier: CE:F5:E1:D8:99:94:2D:84:EE:B8:91:9F:65:AF:3C:BD:B0:1C:EC:AF
Certificate issuer: /CN=a124ccdd70f3ec762cbd65e04dd6f76be236a8a7
Certificate serial: 019427B68D25B1DEA3FEA0AA0D65B735F177
Authority key identifier: A1:24:CC:DD:70:F3:EC:76:2C:BD:65:E0:4D:D6:F7:6B:E2:36:A8:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oSTM3XDz7HYsvWXgTdb3a-I2qKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/b694b8-8211-4c06-9c81-7b35397af2f7/1/zvXh2JmULYTuuJGfZa88vbAc7K8.roa
Signing time: Thu 02 Jan 2025 15:51:02 +0000
ROA not before: Thu 02 Jan 2025 15:51:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214924
IP address blocks: 2a13:aac4:f040::/44 maxlen: 60
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:8d:25:b1:de:a3:fe:a0:aa:0d:65:b7:35:f1:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a124ccdd70f3ec762cbd65e04dd6f76be236a8a7
Validity
Not Before: Jan 2 15:51:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cef5e1d899942d84eeb8919f65af3cbdb01cecaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e8:28:69:98:06:34:6d:8a:8d:2b:bb:c9:b0:
b9:50:99:2b:a6:0b:14:b3:ca:19:68:be:21:93:f0:
9b:16:b5:84:aa:26:fd:04:a4:0f:1c:83:da:f2:fb:
7a:a2:78:2f:dc:14:c2:4f:e5:db:b1:d5:99:49:b2:
de:ca:65:d3:32:67:2d:cb:3d:87:83:91:bd:fc:60:
c3:10:b1:05:b0:a9:ab:06:ee:55:f7:33:2c:76:99:
c1:51:17:7a:5b:f7:16:0b:74:19:55:ac:ff:ce:a9:
4f:83:eb:36:7c:94:8c:9a:9e:3e:e7:27:2f:6e:e6:
95:ca:7e:f6:63:7a:5f:36:59:b6:eb:7b:64:95:fb:
d3:65:9c:11:60:f7:a8:53:a9:73:87:9a:37:2a:a2:
14:76:0c:39:48:b9:66:5c:b7:b9:9b:b7:05:04:22:
99:e4:6c:b2:62:19:b6:eb:6a:50:4f:49:0d:8d:ad:
6f:ea:95:8e:59:7a:8b:f0:76:31:ec:0c:20:9b:fd:
a3:76:0b:2b:d7:1b:ad:8c:46:7c:ab:e1:71:63:7b:
dc:28:85:c0:fb:19:0d:00:8d:d2:81:5f:ef:45:6b:
a3:0e:b8:1c:eb:a8:eb:b0:af:09:9b:e4:90:ac:9d:
8b:95:1c:52:c2:94:71:05:aa:3f:6b:f3:39:aa:4d:
d3:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:F5:E1:D8:99:94:2D:84:EE:B8:91:9F:65:AF:3C:BD:B0:1C:EC:AF
X509v3 Authority Key Identifier:
keyid:A1:24:CC:DD:70:F3:EC:76:2C:BD:65:E0:4D:D6:F7:6B:E2:36:A8:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oSTM3XDz7HYsvWXgTdb3a-I2qKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/b694b8-8211-4c06-9c81-7b35397af2f7/1/zvXh2JmULYTuuJGfZa88vbAc7K8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/b694b8-8211-4c06-9c81-7b35397af2f7/1/oSTM3XDz7HYsvWXgTdb3a-I2qKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:aac4:f040::/44
Signature Algorithm: sha256WithRSAEncryption
9d:61:7d:e9:33:c0:21:b9:95:22:60:86:04:5e:3b:cd:95:ac:
ad:53:3b:d6:7f:40:a1:44:25:2f:72:b4:92:75:e7:39:8a:d9:
bd:7d:90:9a:a9:b3:7c:24:c6:b5:b6:8b:6f:b8:f1:d9:e5:9d:
96:47:f1:e6:8c:22:5f:bc:96:52:1d:73:41:ae:df:ee:20:eb:
66:98:a0:2b:b8:53:60:8d:8f:aa:bb:6e:9d:94:1f:9b:1e:6b:
0f:c8:7c:44:4e:c2:00:de:c3:5c:94:3a:0a:66:58:cd:2e:db:
42:2e:7a:a5:39:96:f2:7c:c1:e8:8b:77:66:05:9a:9a:7c:d7:
c1:d7:60:3a:10:cd:89:1e:17:21:50:2d:61:34:60:b3:dd:5d:
aa:e1:f7:c6:7c:4c:0d:21:15:3b:5f:50:18:d0:83:17:4e:fe:
f5:bc:90:29:10:d7:fe:e8:f8:31:b5:10:6f:ee:fa:67:75:55:
59:2e:ee:32:c3:1a:b2:26:ec:41:ab:ae:3d:43:ac:68:bd:f6:
1c:f9:8a:fa:0c:a1:ed:dc:57:38:be:1b:d2:01:82:be:cb:72:
0c:46:39:22:11:32:50:f1:33:ff:e8:8b:dc:30:2b:80:9f:8e:
4c:0a:d2:f5:92:2f:f2:14:6a:02:10:a6:95:3c:d9:29:3a:66:
f0:5e:52:41
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQnto0lsd6j/qCqDWW3NfF3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMjRjY2RkNzBmM2VjNzYyY2JkNjVlMDRkZDZmNzZiZTIz
NmE4YTcwHhcNMjUwMTAyMTU1MTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWY1ZTFkODk5OTQyZDg0ZWViODkxOWY2NWFmM2NiZGIwMWNlY2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOgoaZgGNG2KjSu7ybC5UJkrpgsU
s8oZaL4hk/CbFrWEqib9BKQPHIPa8vt6ongv3BTCT+XbsdWZSbLeymXTMmctyz2H
g5G9/GDDELEFsKmrBu5V9zMsdpnBURd6W/cWC3QZVaz/zqlPg+s2fJSMmp4+5ycv
buaVyn72Y3pfNlm263tklfvTZZwRYPeoU6lzh5o3KqIUdgw5SLlmXLe5m7cFBCKZ
5GyyYhm262pQT0kNja1v6pWOWXqL8HYx7Awgm/2jdgsr1xutjEZ8q+FxY3vcKIXA
+xkNAI3SgV/vRWujDrgc66jrsK8Jm+SQrJ2LlRxSwpRxBao/a/M5qk3T7QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFM714diZlC2E7riRn2WvPL2wHOyvMB8GA1UdIwQY
MBaAFKEkzN1w8+x2LL1l4E3W92viNqinMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1NUTTNYRHo3SFlzdldYZ1RkYjNhLUkycUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9iNjk0YjgtODIxMS00YzA2LTljODEt
N2IzNTM5N2FmMmY3LzEvenZYaDJKbVVMWVR1dUpHZlphODh2YkFjN0s4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9iNjk0YjgtODIxMS00YzA2LTljODEtN2IzNTM5N2FmMmY3
LzEvb1NUTTNYRHo3SFlzdldYZ1RkYjNhLUkycUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhOqxPBA
MA0GCSqGSIb3DQEBCwUAA4IBAQCdYX3pM8AhuZUiYIYEXjvNlaytUzvWf0ChRCUv
crSSdec5itm9fZCaqbN8JMa1totvuPHZ5Z2WR/HmjCJfvJZSHXNBrt/uIOtmmKAr
uFNgjY+qu26dlB+bHmsPyHxETsIA3sNclDoKZljNLttCLnqlOZbyfMHoi3dmBZqa
fNfB12A6EM2JHhchUC1hNGCz3V2q4ffGfEwNIRU7X1AY0IMXTv71vJApENf+6Pgx
tRBv7vpndVVZLu4ywxqyJuxBq649Q6xovfYc+Yr6DKHt3Fc4vhvSAYK+y3IMRjki
ETJQ8TP/6IvcMCuAn45MCtL1ki/yFGoCEKaVPNkpOmbwXlJB
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:19:19 2025 by rpki-client