Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/e92666-4526-47c1-b2ba-63728b0fa108/1/gzZahYqckgC0Uj_Nklh90nWZtP0.roa
File: gzZahYqckgC0Uj_Nklh90nWZtP0.roa (raw, json)
Hash identifier: oNQlnk2/mO4eMuiG7Nb/MiiGpF0Vc9lIJ1vyvcm+wlA=
Subject key identifier: 83:36:5A:85:8A:9C:92:00:B4:52:3F:CD:92:58:7D:D2:75:99:B4:FD
Certificate issuer: /CN=c53b229e73ce6bb196d65c0bef119560657a3720
Certificate serial: 019422FB21BEFE085E610B57B12E248BB2D9
Authority key identifier: C5:3B:22:9E:73:CE:6B:B1:96:D6:5C:0B:EF:11:95:60:65:7A:37:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xTsinnPOa7GW1lwL7xGVYGV6NyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/e92666-4526-47c1-b2ba-63728b0fa108/1/gzZahYqckgC0Uj_Nklh90nWZtP0.roa
Signing time: Wed 01 Jan 2025 17:47:50 +0000
ROA not before: Wed 01 Jan 2025 17:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201545
IP address blocks: 2a05:2340::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:21:be:fe:08:5e:61:0b:57:b1:2e:24:8b:b2:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c53b229e73ce6bb196d65c0bef119560657a3720
Validity
Not Before: Jan 1 17:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=83365a858a9c9200b4523fcd92587dd27599b4fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:e7:ac:5a:fa:a8:e7:2e:aa:76:b2:7a:d6:b2:
11:fa:fa:a7:b9:b6:15:97:98:4b:9a:f9:76:55:ef:
e1:7a:48:0b:fd:fc:11:f5:c1:86:66:3c:4e:37:ca:
2b:09:1d:7d:9e:6b:2d:0f:c0:79:93:0f:83:7a:28:
cb:7c:ae:91:c5:07:e9:12:02:80:b6:2f:a9:c0:c8:
f4:f9:b5:ba:6d:80:98:6a:b9:c6:8a:08:cf:23:40:
4f:fd:cf:b0:e3:31:f5:db:46:04:bf:f2:eb:4c:52:
0a:00:a7:92:71:13:a8:fc:62:81:3d:67:4d:ca:af:
97:3a:a3:3f:d5:67:39:f3:ee:d0:c4:af:4a:43:2b:
30:d1:97:0c:d3:25:c4:1b:3e:3d:4d:69:41:93:05:
8c:53:10:3a:88:15:d2:82:c7:42:41:b9:7d:2f:a3:
ab:20:0e:63:22:25:d9:fd:a7:b8:f7:0d:f6:17:58:
a1:13:db:6d:ee:57:dc:39:39:16:9e:bb:62:ac:84:
a6:52:5d:0b:10:5c:bb:c5:bb:25:f8:cc:7d:28:a7:
f5:eb:d6:33:30:18:d0:70:26:92:90:27:d3:8f:15:
91:2f:94:82:2b:d7:9d:f6:20:fe:f5:c4:a0:cc:05:
42:9c:e5:ff:3a:cc:16:c6:43:48:aa:82:dd:76:dc:
4a:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:36:5A:85:8A:9C:92:00:B4:52:3F:CD:92:58:7D:D2:75:99:B4:FD
X509v3 Authority Key Identifier:
keyid:C5:3B:22:9E:73:CE:6B:B1:96:D6:5C:0B:EF:11:95:60:65:7A:37:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xTsinnPOa7GW1lwL7xGVYGV6NyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/e92666-4526-47c1-b2ba-63728b0fa108/1/gzZahYqckgC0Uj_Nklh90nWZtP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/e92666-4526-47c1-b2ba-63728b0fa108/1/xTsinnPOa7GW1lwL7xGVYGV6NyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:2340::/32
Signature Algorithm: sha256WithRSAEncryption
24:23:4d:b1:c9:be:5a:cb:bb:49:24:7f:83:10:5f:97:83:27:
78:85:7b:e5:f2:01:a4:10:82:2e:03:ce:33:47:58:2f:be:66:
59:ab:54:11:3d:dd:be:43:07:d0:4b:27:93:c3:b9:02:01:a4:
d3:77:94:ea:9b:67:e3:b1:70:7b:ad:bf:85:fa:64:0b:5a:a8:
d8:77:66:68:90:4b:07:61:cb:e9:ef:f6:57:13:25:24:5d:0a:
2c:6b:dd:a7:9a:06:40:4c:6b:8f:ef:dd:f7:d8:64:b3:07:ac:
64:02:4b:e9:eb:e7:f9:a8:aa:d9:1b:51:bf:56:10:b5:ba:0e:
9d:39:36:93:5a:fe:b7:0b:d0:35:d4:bd:85:56:db:dd:d6:19:
44:e8:b0:c9:9e:08:cb:05:99:e8:c1:ec:31:af:27:dc:da:52:
41:8a:97:d6:e8:93:2e:58:0a:14:7d:17:45:e8:18:c0:02:03:
54:2f:33:f5:fa:e4:d6:55:78:81:0b:c9:e7:1a:67:e9:83:0b:
7e:da:2e:ae:8d:85:6e:e2:65:d6:f4:30:05:5c:6b:7f:21:b3:
76:35:32:e7:e0:90:1f:77:f7:01:59:5c:11:84:91:77:21:cf:
09:95:7f:3e:91:31:70:b2:11:b8:dd:b9:ed:a4:00:63:aa:70:
7b:87:12:93
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQi+yG+/gheYQtXsS4ki7LZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1M2IyMjllNzNjZTZiYjE5NmQ2NWMwYmVmMTE5NTYwNjU3
YTM3MjAwHhcNMjUwMTAxMTc0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzM2NWE4NThhOWM5MjAwYjQ1MjNmY2Q5MjU4N2RkMjc1OTliNGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1uesWvqo5y6qdrJ61rIR+vqnubYV
l5hLmvl2Ve/hekgL/fwR9cGGZjxON8orCR19nmstD8B5kw+DeijLfK6RxQfpEgKA
ti+pwMj0+bW6bYCYarnGigjPI0BP/c+w4zH120YEv/LrTFIKAKeScROo/GKBPWdN
yq+XOqM/1Wc58+7QxK9KQysw0ZcM0yXEGz49TWlBkwWMUxA6iBXSgsdCQbl9L6Or
IA5jIiXZ/ae49w32F1ihE9tt7lfcOTkWnrtirISmUl0LEFy7xbsl+Mx9KKf169Yz
MBjQcCaSkCfTjxWRL5SCK9ed9iD+9cSgzAVCnOX/OswWxkNIqoLddtxK6QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIM2WoWKnJIAtFI/zZJYfdJ1mbT9MB8GA1UdIwQY
MBaAFMU7Ip5zzmuxltZcC+8RlWBlejcgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFRzaW5uUE9hN0dXMWx3TDd4R1ZZR1Y2TnlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9lOTI2NjYtNDUyNi00N2MxLWIyYmEt
NjM3MjhiMGZhMTA4LzEvZ3paYWhZcWNrZ0MwVWpfTmtsaDkwbldadFAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9lOTI2NjYtNDUyNi00N2MxLWIyYmEtNjM3MjhiMGZhMTA4
LzEveFRzaW5uUE9hN0dXMWx3TDd4R1ZZR1Y2TnlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgUjQDAN
BgkqhkiG9w0BAQsFAAOCAQEAJCNNscm+Wsu7SSR/gxBfl4MneIV75fIBpBCCLgPO
M0dYL75mWatUET3dvkMH0Esnk8O5AgGk03eU6ptn47Fwe62/hfpkC1qo2HdmaJBL
B2HL6e/2VxMlJF0KLGvdp5oGQExrj+/d99hkswesZAJL6evn+aiq2RtRv1YQtboO
nTk2k1r+twvQNdS9hVbb3dYZROiwyZ4IywWZ6MHsMa8n3NpSQYqX1uiTLlgKFH0X
RegYwAIDVC8z9frk1lV4gQvJ5xpn6YMLftouro2FbuJl1vQwBVxrfyGzdjUy5+CQ
H3f3AVlcEYSRdyHPCZV/PpExcLIRuN257aQAY6pwe4cSkw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:03:23 2025 by rpki-client