Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/dc3491-c699-42b5-90a7-cc7e9ab09fb8/1/ZmF3lPkl3dsARIFpHN7vz5QHbFs.roa
File: ZmF3lPkl3dsARIFpHN7vz5QHbFs.roa (raw, json)
Hash identifier: ukfiioKav9S2J4a6qVoPDRL9RQGgYfvHu1FXDGi1Nzg=
Subject key identifier: 66:61:77:94:F9:25:DD:DB:00:44:81:69:1C:DE:EF:CF:94:07:6C:5B
Certificate issuer: /CN=b5c288e963e0e9f82d1c6a7fd84ec5aa340aba8f
Certificate serial: 019423D7F0998FECF03ABF74C39F49B042E5
Authority key identifier: B5:C2:88:E9:63:E0:E9:F8:2D:1C:6A:7F:D8:4E:C5:AA:34:0A:BA:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tcKI6WPg6fgtHGp_2E7FqjQKuo8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/dc3491-c699-42b5-90a7-cc7e9ab09fb8/1/ZmF3lPkl3dsARIFpHN7vz5QHbFs.roa
Signing time: Wed 01 Jan 2025 21:49:01 +0000
ROA not before: Wed 01 Jan 2025 21:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215295
IP address blocks: 2001:67c:f90::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:f0:99:8f:ec:f0:3a:bf:74:c3:9f:49:b0:42:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5c288e963e0e9f82d1c6a7fd84ec5aa340aba8f
Validity
Not Before: Jan 1 21:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=66617794f925dddb004481691cdeefcf94076c5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:eb:5d:7f:33:14:61:36:eb:9a:86:0f:2a:33:
24:93:a9:2b:01:0e:76:fd:08:46:d4:48:de:f4:15:
b3:80:0c:26:7e:76:29:75:4b:34:02:87:18:34:66:
e5:b2:0f:9e:99:96:8d:1f:e5:b4:5c:fa:61:9b:0c:
65:6a:34:d3:d0:a5:51:5b:bf:01:75:17:e2:1c:d5:
b9:f1:f9:4b:a1:10:3d:58:95:24:14:25:06:6f:08:
fa:c7:ba:f2:e1:34:3e:c0:22:23:5e:ec:7f:f8:fd:
40:d3:65:bf:17:30:9f:e0:fd:e7:35:c2:49:c5:d5:
d1:4a:43:71:09:ea:cb:d2:0f:27:0c:2e:43:c9:80:
64:2a:f1:bb:1e:ca:8d:f5:f1:ff:d8:f7:c0:43:17:
b5:56:14:b0:fa:a1:56:6d:50:a9:13:cb:52:22:0a:
c5:3e:37:92:97:ad:8f:05:ab:f8:d2:fb:eb:16:ff:
7b:ea:58:06:e1:40:12:69:12:40:13:a7:66:82:0c:
98:9a:d3:60:d8:da:b0:a5:22:79:fb:74:cd:b8:fc:
02:a6:e0:83:32:60:9c:b8:0a:8a:23:5b:12:f4:8d:
2f:93:62:6b:05:9a:c1:0a:00:4a:be:e3:b4:26:3b:
3d:ab:37:42:da:62:dd:68:13:43:0b:ad:15:cc:f1:
7e:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:61:77:94:F9:25:DD:DB:00:44:81:69:1C:DE:EF:CF:94:07:6C:5B
X509v3 Authority Key Identifier:
keyid:B5:C2:88:E9:63:E0:E9:F8:2D:1C:6A:7F:D8:4E:C5:AA:34:0A:BA:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tcKI6WPg6fgtHGp_2E7FqjQKuo8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/dc3491-c699-42b5-90a7-cc7e9ab09fb8/1/ZmF3lPkl3dsARIFpHN7vz5QHbFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/dc3491-c699-42b5-90a7-cc7e9ab09fb8/1/tcKI6WPg6fgtHGp_2E7FqjQKuo8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:f90::/48
Signature Algorithm: sha256WithRSAEncryption
62:8b:8e:de:a9:41:af:62:f0:60:78:95:d8:b5:d4:95:53:3e:
8d:e6:75:00:93:16:97:3b:54:53:25:fd:49:38:51:f2:bb:09:
d5:02:1a:ce:7e:46:bf:31:03:bb:ba:5d:a7:89:a0:5d:33:12:
79:8c:53:82:cb:2c:2c:dc:95:a8:17:06:81:14:6c:0f:46:fa:
b7:4f:30:c9:57:90:5c:cc:7c:72:ab:b5:c4:0e:74:44:17:10:
8d:9f:03:1c:96:25:ef:51:47:74:3c:d8:12:98:4b:f6:1a:59:
dc:2c:14:89:a2:42:54:10:c9:19:d3:01:c9:26:c3:2b:44:af:
c5:83:3b:6e:75:e3:7b:fd:e5:a3:ff:e1:86:35:98:8f:f0:56:
2e:4f:2c:58:e8:a8:e8:1e:9b:9f:e4:d3:87:5c:8c:de:ba:53:
6a:fd:3e:8b:5c:55:b2:59:93:a5:00:66:95:6b:8d:f2:12:94:
e1:49:fb:84:cc:d2:44:ef:a9:d9:62:f6:0f:a5:9f:53:fc:ed:
5d:39:b9:cf:24:8d:9c:f3:52:6e:da:22:79:fd:29:56:62:00:
9d:6b:be:d7:88:b9:a9:ca:8e:f9:5a:3f:0d:d9:b3:84:3d:20:
98:56:3e:de:e6:47:8f:b9:26:14:5d:22:87:02:e7:48:1f:78:
c4:8d:76:da
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQj1/CZj+zwOr90w59JsELlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1YzI4OGU5NjNlMGU5ZjgyZDFjNmE3ZmQ4NGVjNWFhMzQw
YWJhOGYwHhcNMjUwMTAxMjE0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjYxNzc5NGY5MjVkZGRiMDA0NDgxNjkxY2RlZWZjZjk0MDc2YzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAputdfzMUYTbrmoYPKjMkk6krAQ52
/QhG1Eje9BWzgAwmfnYpdUs0AocYNGblsg+emZaNH+W0XPphmwxlajTT0KVRW78B
dRfiHNW58flLoRA9WJUkFCUGbwj6x7ry4TQ+wCIjXux/+P1A02W/FzCf4P3nNcJJ
xdXRSkNxCerL0g8nDC5DyYBkKvG7HsqN9fH/2PfAQxe1VhSw+qFWbVCpE8tSIgrF
PjeSl62PBav40vvrFv976lgG4UASaRJAE6dmggyYmtNg2NqwpSJ5+3TNuPwCpuCD
MmCcuAqKI1sS9I0vk2JrBZrBCgBKvuO0Jjs9qzdC2mLdaBNDC60VzPF+1QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGZhd5T5Jd3bAESBaRze78+UB2xbMB8GA1UdIwQY
MBaAFLXCiOlj4On4LRxqf9hOxao0CrqPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGNLSTZXUGc2Zmd0SEdwXzJFN0ZxalFLdW84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kYzM0OTEtYzY5OS00MmI1LTkwYTct
Y2M3ZTlhYjA5ZmI4LzEvWm1GM2xQa2wzZHNBUklGcEhON3Z6NVFIYkZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kYzM0OTEtYzY5OS00MmI1LTkwYTctY2M3ZTlhYjA5ZmI4
LzEvdGNLSTZXUGc2Zmd0SEdwXzJFN0ZxalFLdW84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfA+Q
MA0GCSqGSIb3DQEBCwUAA4IBAQBii47eqUGvYvBgeJXYtdSVUz6N5nUAkxaXO1RT
Jf1JOFHyuwnVAhrOfka/MQO7ul2niaBdMxJ5jFOCyyws3JWoFwaBFGwPRvq3TzDJ
V5BczHxyq7XEDnREFxCNnwMcliXvUUd0PNgSmEv2GlncLBSJokJUEMkZ0wHJJsMr
RK/FgztudeN7/eWj/+GGNZiP8FYuTyxY6KjoHpuf5NOHXIzeulNq/T6LXFWyWZOl
AGaVa43yEpThSfuEzNJE76nZYvYPpZ9T/O1dObnPJI2c81Ju2iJ5/SlWYgCda77X
iLmpyo75Wj8N2bOEPSCYVj7e5kePuSYUXSKHAudIH3jEjXba
-----END CERTIFICATE-----
Generated at Sun Apr 27 07:24:43 2025 by rpki-client