Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/zvaM0ZxsUoPqJAw0GiRxnD9YoLk.roa
File: zvaM0ZxsUoPqJAw0GiRxnD9YoLk.roa (raw, json)
Hash identifier: mXZ190uCfKwlHoJKxF81PXwGCV1kTniQu2AVslMoNLY=
Subject key identifier: CE:F6:8C:D1:9C:6C:52:83:EA:24:0C:34:1A:24:71:9C:3F:58:A0:B9
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 018BD78063A1F7C5CFFE58C3941434A3A7B1
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/zvaM0ZxsUoPqJAw0GiRxnD9YoLk.roa
Signing time: Thu 16 Nov 2023 09:39:57 +0000
ROA not before: Thu 16 Nov 2023 09:39:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24750
IP address blocks: 2a05:4c00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d7:80:63:a1:f7:c5:cf:fe:58:c3:94:14:34:a3:a7:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Nov 16 09:39:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cef68cd19c6c5283ea240c341a24719c3f58a0b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ea:51:3b:78:f7:99:76:0d:d2:7e:ea:eb:60:
35:9d:18:e2:b7:f2:9a:48:a3:45:15:c5:71:0b:48:
3a:e8:e4:be:92:1c:58:c5:6d:eb:73:b2:bc:9c:b1:
23:22:0e:6a:7d:82:7f:1f:dd:ac:42:1f:d5:76:18:
f1:7e:a9:97:fe:d6:e8:36:62:e5:b0:51:e5:f1:27:
5f:b6:64:7e:0c:58:c8:b2:bd:6c:ec:54:66:55:40:
32:48:6f:b1:8f:18:66:28:4b:6e:b7:b0:da:81:b4:
44:ba:b3:d2:27:77:0c:cf:b9:db:3c:c8:df:b2:ae:
63:42:7e:18:71:6d:d1:4c:b8:d7:58:a1:a3:59:b9:
0b:1c:84:d9:4e:5a:d6:1d:b1:64:55:91:5f:24:d1:
3f:bd:cf:3d:73:42:5d:cd:c7:14:54:aa:34:8a:bf:
5a:98:a8:4d:e4:ba:37:c4:6c:75:cb:86:04:dc:0c:
76:93:e7:4b:99:a5:f6:00:30:c4:05:00:29:76:37:
ff:a7:ee:ce:67:9c:6f:69:d3:32:46:c4:e2:ab:20:
ce:f7:ab:7d:b6:94:04:f4:a3:3b:61:06:00:0e:34:
bf:84:a9:b9:7f:53:fc:fb:cb:06:49:d5:79:d3:0b:
e5:67:e8:29:c1:15:98:3b:9d:3a:8b:6d:63:e8:48:
86:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:F6:8C:D1:9C:6C:52:83:EA:24:0C:34:1A:24:71:9C:3F:58:A0:B9
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/zvaM0ZxsUoPqJAw0GiRxnD9YoLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:4c00::/29
Signature Algorithm: sha256WithRSAEncryption
63:ca:2f:db:be:55:83:39:b2:66:03:b2:1d:c0:c0:b4:41:80:
6f:cf:01:38:44:96:54:c9:42:af:3d:fc:31:93:77:d8:91:35:
a4:00:e0:e5:22:76:d8:34:f4:54:62:bf:80:18:86:55:27:59:
9f:0f:3c:03:5e:44:35:f0:50:bf:77:e1:bb:96:3b:a6:f9:6b:
7b:cb:b4:5d:c9:cf:1e:50:d8:39:0f:26:fa:d4:95:a9:85:69:
ba:69:93:ba:b7:54:c6:c5:75:88:fc:f7:fe:af:54:6b:74:d8:
f7:f9:de:a2:8a:98:46:18:3d:44:c8:5f:e6:09:ec:6f:c1:e2:
66:7f:89:2a:c7:78:e5:08:d5:9f:b9:67:87:f7:d7:26:31:9c:
b8:0e:ef:02:95:e4:16:b4:0b:ee:b8:50:ad:8c:2e:2b:c2:f7:
40:78:36:f7:6a:54:de:c8:2d:a5:c7:4c:8e:db:ef:64:f3:3f:
02:8b:69:ee:45:7e:8c:5f:e5:fd:0f:5a:6d:4f:92:1f:b9:5e:
dd:11:66:ec:7a:19:16:f7:1b:2e:4e:28:53:75:b6:eb:0d:ec:
74:2d:11:69:ca:0a:53:82:f7:35:63:03:f5:3f:f4:92:50:1e:
59:1b:0e:2c:f1:3c:6d:94:4f:97:a6:a8:ad:9e:4d:2a:eb:d3:
bf:58:d2:2c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYvXgGOh98XP/ljDlBQ0o6exMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjMxMTE2MDkzOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWY2OGNkMTljNmM1MjgzZWEyNDBjMzQxYTI0NzE5YzNmNThhMGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1epRO3j3mXYN0n7q62A1nRjit/Ka
SKNFFcVxC0g66OS+khxYxW3rc7K8nLEjIg5qfYJ/H92sQh/VdhjxfqmX/tboNmLl
sFHl8SdftmR+DFjIsr1s7FRmVUAySG+xjxhmKEtut7DagbREurPSJ3cMz7nbPMjf
sq5jQn4YcW3RTLjXWKGjWbkLHITZTlrWHbFkVZFfJNE/vc89c0JdzccUVKo0ir9a
mKhN5Lo3xGx1y4YE3Ax2k+dLmaX2ADDEBQApdjf/p+7OZ5xvadMyRsTiqyDO96t9
tpQE9KM7YQYADjS/hKm5f1P8+8sGSdV50wvlZ+gpwRWYO506i21j6EiGOwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFM72jNGcbFKD6iQMNBokcZw/WKC5MB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvenZhTTBaeHNVb1BxSkF3MEdpUnhuRDlZb0xrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgVMADAN
BgkqhkiG9w0BAQsFAAOCAQEAY8ov275VgzmyZgOyHcDAtEGAb88BOESWVMlCrz38
MZN32JE1pADg5SJ22DT0VGK/gBiGVSdZnw88A15ENfBQv3fhu5Y7pvlre8u0XcnP
HlDYOQ8m+tSVqYVpummTurdUxsV1iPz3/q9Ua3TY9/neooqYRhg9RMhf5gnsb8Hi
Zn+JKsd45QjVn7lnh/fXJjGcuA7vApXkFrQL7rhQrYwuK8L3QHg292pU3sgtpcdM
jtvvZPM/Aotp7kV+jF/l/Q9abU+SH7le3RFm7HoZFvcbLk4oU3W26w3sdC0RacoK
U4L3NWMD9T/0klAeWRsOLPE8bZRPl6aorZ5NKuvTv1jSLA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:24 2025 by rpki-client