Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/dzgPMpnfibC1YutDFb9cRnpQgMI.roa
File: dzgPMpnfibC1YutDFb9cRnpQgMI.roa (raw, json)
Hash identifier: K7ZmzzZrLRs3d/7/pDEA+9sKsS2UnBWudXaJPrkjbB0=
Subject key identifier: 77:38:0F:32:99:DF:89:B0:B5:62:EB:43:15:BF:5C:46:7A:50:80:C2
Certificate issuer: /CN=73c69d04583500c5ef81136831237593e0bb86ce
Certificate serial: 01942746294B13993EDB47BBE098FEAEFCA4
Authority key identifier: 73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/dzgPMpnfibC1YutDFb9cRnpQgMI.roa
Signing time: Thu 02 Jan 2025 13:48:16 +0000
ROA not before: Thu 02 Jan 2025 13:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 32167
IP address blocks: 2a0d:2683::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:46:29:4b:13:99:3e:db:47:bb:e0:98:fe:ae:fc:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73c69d04583500c5ef81136831237593e0bb86ce
Validity
Not Before: Jan 2 13:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=77380f3299df89b0b562eb4315bf5c467a5080c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b5:78:23:fa:ba:35:4f:2e:2f:f4:88:6e:aa:
15:a2:2f:f4:25:6f:07:52:fb:b5:66:f9:64:79:80:
cd:30:00:b7:e6:8e:33:5b:3e:ad:ca:10:59:a2:b4:
57:ca:2e:fb:5e:2d:68:e3:41:d4:01:19:03:97:ea:
7f:76:b0:d5:cc:dd:c9:eb:96:4a:88:5e:65:ee:a7:
d7:f1:57:fa:92:07:2b:70:13:85:95:55:11:46:cf:
d5:57:fa:82:db:27:14:dd:9b:2a:c0:7a:a1:c5:98:
3a:02:02:37:85:8b:14:e0:94:3e:08:52:15:05:64:
30:56:44:2b:cb:28:f2:52:c2:35:d0:a9:c7:56:8a:
d7:6d:10:7a:fd:57:fc:8f:ae:f5:01:32:72:1f:ac:
59:1a:5e:84:50:f7:04:13:b9:73:c0:b0:28:75:48:
48:30:77:f5:9c:07:ce:16:a8:69:e3:a5:64:3c:a7:
aa:1e:75:cf:0d:9a:35:1b:3a:67:5e:df:59:e0:b7:
6c:cb:83:13:64:9d:a4:ac:32:5d:3d:c2:2d:0d:b4:
d6:b5:93:80:53:af:39:e2:85:c4:c3:a7:8d:85:c6:
89:44:b7:91:8a:5b:58:31:cc:f7:83:48:2e:36:ab:
eb:18:b9:86:e8:a8:ce:e2:7b:dd:62:60:93:3e:fb:
8f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:38:0F:32:99:DF:89:B0:B5:62:EB:43:15:BF:5C:46:7A:50:80:C2
X509v3 Authority Key Identifier:
keyid:73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/dzgPMpnfibC1YutDFb9cRnpQgMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:2683::/32
Signature Algorithm: sha256WithRSAEncryption
ad:e1:52:22:46:d3:44:90:0a:36:7b:a5:e6:f2:ab:80:13:c8:
8b:85:b5:a1:cf:1a:25:c2:f3:40:80:33:b7:56:69:2f:85:95:
5e:d2:8d:74:4f:0f:14:51:be:df:48:aa:e2:2c:9d:2c:75:8d:
3b:3d:89:f6:c5:a6:8a:93:5a:7c:17:52:b6:60:66:ad:d8:91:
42:6c:a2:ee:11:41:0b:f7:c0:f0:84:78:71:7d:0b:a5:f4:c4:
45:5c:a9:f8:d2:cd:d2:88:4c:05:70:a3:22:98:e8:53:bc:ad:
08:1f:8a:a2:0b:4e:c5:48:b8:d1:af:8f:89:e3:c9:b1:68:ee:
e4:4f:df:2a:b5:81:63:8a:ad:35:c9:7b:d3:25:20:7d:4f:9b:
d6:56:69:ac:51:6e:4d:2d:ae:44:41:ad:7d:97:1b:8c:14:a6:
68:2f:8f:f1:93:85:44:36:6d:e7:1b:e5:97:ae:a4:81:58:cb:
98:b7:6c:08:0d:7d:78:4e:ce:1b:db:9a:08:63:69:d2:26:a8:
a0:bf:70:32:8f:20:ec:39:ab:96:f4:29:5a:b2:2d:b7:b7:f7:
ad:d6:fd:00:e0:e4:0c:1c:6d:49:81:31:3b:e1:90:00:b6:e4:
51:a2:e4:f6:da:cf:45:b2:7a:0a:e6:f1:e0:ec:2c:06:a7:c1:
f2:53:81:59
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQnRilLE5k+20e74Jj+rvykMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczYzY5ZDA0NTgzNTAwYzVlZjgxMTM2ODMxMjM3NTkzZTBi
Yjg2Y2UwHhcNMjUwMTAyMTM0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzM4MGYzMjk5ZGY4OWIwYjU2MmViNDMxNWJmNWM0NjdhNTA4MGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbV4I/q6NU8uL/SIbqoVoi/0JW8H
Uvu1ZvlkeYDNMAC35o4zWz6tyhBZorRXyi77Xi1o40HUARkDl+p/drDVzN3J65ZK
iF5l7qfX8Vf6kgcrcBOFlVURRs/VV/qC2ycU3ZsqwHqhxZg6AgI3hYsU4JQ+CFIV
BWQwVkQryyjyUsI10KnHVorXbRB6/Vf8j671ATJyH6xZGl6EUPcEE7lzwLAodUhI
MHf1nAfOFqhp46VkPKeqHnXPDZo1GzpnXt9Z4Ldsy4MTZJ2krDJdPcItDbTWtZOA
U6854oXEw6eNhcaJRLeRiltYMcz3g0guNqvrGLmG6KjO4nvdYmCTPvuPcwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHc4DzKZ34mwtWLrQxW/XEZ6UIDCMB8GA1UdIwQY
MBaAFHPGnQRYNQDF74ETaDEjdZPgu4bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQt
ZjljYjBhN2IyMDZjLzEvZHpnUE1wbmZpYkMxWXV0REZiOWNSbnBRZ01JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQtZjljYjBhN2IyMDZj
LzEvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg0mgzAN
BgkqhkiG9w0BAQsFAAOCAQEAreFSIkbTRJAKNnul5vKrgBPIi4W1oc8aJcLzQIAz
t1ZpL4WVXtKNdE8PFFG+30iq4iydLHWNOz2J9sWmipNafBdStmBmrdiRQmyi7hFB
C/fA8IR4cX0LpfTERVyp+NLN0ohMBXCjIpjoU7ytCB+KogtOxUi40a+PiePJsWju
5E/fKrWBY4qtNcl70yUgfU+b1lZprFFuTS2uREGtfZcbjBSmaC+P8ZOFRDZt5xvl
l66kgVjLmLdsCA19eE7OG9uaCGNp0iaooL9wMo8g7DmrlvQpWrItt7f3rdb9AODk
DBxtSYExO+GQALbkUaLk9trPRbJ6Cubx4OwsBqfB8lOBWQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:34:32 2025 by rpki-client