Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/JZOXKN7qd0gKODyFariNcniaB2E.roa
File: JZOXKN7qd0gKODyFariNcniaB2E.roa (raw, json)
Hash identifier: NaJ6Sbb5kWL2kSD2VuLSlg5xwxrBLkpO58s+R2HXSkg=
Subject key identifier: 25:93:97:28:DE:EA:77:48:0A:38:3C:85:6A:B8:8D:72:78:9A:07:61
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 0194A2947861F62F8797CF8AD153A5151B60
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/JZOXKN7qd0gKODyFariNcniaB2E.roa
Signing time: Sun 26 Jan 2025 12:27:06 +0000
ROA not before: Sun 26 Jan 2025 12:27:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213545
IP address blocks: 2a0e:aa07:e220::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a2:94:78:61:f6:2f:87:97:cf:8a:d1:53:a5:15:1b:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 26 12:27:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=25939728deea77480a383c856ab88d72789a0761
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:45:13:d7:a1:e1:2d:c6:24:08:16:c6:43:0a:
81:2c:fb:2a:07:9d:30:1f:fe:61:08:e7:27:d1:87:
df:36:eb:de:b0:80:80:a2:0b:00:a6:c3:b0:a4:de:
f4:d5:60:03:58:d5:1b:ad:4c:36:1e:8a:11:db:b3:
58:19:39:25:d4:f8:2c:a3:3f:a8:5a:7d:09:22:f2:
a6:f1:ee:d1:fb:47:8d:06:04:ee:61:1b:0e:c7:57:
9d:1e:89:1a:65:9f:64:0c:41:ec:14:1b:4a:68:f6:
4d:57:36:6a:f5:cf:bd:28:1b:65:ba:70:36:2f:f2:
12:c3:e9:8e:e3:49:b0:ff:2e:88:e7:45:17:76:1d:
57:0d:e2:84:da:8e:fd:4f:47:cd:4c:7e:9e:15:77:
23:6c:5d:7f:78:21:78:e6:09:56:20:9b:4a:d5:50:
d4:90:d3:be:c6:e0:56:6b:33:07:8d:7a:80:69:61:
43:0f:3b:f0:8c:9f:af:6d:11:fe:2e:08:34:e7:9d:
72:46:90:dc:22:b8:65:67:81:30:42:6e:09:a7:71:
d7:a4:6f:64:92:7a:fd:04:f7:29:10:94:1d:50:ac:
d4:57:bb:0b:c4:56:1b:8e:8e:06:f8:cb:36:08:cc:
f4:36:ea:e3:ab:01:4d:e8:ea:7c:f5:87:b0:7a:5f:
56:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:93:97:28:DE:EA:77:48:0A:38:3C:85:6A:B8:8D:72:78:9A:07:61
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/JZOXKN7qd0gKODyFariNcniaB2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa07:e220::/44
Signature Algorithm: sha256WithRSAEncryption
82:74:a7:8a:bc:2a:e3:80:e7:7c:f4:b7:a3:d4:c0:3a:18:b2:
53:3a:20:b7:fb:58:5f:4e:1b:d6:01:d7:48:d3:f1:da:b2:dc:
96:8c:ef:77:37:93:66:36:d7:12:05:cc:55:5b:85:f0:f6:7a:
6d:0d:79:6a:e5:58:c8:9b:63:3c:4d:38:56:8a:94:dc:df:76:
2d:0f:56:3d:92:fa:b9:8e:4a:ac:57:71:41:99:c8:89:6f:78:
0e:f5:5f:0b:06:ec:cd:1d:5c:48:a3:1b:a2:e0:3f:ff:d6:39:
a9:57:cb:7e:7a:d1:fe:18:da:6f:fc:9b:72:ff:15:79:7e:d4:
2f:32:55:ec:54:db:9d:49:c9:ad:98:7a:ad:33:29:c2:88:59:
09:17:88:7c:78:d7:03:97:67:2a:a1:d9:57:40:3f:cb:f4:88:
1c:50:db:b4:99:f6:bd:c4:0d:54:1f:19:50:5f:73:e9:ae:96:
49:ce:7d:d6:f7:53:33:40:95:d2:f0:76:2e:67:9e:52:89:11:
1a:61:73:2e:24:33:75:d0:74:de:55:e3:4f:bb:89:a1:52:58:
42:a8:b4:78:cb:ee:a3:48:b0:7a:c0:bb:7c:27:7f:a1:df:3b:
8a:a3:24:21:ff:8d:c3:f2:47:d3:63:f0:cd:21:e6:02:57:ca:
0d:dd:b8:3f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZSilHhh9i+Hl8+K0VOlFRtgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjUwMTI2MTIyNzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTkzOTcyOGRlZWE3NzQ4MGEzODNjODU2YWI4OGQ3Mjc4OWEwNzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0UT16HhLcYkCBbGQwqBLPsqB50w
H/5hCOcn0YffNuvesICAogsApsOwpN701WADWNUbrUw2HooR27NYGTkl1Pgsoz+o
Wn0JIvKm8e7R+0eNBgTuYRsOx1edHokaZZ9kDEHsFBtKaPZNVzZq9c+9KBtlunA2
L/ISw+mO40mw/y6I50UXdh1XDeKE2o79T0fNTH6eFXcjbF1/eCF45glWIJtK1VDU
kNO+xuBWazMHjXqAaWFDDzvwjJ+vbRH+Lgg0551yRpDcIrhlZ4EwQm4Jp3HXpG9k
knr9BPcpEJQdUKzUV7sLxFYbjo4G+Ms2CMz0NurjqwFN6Op89Yewel9WEQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCWTlyje6ndICjg8hWq4jXJ4mgdhMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvSlpPWEtON3FkMGdLT0R5RmFyaU5jbmlhQjJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6qB+Ig
MA0GCSqGSIb3DQEBCwUAA4IBAQCCdKeKvCrjgOd89Lej1MA6GLJTOiC3+1hfThvW
AddI0/HastyWjO93N5NmNtcSBcxVW4Xw9nptDXlq5VjIm2M8TThWipTc33YtD1Y9
kvq5jkqsV3FBmciJb3gO9V8LBuzNHVxIoxui4D//1jmpV8t+etH+GNpv/Jty/xV5
ftQvMlXsVNudScmtmHqtMynCiFkJF4h8eNcDl2cqodlXQD/L9IgcUNu0mfa9xA1U
HxlQX3PprpZJzn3W91MzQJXS8HYuZ55SiREaYXMuJDN10HTeVeNPu4mhUlhCqLR4
y+6jSLB6wLt8J3+h3zuKoyQh/43D8kfTY/DNIeYCV8oN3bg/
-----END CERTIFICATE-----
Generated at Mon Apr 7 04:08:42 2025 by rpki-client