Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/ZTvZSbWIWloIdqV37DbtQi07aIY.roa
File: ZTvZSbWIWloIdqV37DbtQi07aIY.roa (raw, json)
Hash identifier: lQEka4orv2/BKmCxU3FSbBYnm+siKkoc02AVPM16hvk=
Subject key identifier: 65:3B:D9:49:B5:88:5A:5A:08:76:A5:77:EC:36:ED:42:2D:3B:68:86
Certificate issuer: /CN=bfe9f12c96ba20683aff5c958bfad8e4c577f7fe
Certificate serial: 0194258F203C366CD9F7B7391D291C95CBA3
Authority key identifier: BF:E9:F1:2C:96:BA:20:68:3A:FF:5C:95:8B:FA:D8:E4:C5:77:F7:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v-nxLJa6IGg6_1yVi_rY5MV39_4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/ZTvZSbWIWloIdqV37DbtQi07aIY.roa
Signing time: Thu 02 Jan 2025 05:48:44 +0000
ROA not before: Thu 02 Jan 2025 05:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 395747
IP address blocks: 2a09:bac0:108::/48 maxlen: 48
2a09:bac0:131::/48 maxlen: 48
2a09:bac0:133::/48 maxlen: 48
2a09:bac0:251::/48 maxlen: 48
2a09:bac0:693::/48 maxlen: 48
2a09:bac0:748::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:20:3c:36:6c:d9:f7:b7:39:1d:29:1c:95:cb:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfe9f12c96ba20683aff5c958bfad8e4c577f7fe
Validity
Not Before: Jan 2 05:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=653bd949b5885a5a0876a577ec36ed422d3b6886
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:53:c8:49:6d:50:cc:75:03:c9:8d:2d:9a:4a:
57:b2:1a:34:65:dc:93:46:76:6a:a9:5a:63:cf:ab:
b2:f3:26:05:25:ec:e7:a4:59:44:89:da:31:23:02:
02:ae:04:11:d0:42:b2:08:75:c1:c4:97:91:84:6f:
6f:5c:52:cc:dc:92:63:4f:02:f2:f4:1e:58:37:41:
4d:98:d9:cb:89:1a:42:07:9e:d7:85:a0:97:ab:a3:
8f:45:d1:63:9b:ef:01:1b:6b:5a:c8:18:45:34:a3:
d2:07:02:a6:16:34:46:a2:49:39:7d:fa:12:e2:96:
a8:36:a2:f6:c6:07:e7:53:30:aa:00:fb:9b:5b:ae:
4f:0a:93:4c:e0:8e:c8:ef:ce:a4:b9:90:52:9c:6c:
6a:22:7a:38:65:9e:d4:07:e7:0b:99:f1:42:4b:03:
ee:a3:6d:c7:d8:6b:05:e8:55:f8:ea:4f:b4:c3:41:
ef:f7:ac:24:44:e5:a9:e0:e1:16:99:fe:e9:b6:14:
bc:1e:57:86:48:88:47:b5:26:a8:8a:ab:b8:97:88:
96:0a:9e:85:7d:2e:ea:8a:b4:c4:25:62:89:46:44:
a8:b3:a3:f3:f7:fd:d5:9b:66:c1:a4:d7:7d:5f:fb:
6d:25:9a:37:5f:3c:7b:db:06:20:ee:26:a7:da:93:
24:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:3B:D9:49:B5:88:5A:5A:08:76:A5:77:EC:36:ED:42:2D:3B:68:86
X509v3 Authority Key Identifier:
keyid:BF:E9:F1:2C:96:BA:20:68:3A:FF:5C:95:8B:FA:D8:E4:C5:77:F7:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v-nxLJa6IGg6_1yVi_rY5MV39_4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/ZTvZSbWIWloIdqV37DbtQi07aIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/v-nxLJa6IGg6_1yVi_rY5MV39_4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:bac0:108::/48
2a09:bac0:131::/48
2a09:bac0:133::/48
2a09:bac0:251::/48
2a09:bac0:693::/48
2a09:bac0:748::/48
Signature Algorithm: sha256WithRSAEncryption
61:41:bf:30:77:d8:b2:b5:3f:da:d6:4d:2e:33:1a:00:29:5d:
9e:7f:e4:89:a1:62:73:d9:8a:ec:37:34:24:f7:c5:25:d0:50:
58:b7:f0:dc:aa:ac:a9:be:ab:d8:f7:1f:01:7c:49:e6:e7:4e:
bc:7c:34:53:35:92:ff:ff:75:af:48:42:04:f8:b1:fc:33:0f:
67:9f:00:6b:90:de:a8:a7:29:73:93:17:cf:0d:bf:ae:5d:90:
2b:fd:72:c3:d3:b1:09:27:33:0d:b7:7f:2e:87:62:62:38:59:
a9:b7:c1:f5:48:e8:7c:df:b4:2c:72:44:33:b3:fd:bb:9d:a7:
48:83:c9:af:cc:a9:df:84:27:43:be:4c:59:d5:28:ff:8a:76:
a5:e6:07:1d:fb:8c:7c:31:9e:eb:ff:b5:f5:58:9b:39:44:35:
b5:29:47:7b:c6:e0:4a:84:f2:15:d6:12:b4:3c:dd:1d:59:e4:
7c:9b:d0:7d:89:3f:20:f2:e7:9b:df:2f:23:ae:2a:80:a0:2d:
bb:5b:fc:2f:70:ab:49:c3:6c:16:cf:82:31:f1:38:9d:48:07:
96:35:60:b1:71:1f:db:39:85:7c:67:cc:df:95:cc:be:f2:7a:
42:ce:fe:c2:59:02:b6:d9:9e:ee:ca:fe:99:72:91:73:13:60:
8a:a7:ac:de
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQljyA8NmzZ97c5HSkclcujMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZTlmMTJjOTZiYTIwNjgzYWZmNWM5NThiZmFkOGU0YzU3
N2Y3ZmUwHhcNMjUwMTAyMDU0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTNiZDk0OWI1ODg1YTVhMDg3NmE1NzdlYzM2ZWQ0MjJkM2I2ODg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFPISW1QzHUDyY0tmkpXsho0ZdyT
RnZqqVpjz6uy8yYFJeznpFlEidoxIwICrgQR0EKyCHXBxJeRhG9vXFLM3JJjTwLy
9B5YN0FNmNnLiRpCB57XhaCXq6OPRdFjm+8BG2tayBhFNKPSBwKmFjRGokk5ffoS
4paoNqL2xgfnUzCqAPubW65PCpNM4I7I786kuZBSnGxqIno4ZZ7UB+cLmfFCSwPu
o23H2GsF6FX46k+0w0Hv96wkROWp4OEWmf7pthS8HleGSIhHtSaoiqu4l4iWCp6F
fS7qirTEJWKJRkSos6Pz9/3Vm2bBpNd9X/ttJZo3Xzx72wYg7ian2pMkAQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFGU72Um1iFpaCHald+w27UItO2iGMB8GA1UdIwQY
MBaAFL/p8SyWuiBoOv9clYv62OTFd/f+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdi1ueExKYTZJR2c2XzF5Vmlfclk1TVYzOV80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy80Y2U1NTgtNjNkNi00NjlhLWJiNWQt
Zjc4MjBjNWU5NjZhLzEvWlR2WlNiV0lXbG9JZHFWMzdEYnRRaTA3YUlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy80Y2U1NTgtNjNkNi00NjlhLWJiNWQtZjc4MjBjNWU5NjZh
LzEvdi1ueExKYTZJR2c2XzF5Vmlfclk1TVYzOV80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKgm6wAEI
AwcAKgm6wAExAwcAKgm6wAEzAwcAKgm6wAJRAwcAKgm6wAaTAwcAKgm6wAdIMA0G
CSqGSIb3DQEBCwUAA4IBAQBhQb8wd9iytT/a1k0uMxoAKV2ef+SJoWJz2YrsNzQk
98Ul0FBYt/DcqqypvqvY9x8BfEnm5068fDRTNZL//3WvSEIE+LH8Mw9nnwBrkN6o
pylzkxfPDb+uXZAr/XLD07EJJzMNt38uh2JiOFmpt8H1SOh837QsckQzs/27nadI
g8mvzKnfhCdDvkxZ1Sj/inal5gcd+4x8MZ7r/7X1WJs5RDW1KUd7xuBKhPIV1hK0
PN0dWeR8m9B9iT8g8ueb3y8jriqAoC27W/wvcKtJw2wWz4Ix8TidSAeWNWCxcR/b
OYV8Z8zflcy+8npCzv7CWQK22Z7uyv6ZcpFzE2CKp6ze
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:52:18 2025 by rpki-client