Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/7215e0-9ab8-4a13-a605-31ab32ff7c68/1/zTNz5q56WyGtwKzYlcHUYQPhEqU.roa
File: zTNz5q56WyGtwKzYlcHUYQPhEqU.roa (raw, json)
Hash identifier: KL+PDxc9WFQD8wrSMYnMHzYnKzeF40iSXkJ1EtPgaHE=
Subject key identifier: CD:33:73:E6:AE:7A:5B:21:AD:C0:AC:D8:95:C1:D4:61:03:E1:12:A5
Certificate issuer: /CN=e1584910124af776e30e5acf055d6bae1761a536
Certificate serial: 01942825E1285F9CC0D9F7F4EA7500DD7DCD
Authority key identifier: E1:58:49:10:12:4A:F7:76:E3:0E:5A:CF:05:5D:6B:AE:17:61:A5:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4VhJEBJK93bjDlrPBV1rrhdhpTY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/7215e0-9ab8-4a13-a605-31ab32ff7c68/1/zTNz5q56WyGtwKzYlcHUYQPhEqU.roa
Signing time: Thu 02 Jan 2025 17:52:38 +0000
ROA not before: Thu 02 Jan 2025 17:52:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 2a13:3c0:1::/48 maxlen: 48
2a13:3c0:2::/48 maxlen: 48
2a13:3c0:3::/48 maxlen: 48
2a13:3c0:4::/48 maxlen: 48
2a13:3c0:5::/48 maxlen: 48
2a13:3c0:6::/48 maxlen: 48
2a13:3c0:7::/48 maxlen: 48
2a13:3c0:8::/48 maxlen: 48
2a13:3c0:9::/48 maxlen: 48
2a13:3c0:10::/48 maxlen: 48
2a13:3c0:11::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:e1:28:5f:9c:c0:d9:f7:f4:ea:75:00:dd:7d:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1584910124af776e30e5acf055d6bae1761a536
Validity
Not Before: Jan 2 17:52:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd3373e6ae7a5b21adc0acd895c1d46103e112a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ac:37:3a:88:7b:13:0f:9e:89:11:f5:20:58:
ad:e6:90:7b:80:a3:2f:f1:14:71:a0:05:b5:e5:94:
9c:ae:ce:89:d9:a2:06:0a:82:89:32:0c:28:ef:b3:
ac:0d:30:e8:c4:f2:22:e8:51:54:db:03:26:36:9b:
94:fe:23:fd:85:68:d8:a6:71:61:6f:30:a8:ee:e0:
46:c9:d8:58:7c:3d:15:bf:75:ae:a4:d7:57:95:c7:
d2:63:6d:66:d3:c0:23:03:be:70:6c:b7:f9:b6:c8:
b2:b2:2b:04:98:23:38:aa:fe:20:61:09:c0:1e:c2:
5d:07:5b:8e:29:29:a5:2d:d1:64:25:1d:80:76:fc:
a4:02:2f:0f:c9:25:30:8a:d6:eb:f9:72:11:0f:a4:
b1:1a:47:3b:ea:9f:62:1e:c6:c2:db:ab:16:52:f3:
a1:0f:4b:7f:90:a9:00:aa:b2:f0:c8:b8:bf:f8:f6:
be:fb:39:ef:64:32:8d:9c:4d:77:e3:3f:6c:66:d6:
fc:3e:61:c8:a2:05:20:46:86:0d:ea:8c:9d:71:f3:
f2:00:ad:75:d1:fe:c0:4d:27:76:fd:ef:75:3a:5e:
cb:35:1b:7f:4c:de:16:fe:90:2a:25:b7:fd:ce:70:
56:31:7c:a0:a9:86:d1:ab:71:87:e7:d0:51:13:22:
d1:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:33:73:E6:AE:7A:5B:21:AD:C0:AC:D8:95:C1:D4:61:03:E1:12:A5
X509v3 Authority Key Identifier:
keyid:E1:58:49:10:12:4A:F7:76:E3:0E:5A:CF:05:5D:6B:AE:17:61:A5:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VhJEBJK93bjDlrPBV1rrhdhpTY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/7215e0-9ab8-4a13-a605-31ab32ff7c68/1/zTNz5q56WyGtwKzYlcHUYQPhEqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/7215e0-9ab8-4a13-a605-31ab32ff7c68/1/4VhJEBJK93bjDlrPBV1rrhdhpTY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:3c0:1::-2a13:3c0:9:ffff:ffff:ffff:ffff:ffff
2a13:3c0:10::/47
Signature Algorithm: sha256WithRSAEncryption
6c:45:c5:ae:1a:5f:f4:1e:71:57:9c:25:96:ed:94:75:43:bb:
df:c6:71:18:7a:3d:b4:3b:65:1a:8a:1c:8d:72:22:fc:81:ee:
06:b2:37:3f:7c:ef:d3:10:8e:65:cf:7b:0f:75:11:ac:d8:0b:
09:79:88:a9:3a:85:d1:7d:47:32:26:a5:98:29:2e:58:5e:45:
97:59:00:99:5d:5f:3d:3f:28:18:26:57:6f:c7:ca:63:35:b5:
fd:84:25:58:37:ba:1f:06:1b:af:df:c3:16:7e:0c:a7:d5:95:
c1:e0:bc:d3:de:9e:8b:9b:ae:f6:22:0e:04:5b:49:98:a9:b2:
d0:f4:9c:a1:7a:ed:85:3a:8a:f4:0c:76:f9:f2:e2:d8:4e:32:
06:ca:d5:25:ad:f1:64:05:38:ed:a4:fa:c9:3b:79:d9:6f:87:
25:47:35:e8:dc:fd:b3:84:f9:63:48:07:2f:40:69:99:ba:7f:
93:32:eb:e1:0d:03:8c:e4:b2:8a:e7:a1:2f:39:a7:85:1f:28:
d4:e6:25:f3:58:a4:1c:1a:56:40:5a:49:ce:4f:d0:17:c9:86:
89:7d:da:af:6b:92:76:51:82:63:d2:57:22:a4:5a:07:29:c3:
ec:24:c4:4e:c4:50:bc:d6:de:b3:60:a1:8e:e5:c9:2b:3f:60:
0e:6f:24:a8
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQoJeEoX5zA2ff06nUA3X3NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTg0OTEwMTI0YWY3NzZlMzBlNWFjZjA1NWQ2YmFlMTc2
MWE1MzYwHhcNMjUwMTAyMTc1MjM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDMzNzNlNmFlN2E1YjIxYWRjMGFjZDg5NWMxZDQ2MTAzZTExMmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvaw3Ooh7Ew+eiRH1IFit5pB7gKMv
8RRxoAW15ZScrs6J2aIGCoKJMgwo77OsDTDoxPIi6FFU2wMmNpuU/iP9hWjYpnFh
bzCo7uBGydhYfD0Vv3WupNdXlcfSY21m08AjA75wbLf5tsiysisEmCM4qv4gYQnA
HsJdB1uOKSmlLdFkJR2AdvykAi8PySUwitbr+XIRD6SxGkc76p9iHsbC26sWUvOh
D0t/kKkAqrLwyLi/+Pa++znvZDKNnE134z9sZtb8PmHIogUgRoYN6oydcfPyAK11
0f7ATSd2/e91Ol7LNRt/TN4W/pAqJbf9znBWMXygqYbRq3GH59BREyLRgwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFM0zc+auelshrcCs2JXB1GED4RKlMB8GA1UdIwQY
MBaAFOFYSRASSvd24w5azwVda64XYaU2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZoSkVCSks5M2JqRGxyUEJWMXJyaGRocFRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi83MjE1ZTAtOWFiOC00YTEzLWE2MDUt
MzFhYjMyZmY3YzY4LzEvelROejVxNTZXeUd0d0t6WWxjSFVZUVBoRXFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi83MjE1ZTAtOWFiOC00YTEzLWE2MDUtMzFhYjMyZmY3YzY4
LzEvNFZoSkVCSks5M2JqRGxyUEJWMXJyaGRocFRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdMBIDBwAqEwPA
AAEDBwEqEwPAAAgDBwEqEwPAABAwDQYJKoZIhvcNAQELBQADggEBAGxFxa4aX/Qe
cVecJZbtlHVDu9/GcRh6PbQ7ZRqKHI1yIvyB7gayNz9879MQjmXPew91EazYCwl5
iKk6hdF9RzImpZgpLlheRZdZAJldXz0/KBgmV2/HymM1tf2EJVg3uh8GG6/fwxZ+
DKfVlcHgvNPenoubrvYiDgRbSZipstD0nKF67YU6ivQMdvny4thOMgbK1SWt8WQF
OO2k+sk7edlvhyVHNejc/bOE+WNIBy9AaZm6f5My6+ENA4zksornoS85p4UfKNTm
JfNYpBwaVkBaSc5P0BfJhol92q9rknZRgmPSVyKkWgcpw+wkxE7EULzW3rNgoY7l
ySs/YA5vJKg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:08:40 2025 by rpki-client