Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/2z5OP5uOUPeCHEZvOlemyfzgiqA.roa
File: 2z5OP5uOUPeCHEZvOlemyfzgiqA.roa (raw, json)
Hash identifier: Hk782ryuX9Xc6GFCRAe62b1gzyY4Vb/jeKK1cnQhmr8=
Subject key identifier: DB:3E:4E:3F:9B:8E:50:F7:82:1C:46:6F:3A:57:A6:C9:FC:E0:8A:A0
Certificate issuer: /CN=87de085975de6588e07fed135513aa38acedb763
Certificate serial: 0194228E388F613B66FD85EEEB1C60108F09
Authority key identifier: 87:DE:08:59:75:DE:65:88:E0:7F:ED:13:55:13:AA:38:AC:ED:B7:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h94IWXXeZYjgf-0TVROqOKztt2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/2z5OP5uOUPeCHEZvOlemyfzgiqA.roa
Signing time: Wed 01 Jan 2025 15:48:53 +0000
ROA not before: Wed 01 Jan 2025 15:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6730
IP address blocks: 2001:67c:2350::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:38:8f:61:3b:66:fd:85:ee:eb:1c:60:10:8f:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87de085975de6588e07fed135513aa38acedb763
Validity
Not Before: Jan 1 15:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db3e4e3f9b8e50f7821c466f3a57a6c9fce08aa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:cf:f6:47:20:40:bb:39:88:c9:62:b6:80:cd:
78:6a:e9:7c:d3:38:7c:c4:01:cf:be:5e:37:7f:de:
bf:53:e4:e9:5c:d9:44:af:0a:1c:9d:3e:5e:22:5d:
9f:e7:c8:16:47:3e:35:7c:1c:e8:53:b8:8c:00:0b:
ba:1f:fa:3f:54:87:55:dc:cd:8f:35:cc:44:dd:65:
0b:4e:d0:37:0b:7b:e9:88:26:03:d0:36:ad:c3:89:
ed:e3:06:8a:ac:15:e7:05:9a:6e:87:56:e6:db:b5:
59:b3:87:b1:19:2f:40:c9:40:9d:02:8d:e8:8f:bd:
ba:52:e3:66:c1:11:67:05:0e:bd:fb:e3:a4:38:26:
9b:03:b0:32:d3:06:3f:4d:ec:ca:a0:24:e5:51:8f:
2a:d7:7a:fb:bd:d4:57:47:8e:1a:7a:dd:9e:2e:c4:
2d:4a:b1:d4:26:08:43:a5:29:c2:ff:e6:18:a3:fd:
e3:f9:1b:2c:72:3a:5b:7d:25:31:cb:39:1f:42:0d:
33:7e:0a:12:c2:ca:5e:e2:02:3a:7e:42:90:a5:04:
0d:ce:7a:59:21:15:58:5f:6a:40:26:c9:f0:f6:19:
6c:54:e0:31:23:63:40:82:7a:b8:92:08:cc:30:7b:
5b:15:41:86:e5:40:bb:ca:b6:e2:81:4b:62:8a:1c:
50:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:3E:4E:3F:9B:8E:50:F7:82:1C:46:6F:3A:57:A6:C9:FC:E0:8A:A0
X509v3 Authority Key Identifier:
keyid:87:DE:08:59:75:DE:65:88:E0:7F:ED:13:55:13:AA:38:AC:ED:B7:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h94IWXXeZYjgf-0TVROqOKztt2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/2z5OP5uOUPeCHEZvOlemyfzgiqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2350::/48
Signature Algorithm: sha256WithRSAEncryption
9e:66:69:09:61:69:b7:97:62:53:f2:33:89:ef:d0:c6:00:1a:
4b:fc:da:f1:4c:f8:6e:38:fa:71:e5:bd:dc:ce:70:1a:c0:79:
9b:13:e2:2c:58:7a:e2:53:21:c5:7b:16:43:24:47:cb:06:2f:
5d:a9:59:3b:ff:da:08:13:8f:82:01:ca:21:7b:ee:f4:8c:39:
d3:b0:64:d9:1a:4b:01:41:2a:d5:52:bf:9b:29:bd:9e:be:57:
c1:7f:77:93:14:50:2b:1d:7a:30:02:f1:66:8d:9d:b5:67:9b:
d1:2a:84:24:b2:9d:58:f1:d0:d2:06:58:e1:09:99:9f:76:61:
c0:42:f9:6c:4e:ae:d1:d0:02:83:c7:aa:3a:97:c5:2d:1f:8d:
76:2a:33:bd:a8:02:53:df:65:9f:17:42:70:f2:44:a9:c8:a7:
5f:e8:9b:d2:15:cb:b7:6a:31:77:be:9a:bb:89:58:b5:37:1c:
e4:4d:f9:d6:18:1f:39:6c:f3:e3:e0:14:19:f6:9e:19:da:69:
ab:cf:44:f6:16:59:bf:88:6b:d1:59:38:d0:80:da:e9:55:74:
8e:04:78:50:c1:cb:83:16:bc:31:37:db:43:0f:95:da:5c:a0:
33:04:6c:d5:73:4f:05:e3:4c:18:3a:01:ed:a6:68:59:b6:04:
94:7b:dc:0e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQijjiPYTtm/YXu6xxgEI8JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZGUwODU5NzVkZTY1ODhlMDdmZWQxMzU1MTNhYTM4YWNl
ZGI3NjMwHhcNMjUwMTAxMTU0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjNlNGUzZjliOGU1MGY3ODIxYzQ2NmYzYTU3YTZjOWZjZTA4YWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8/2RyBAuzmIyWK2gM14aul80zh8
xAHPvl43f96/U+TpXNlErwocnT5eIl2f58gWRz41fBzoU7iMAAu6H/o/VIdV3M2P
NcxE3WULTtA3C3vpiCYD0Datw4nt4waKrBXnBZpuh1bm27VZs4exGS9AyUCdAo3o
j726UuNmwRFnBQ69++OkOCabA7Ay0wY/TezKoCTlUY8q13r7vdRXR44aet2eLsQt
SrHUJghDpSnC/+YYo/3j+RsscjpbfSUxyzkfQg0zfgoSwspe4gI6fkKQpQQNznpZ
IRVYX2pAJsnw9hlsVOAxI2NAgnq4kgjMMHtbFUGG5UC7yrbigUtiihxQywIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNs+Tj+bjlD3ghxGbzpXpsn84IqgMB8GA1UdIwQY
MBaAFIfeCFl13mWI4H/tE1UTqjis7bdjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDk0SVdYWGVaWWpnZi0wVFZST3FPS3p0dDJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wNGVmNzEtZjEyMi00N2NlLThhNDAt
Y2MwZjk3MDcxNDBlLzEvMno1T1A1dU9VUGVDSEVadk9sZW15ZnpnaXFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8wNGVmNzEtZjEyMi00N2NlLThhNDAtY2MwZjk3MDcxNDBl
LzEvaDk0SVdYWGVaWWpnZi0wVFZST3FPS3p0dDJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCNQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCeZmkJYWm3l2JT8jOJ79DGABpL/NrxTPhuOPpx
5b3cznAawHmbE+IsWHriUyHFexZDJEfLBi9dqVk7/9oIE4+CAcohe+70jDnTsGTZ
GksBQSrVUr+bKb2evlfBf3eTFFArHXowAvFmjZ21Z5vRKoQksp1Y8dDSBljhCZmf
dmHAQvlsTq7R0AKDx6o6l8UtH412KjO9qAJT32WfF0Jw8kSpyKdf6JvSFcu3ajF3
vpq7iVi1NxzkTfnWGB85bPPj4BQZ9p4Z2mmrz0T2Flm/iGvRWTjQgNrpVXSOBHhQ
wcuDFrwxN9tDD5XaXKAzBGzVc08F40wYOgHtpmhZtgSUe9wO
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:36:05 2025 by rpki-client