Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/zhGBhCB1o1tA_TPQlSWDjKNPKl4.roa
File: zhGBhCB1o1tA_TPQlSWDjKNPKl4.roa (raw, json)
Hash identifier: bwGEAa2thgiewUTpGJG6E3nZ3pcU9Rn8qodXY4lwpi4=
Subject key identifier: CE:11:81:84:20:75:A3:5B:40:FD:33:D0:95:25:83:8C:A3:4F:2A:5E
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01856DCAE26B7D2224C7E0F46E68D457426F
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/zhGBhCB1o1tA_TPQlSWDjKNPKl4.roa
Signing time: Sun 01 Jan 2023 14:44:50 +0000
ROA not before: Sun 01 Jan 2023 14:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41843
IP address blocks: 2a02:2698:5400::/38 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:e2:6b:7d:22:24:c7:e0:f4:6e:68:d4:57:42:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 14:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce1181842075a35b40fd33d09525838ca34f2a5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:67:4f:92:e6:09:6c:a5:e6:b3:51:7f:2b:59:
d4:84:ce:e7:c6:b1:06:0a:e7:8d:12:6d:8f:ec:41:
0f:3e:af:f1:5e:bd:73:26:6e:2e:d6:82:d7:f4:74:
4d:6f:c5:79:9f:cb:0c:72:40:4f:15:6c:c1:20:b8:
c0:f9:a3:fb:2d:20:d2:ae:dc:00:f1:bf:b9:26:c9:
b0:e6:4c:64:6c:69:21:05:b7:a8:f0:ae:ed:11:bd:
d4:77:b5:51:90:35:f7:48:1d:c6:5e:a5:99:9b:bb:
61:26:7a:26:e0:d1:5d:39:ed:8e:81:7c:a6:29:f9:
f4:14:b9:c3:b7:e2:50:ee:68:3d:d9:99:1d:7a:5b:
ad:e1:cb:41:61:24:ef:41:8c:57:ca:38:d9:b2:9a:
f5:dc:7c:2a:32:e0:d0:03:90:6c:25:de:90:43:5d:
d3:66:fd:87:4a:88:ac:7c:41:a7:55:07:99:8b:96:
bb:74:4e:39:46:e0:8d:c5:a3:17:b5:82:d9:2b:d5:
bc:21:d5:75:74:01:33:c4:34:44:44:38:7a:a9:b7:
d0:02:8f:bb:42:d7:17:cd:3e:90:9b:a6:1a:65:ee:
41:e9:53:91:63:ab:c3:9f:34:d3:42:77:59:b9:be:
96:b9:53:04:3d:bb:34:78:8e:0d:7d:e4:50:e7:76:
f7:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:11:81:84:20:75:A3:5B:40:FD:33:D0:95:25:83:8C:A3:4F:2A:5E
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/zhGBhCB1o1tA_TPQlSWDjKNPKl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:5400::/38
Signature Algorithm: sha256WithRSAEncryption
c7:55:76:54:a6:19:0a:60:1b:66:42:b4:9c:54:87:88:43:10:
dd:cc:24:fb:aa:88:68:c4:ba:b2:18:27:bf:ff:52:df:c7:3e:
73:2e:dd:58:7e:fb:a5:d9:a4:e6:77:b4:fd:bb:fa:1d:07:78:
e8:d3:52:58:f5:48:0c:a6:09:1f:c2:16:d3:61:61:aa:8a:03:
5c:d6:45:9c:e4:85:ee:7d:b6:9b:c3:a6:0e:1a:29:f0:fa:0d:
8b:7a:85:57:33:ae:74:71:92:be:9d:57:8f:5f:d9:98:ef:70:
6b:33:39:94:24:0a:77:4b:fe:cc:bf:a9:40:4c:c5:8f:5b:22:
d6:2c:90:dc:11:d0:30:7d:a5:4e:7d:4e:68:c1:1f:96:6d:d9:
3c:64:1f:01:45:2e:c1:23:71:96:99:5b:4b:2d:78:68:e0:a4:
86:bc:e8:d6:c1:02:c1:fc:c1:6c:fa:ce:11:3c:e4:f9:ab:35:
82:65:bc:f2:78:05:05:30:c0:ac:13:82:8e:06:4e:fb:62:71:
06:0c:f9:d9:49:b9:68:35:43:43:6b:dc:25:dc:f5:bb:9f:71:
21:1e:3d:5d:2e:38:29:af:fa:eb:42:29:ae:af:83:a0:8b:28:
08:78:de:e5:30:62:5b:45:06:80:82:a7:aa:eb:99:dd:2d:2d:
c2:3d:ad:10
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVtyuJrfSIkx+D0bmjUV0JvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwMTAxMTQ0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTExODE4NDIwNzVhMzViNDBmZDMzZDA5NTI1ODM4Y2EzNGYyYTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmdPkuYJbKXms1F/K1nUhM7nxrEG
CueNEm2P7EEPPq/xXr1zJm4u1oLX9HRNb8V5n8sMckBPFWzBILjA+aP7LSDSrtwA
8b+5Jsmw5kxkbGkhBbeo8K7tEb3Ud7VRkDX3SB3GXqWZm7thJnom4NFdOe2OgXym
Kfn0FLnDt+JQ7mg92Zkdelut4ctBYSTvQYxXyjjZspr13HwqMuDQA5BsJd6QQ13T
Zv2HSoisfEGnVQeZi5a7dE45RuCNxaMXtYLZK9W8IdV1dAEzxDRERDh6qbfQAo+7
QtcXzT6Qm6YaZe5B6VORY6vDnzTTQndZub6WuVMEPbs0eI4NfeRQ53b3TQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFM4RgYQgdaNbQP0z0JUlg4yjTypeMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvemhHQmhDQjFvMXRBX1RQUWxTV0RqS05QS2w0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmFQw
DQYJKoZIhvcNAQELBQADggEBAMdVdlSmGQpgG2ZCtJxUh4hDEN3MJPuqiGjEurIY
J7//Ut/HPnMu3Vh++6XZpOZ3tP27+h0HeOjTUlj1SAymCR/CFtNhYaqKA1zWRZzk
he59tpvDpg4aKfD6DYt6hVczrnRxkr6dV49f2ZjvcGszOZQkCndL/sy/qUBMxY9b
ItYskNwR0DB9pU59TmjBH5Zt2TxkHwFFLsEjcZaZW0steGjgpIa86NbBAsH8wWz6
zhE85PmrNYJlvPJ4BQUwwKwTgo4GTvticQYM+dlJuWg1Q0Nr3CXc9bufcSEePV0u
OCmv+utCKa6vg6CLKAh43uUwYltFBoCCp6rrmd0tLcI9rRA=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:41:02 2025 by rpki-client