Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/e0caff-28cd-4c6b-b675-e263cad7beba/1/nZKzj1s-HvQbB5Cs3DhHQANxpw0.roa
File: nZKzj1s-HvQbB5Cs3DhHQANxpw0.roa (raw, json)
Hash identifier: nWRjIrH7aL78d8i9FmsJdMCpD/APPm3NLuc/+JFcoVY=
Subject key identifier: 9D:92:B3:8F:5B:3E:1E:F4:1B:07:90:AC:DC:38:47:40:03:71:A7:0D
Certificate issuer: /CN=80149f43feeb699ffa40a870e5ed7dfc225f133f
Certificate serial: 097FA1
Authority key identifier: 80:14:9F:43:FE:EB:69:9F:FA:40:A8:70:E5:ED:7D:FC:22:5F:13:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gBSfQ_7raZ_6QKhw5e19_CJfEz8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/e0caff-28cd-4c6b-b675-e263cad7beba/1/nZKzj1s-HvQbB5Cs3DhHQANxpw0.roa
Signing time: Tue 22 Feb 2022 19:36:05 +0000
ROA not before: Tue 22 Feb 2022 19:36:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 72641
IP address blocks: 2a12:84c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 622497 (0x97fa1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80149f43feeb699ffa40a870e5ed7dfc225f133f
Validity
Not Before: Feb 22 19:36:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9d92b38f5b3e1ef41b0790acdc3847400371a70d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:0f:9f:6e:1f:8a:1e:7e:d2:11:a0:e8:38:78:
e5:80:b3:39:35:6f:61:12:11:1d:c2:1a:80:a0:1d:
c3:1b:1a:78:e1:ba:24:12:e2:b1:a3:1c:56:b8:e4:
4f:63:33:71:8e:42:d0:45:70:98:ff:b1:53:95:ce:
cf:47:63:75:f6:3d:d5:a8:7d:c5:f0:7b:d7:30:c9:
67:5d:09:ec:ce:8e:3b:ee:02:cd:03:09:b0:3c:99:
0f:ed:79:82:f7:71:2b:3d:80:7f:4c:1a:57:9f:53:
25:ea:81:d9:95:c9:5d:3c:90:7f:ff:7d:90:89:f0:
32:e5:a7:b1:19:8f:24:60:5e:83:3c:aa:bb:5b:ef:
10:a7:ec:df:9a:78:fb:6e:7d:20:ba:91:b8:66:49:
87:2f:b2:d7:d1:eb:fe:d7:fa:ef:3f:67:3f:f4:3c:
8e:3e:c6:af:55:59:f5:7b:c7:cb:e7:5f:a5:5a:55:
6d:89:01:0e:61:f6:d0:f7:28:b6:2a:9f:a7:6f:e3:
3f:f7:d4:05:12:0d:c2:26:26:d3:0e:90:78:14:48:
75:6b:9b:d6:d7:c4:c9:f1:86:a3:45:bc:8b:93:aa:
52:72:90:a0:b5:ab:7b:67:80:40:f4:b1:f2:2f:19:
b6:b3:05:70:82:c5:fa:05:ab:33:d9:4f:df:cf:42:
5b:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:92:B3:8F:5B:3E:1E:F4:1B:07:90:AC:DC:38:47:40:03:71:A7:0D
X509v3 Authority Key Identifier:
keyid:80:14:9F:43:FE:EB:69:9F:FA:40:A8:70:E5:ED:7D:FC:22:5F:13:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gBSfQ_7raZ_6QKhw5e19_CJfEz8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/e0caff-28cd-4c6b-b675-e263cad7beba/1/nZKzj1s-HvQbB5Cs3DhHQANxpw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/e0caff-28cd-4c6b-b675-e263cad7beba/1/gBSfQ_7raZ_6QKhw5e19_CJfEz8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:84c0::/29
Signature Algorithm: sha256WithRSAEncryption
89:cd:9f:ab:bb:29:d3:f2:b7:5b:b7:2f:84:3c:88:20:6e:32:
66:0e:8e:fb:7c:59:7d:18:9d:c7:87:1b:50:e1:01:f9:32:5d:
1c:08:2a:71:99:38:92:fc:f2:a1:c8:a8:fa:15:fb:df:28:62:
99:61:7c:86:a3:5d:63:53:07:b5:1c:cb:c3:7f:b9:d7:e3:67:
c2:37:5d:28:6a:19:24:2f:07:85:a7:47:35:d0:1a:90:97:61:
27:cd:61:b4:26:63:65:05:4b:98:ec:f5:22:8d:cb:95:b4:4a:
03:00:5e:68:de:7b:bb:77:63:0e:83:c0:2f:74:a6:87:df:19:
22:1b:95:d8:ab:ec:5b:ce:ff:3a:b9:3c:85:b9:39:7d:37:e4:
a0:34:10:68:61:cf:a1:97:35:b2:07:8d:c7:c3:88:3e:e1:04:
4c:25:e7:fc:bf:7f:2f:45:6e:f2:7c:51:6f:4f:47:b0:fe:69:
62:dc:09:29:ac:ab:f0:22:91:76:46:10:f3:0f:00:91:e0:2b:
6f:e6:3d:e6:d9:9f:51:5e:1f:08:0f:84:b8:8d:c4:57:b3:2f:
eb:13:36:60:c2:ad:96:fe:20:d7:fe:6f:92:ea:d4:8a:34:cd:
9d:a4:ea:82:cc:ef:e5:f1:aa:ef:27:4b:d5:b7:28:ab:44:94:
0d:d3:f6:e7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDCX+hMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDgw
MTQ5ZjQzZmVlYjY5OWZmYTQwYTg3MGU1ZWQ3ZGZjMjI1ZjEzM2YwHhcNMjIwMjIy
MTkzNjA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5ZDkyYjM4ZjViM2Ux
ZWY0MWIwNzkwYWNkYzM4NDc0MDAzNzFhNzBkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAzQ+fbh+KHn7SEaDoOHjlgLM5NW9hEhEdwhqAoB3DGxp44bok
EuKxoxxWuORPYzNxjkLQRXCY/7FTlc7PR2N19j3VqH3F8HvXMMlnXQnszo477gLN
AwmwPJkP7XmC93ErPYB/TBpXn1Ml6oHZlcldPJB//32QifAy5aexGY8kYF6DPKq7
W+8Qp+zfmnj7bn0gupG4ZkmHL7LX0ev+1/rvP2c/9DyOPsavVVn1e8fL51+lWlVt
iQEOYfbQ9yi2Kp+nb+M/99QFEg3CJibTDpB4FEh1a5vW18TJ8YajRbyLk6pScpCg
tat7Z4BA9LHyLxm2swVwgsX6Basz2U/fz0Jb6wIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFJ2Ss49bPh70GweQrNw4R0ADcacNMB8GA1UdIwQYMBaAFIAUn0P+62mf+kCo
cOXtffwiXxM/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
Z0JTZlFfN3JhWl82UUtodzVlMTlfQ0pmRXo4LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8xNS9lMGNhZmYtMjhjZC00YzZiLWI2NzUtZTI2M2NhZDdiZWJhLzEv
blpLemoxcy1IdlFiQjVDczNEaEhRQU54cHcwLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9l
MGNhZmYtMjhjZC00YzZiLWI2NzUtZTI2M2NhZDdiZWJhLzEvZ0JTZlFfN3JhWl82
UUtodzVlMTlfQ0pmRXo4LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhKEwDANBgkqhkiG9w0BAQsFAAOC
AQEAic2fq7sp0/K3W7cvhDyIIG4yZg6O+3xZfRidx4cbUOEB+TJdHAgqcZk4kvzy
ocio+hX73yhimWF8hqNdY1MHtRzLw3+51+NnwjddKGoZJC8HhadHNdAakJdhJ81h
tCZjZQVLmOz1Io3LlbRKAwBeaN57u3djDoPAL3Smh98ZIhuV2KvsW87/Ork8hbk5
fTfkoDQQaGHPoZc1sgeNx8OIPuEETCXn/L9/L0Vu8nxRb09HsP5pYtwJKayr8CKR
dkYQ8w8AkeArb+Y95tmfUV4fCA+EuI3EV7Mv6xM2YMKtlv4g1/5vkurUijTNnaTq
gszv5fGq7ydL1bcoq0SUDdP25w==
-----END CERTIFICATE-----
Generated at Fri Apr 18 02:39:42 2025 by rpki-client