Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/zlxg64nQmtpFYTJe9zil2zksvZg.roa
File: zlxg64nQmtpFYTJe9zil2zksvZg.roa (raw, json)
Hash identifier: hMq7tDXhmxpwg+I6zcZ4BaOY3+DJrpAtCMcPOjVU8ic=
Subject key identifier: CE:5C:60:EB:89:D0:9A:DA:45:61:32:5E:F7:38:A5:DB:39:2C:BD:98
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 019510541D90C46B36E7999CA454B24DA89F
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/zlxg64nQmtpFYTJe9zil2zksvZg.roa
Signing time: Sun 16 Feb 2025 19:55:02 +0000
ROA not before: Sun 16 Feb 2025 19:55:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30633
IP address blocks: 2a10:3c80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:10:54:1d:90:c4:6b:36:e7:99:9c:a4:54:b2:4d:a8:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Feb 16 19:55:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ce5c60eb89d09ada4561325ef738a5db392cbd98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:6b:65:9b:7e:81:38:7a:20:80:d6:dc:21:e6:
d7:50:3b:6a:dc:ea:2c:e4:a9:e5:8c:1c:ad:89:f6:
18:aa:29:23:dd:fd:f6:23:92:65:5a:38:b3:b7:66:
f0:ac:7d:51:0c:c5:e8:26:f8:e0:48:f2:4f:0d:50:
b5:e3:e3:b9:2a:00:0f:cf:21:e4:77:bf:d2:af:00:
f4:9c:af:e2:e7:db:f0:da:31:b8:64:24:dd:11:9a:
63:b4:95:a9:1c:e5:b6:1a:2d:9c:eb:4b:58:9b:3a:
e7:9e:70:30:5a:41:a2:bf:35:8e:ad:1d:37:57:17:
24:4c:85:a6:d8:de:69:b1:d6:cf:10:d6:d8:5d:b9:
0c:cf:d0:50:0b:00:6a:e8:fc:97:3e:ae:36:36:ac:
7a:c6:1b:c6:9f:84:39:a2:47:81:2c:68:02:49:62:
8e:90:9d:0e:6c:28:37:c1:c1:6a:a8:fc:ea:f4:a6:
3c:8c:e8:f3:55:c7:de:7f:51:ec:2a:8c:33:02:84:
58:14:22:fe:b4:76:50:5b:2d:50:33:9b:7e:fb:67:
5c:d6:9e:54:50:97:7a:9f:e4:ac:46:0f:5e:f2:37:
a3:57:0f:28:66:77:73:a6:09:b3:e3:2f:0a:ff:c8:
60:84:a4:15:32:ad:6e:40:37:9a:98:74:58:b1:c1:
08:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:5C:60:EB:89:D0:9A:DA:45:61:32:5E:F7:38:A5:DB:39:2C:BD:98
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/zlxg64nQmtpFYTJe9zil2zksvZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:3c80::/29
Signature Algorithm: sha256WithRSAEncryption
a3:6d:12:c2:1e:98:55:14:58:b4:7c:f6:4a:20:12:cd:69:ef:
e8:97:a4:bb:59:60:bb:cf:3b:20:0a:82:0c:34:37:6e:b5:92:
e2:1d:4b:ef:97:6c:0c:c9:ba:00:b0:0b:25:ac:da:1d:81:d5:
62:ab:6f:43:25:b2:2d:8b:ce:be:bd:e6:d5:b0:8a:b5:07:55:
16:da:c6:b3:29:c5:0f:f6:00:d5:1e:dc:28:d7:46:71:b9:28:
66:5f:ee:ef:0f:20:0c:94:9c:ad:04:f2:17:3d:0b:f2:e7:6d:
0e:11:8b:7d:01:92:17:35:d9:cc:a1:8c:1f:f9:79:67:fc:cc:
17:9a:ad:3b:c6:fc:62:df:d9:f1:cf:1e:9d:46:fc:25:e0:e5:
5e:d3:6f:38:8c:9c:7c:27:47:55:c3:b5:2b:8d:c1:eb:c3:1a:
45:4c:f5:5a:3d:a7:a8:bc:e7:92:70:a8:4a:f2:78:e7:75:5b:
5e:27:d0:dd:99:25:e6:f6:78:95:2c:e0:f8:f9:90:1a:91:ed:
6b:60:6c:de:d6:89:98:66:21:2a:cf:ff:62:23:bc:b4:cc:2e:
72:46:21:63:bc:18:1f:90:8b:0d:19:13:99:80:b5:0f:ee:7d:
9a:1b:99:17:ea:46:b4:98:76:e5:6b:83:f0:dc:3b:2e:40:4c:
ed:94:1c:51
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZUQVB2QxGs255mcpFSyTaifMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwMjE2MTk1NTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTVjNjBlYjg5ZDA5YWRhNDU2MTMyNWVmNzM4YTVkYjM5MmNiZDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWtlm36BOHoggNbcIebXUDtq3Oos
5KnljBytifYYqikj3f32I5JlWjizt2bwrH1RDMXoJvjgSPJPDVC14+O5KgAPzyHk
d7/SrwD0nK/i59vw2jG4ZCTdEZpjtJWpHOW2Gi2c60tYmzrnnnAwWkGivzWOrR03
VxckTIWm2N5psdbPENbYXbkMz9BQCwBq6PyXPq42Nqx6xhvGn4Q5okeBLGgCSWKO
kJ0ObCg3wcFqqPzq9KY8jOjzVcfef1HsKowzAoRYFCL+tHZQWy1QM5t++2dc1p5U
UJd6n+SsRg9e8jejVw8oZndzpgmz4y8K/8hghKQVMq1uQDeamHRYscEIuwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFM5cYOuJ0JraRWEyXvc4pds5LL2YMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvemx4ZzY0blFtdHBGWVRKZTl6aWwyemtzdlpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhA8gDAN
BgkqhkiG9w0BAQsFAAOCAQEAo20Swh6YVRRYtHz2SiASzWnv6Jeku1lgu887IAqC
DDQ3brWS4h1L75dsDMm6ALALJazaHYHVYqtvQyWyLYvOvr3m1bCKtQdVFtrGsynF
D/YA1R7cKNdGcbkoZl/u7w8gDJScrQTyFz0L8udtDhGLfQGSFzXZzKGMH/l5Z/zM
F5qtO8b8Yt/Z8c8enUb8JeDlXtNvOIycfCdHVcO1K43B68MaRUz1Wj2nqLznknCo
SvJ453VbXifQ3Zkl5vZ4lSzg+PmQGpHta2Bs3taJmGYhKs//YiO8tMwuckYhY7wY
H5CLDRkTmYC1D+59mhuZF+pGtJh25WuD8Nw7LkBM7ZQcUQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:53:42 2025 by rpki-client