Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/kzJROGRJyZHBGTjoX7TVF70t_uI.roa
File: kzJROGRJyZHBGTjoX7TVF70t_uI.roa (raw, json)
Hash identifier: Jj+yaaYYgzB6tRgd4hOyiggZphR9XS4OGfW8KoSDVmg=
Subject key identifier: 93:32:51:38:64:49:C9:91:C1:19:38:E8:5F:B4:D5:17:BD:2D:FE:E2
Certificate issuer: /CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Certificate serial: 019427B55F1835699624A43BDFE6AF47A817
Authority key identifier: 4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/kzJROGRJyZHBGTjoX7TVF70t_uI.roa
Signing time: Thu 02 Jan 2025 15:49:45 +0000
ROA not before: Thu 02 Jan 2025 15:49:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208796
IP address blocks: 2a10:4646:270::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:5f:18:35:69:96:24:a4:3b:df:e6:af:47:a8:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Validity
Not Before: Jan 2 15:49:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=933251386449c991c11938e85fb4d517bd2dfee2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a3:e9:63:92:37:67:da:28:65:30:24:18:e2:
09:aa:65:db:74:61:90:bc:13:44:df:13:ba:a9:e0:
49:26:32:8e:62:5d:cc:68:0b:7f:0e:88:9e:54:a0:
6a:e7:38:18:9b:5d:06:6e:8a:2b:e4:04:4e:5c:eb:
46:c0:bd:e6:68:ee:db:7a:85:2a:05:25:8d:4e:33:
6a:01:5d:87:2d:e0:15:66:aa:3b:c9:b9:69:07:16:
2b:fa:e2:c5:ce:b3:b2:6f:7e:0f:70:84:b5:e1:1c:
89:03:91:e6:83:c1:74:da:34:5a:c2:81:43:ce:fb:
db:ff:3a:8f:22:f7:c7:9b:fd:c8:13:fd:10:fb:1b:
b1:58:cb:ef:57:28:1d:10:81:ff:fe:e9:0b:0e:6e:
48:d0:e0:25:28:84:17:4e:60:a7:fd:cf:30:d3:05:
f5:c6:b6:5f:56:84:ee:be:4a:94:1d:55:a2:c1:b7:
e7:2c:99:9e:08:af:53:99:93:cd:da:39:43:b6:3b:
fa:54:18:ad:b0:0d:7e:f3:19:60:09:53:47:cd:05:
c7:f7:e0:bc:78:cd:4e:b6:30:01:7e:c7:18:bb:6b:
57:71:97:ef:2c:ec:25:85:33:03:84:a7:b3:b2:e4:
25:e1:dc:33:58:2c:ff:f7:46:05:7e:3b:67:39:cc:
a9:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:32:51:38:64:49:C9:91:C1:19:38:E8:5F:B4:D5:17:BD:2D:FE:E2
X509v3 Authority Key Identifier:
keyid:4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/kzJROGRJyZHBGTjoX7TVF70t_uI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:4646:270::/44
Signature Algorithm: sha256WithRSAEncryption
7a:f2:a8:24:44:73:e1:31:c1:0b:57:ed:e8:a3:97:4e:3e:c2:
29:6b:48:60:16:ef:43:a0:c2:01:a3:77:4e:f6:1f:73:bd:00:
fc:1c:da:78:bb:bd:29:fd:ed:57:82:02:f8:6a:56:f2:8c:0a:
46:66:28:f3:21:34:31:30:b9:85:a8:aa:93:eb:ef:a3:d6:09:
71:f2:0b:8d:10:ff:dd:b9:59:9f:a1:e8:4f:f4:af:57:b2:b3:
2b:ab:0b:55:b9:03:55:2c:b5:90:bf:5d:c3:a2:ac:b2:07:f6:
66:67:cf:11:ff:42:2b:5a:97:c2:2e:63:6d:de:03:c4:f7:9a:
4e:d5:13:99:77:cf:ea:7c:b1:50:23:5e:22:a3:c3:28:84:20:
c1:3d:19:e9:53:79:63:db:f1:47:1c:cc:b5:c6:8f:79:5e:75:
20:77:ce:77:09:1a:aa:94:45:bc:e5:26:26:8f:a5:99:77:40:
3e:3f:38:c5:a8:99:4d:11:9c:1b:18:57:70:ac:20:95:8d:17:
27:9e:a0:a8:6e:3e:c0:bd:89:8e:24:5c:3d:78:20:89:0f:5a:
3f:15:87:98:d7:79:38:2d:80:bd:cb:ed:9a:1b:87:e2:57:2f:
22:cc:4f:52:78:8b:c7:2a:df:e8:99:ee:11:57:63:78:e7:56:
16:71:5a:6f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQntV8YNWmWJKQ73+avR6gXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNmQyODE3NDkxZGQyY2QwNjc4MDY4ZTM1YTllZmM2ODY2
N2RmMDIwHhcNMjUwMTAyMTU0OTQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzMyNTEzODY0NDljOTkxYzExOTM4ZTg1ZmI0ZDUxN2JkMmRmZWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqPpY5I3Z9ooZTAkGOIJqmXbdGGQ
vBNE3xO6qeBJJjKOYl3MaAt/DoieVKBq5zgYm10Gboor5AROXOtGwL3maO7beoUq
BSWNTjNqAV2HLeAVZqo7yblpBxYr+uLFzrOyb34PcIS14RyJA5Hmg8F02jRawoFD
zvvb/zqPIvfHm/3IE/0Q+xuxWMvvVygdEIH//ukLDm5I0OAlKIQXTmCn/c8w0wX1
xrZfVoTuvkqUHVWiwbfnLJmeCK9TmZPN2jlDtjv6VBitsA1+8xlgCVNHzQXH9+C8
eM1OtjABfscYu2tXcZfvLOwlhTMDhKezsuQl4dwzWCz/90YFfjtnOcypWQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJMyUThkScmRwRk46F+01Re9Lf7iMB8GA1UdIwQY
MBaAFEptKBdJHdLNBngGjjWp78aGZ98CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMt
YWU5MjgzZTc5NjRlLzEva3pKUk9HUkp5WkhCR1Rqb1g3VFZGNzB0X3VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMtYWU5MjgzZTc5NjRl
LzEvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhBGRgJw
MA0GCSqGSIb3DQEBCwUAA4IBAQB68qgkRHPhMcELV+3oo5dOPsIpa0hgFu9DoMIB
o3dO9h9zvQD8HNp4u70p/e1XggL4albyjApGZijzITQxMLmFqKqT6++j1glx8guN
EP/duVmfoehP9K9XsrMrqwtVuQNVLLWQv13DoqyyB/ZmZ88R/0IrWpfCLmNt3gPE
95pO1ROZd8/qfLFQI14io8MohCDBPRnpU3lj2/FHHMy1xo95XnUgd853CRqqlEW8
5SYmj6WZd0A+PzjFqJlNEZwbGFdwrCCVjRcnnqCobj7AvYmOJFw9eCCJD1o/FYeY
13k4LYC9y+2aG4fiVy8izE9SeIvHKt/ome4RV2N451YWcVpv
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:37:46 2025 by rpki-client