Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2607fb-6b84-456e-aa09-9d8bc8115f68/1/zXuMw5yQJF8hXAAuz5MdQ8rQoCM.roa
File: zXuMw5yQJF8hXAAuz5MdQ8rQoCM.roa (raw, json)
Hash identifier: rcm6PIZVaxPM8C0GOLUpEptbl1B+V7MuA42ka2YFqQU=
Subject key identifier: CD:7B:8C:C3:9C:90:24:5F:21:5C:00:2E:CF:93:1D:43:CA:D0:A0:23
Certificate issuer: /CN=04d3c5de9ff3cce131c8bfcdcce333947d92635e
Certificate serial: 0194F9FA109866122441C69A421BEEAF41E7
Authority key identifier: 04:D3:C5:DE:9F:F3:CC:E1:31:C8:BF:CD:CC:E3:33:94:7D:92:63:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BNPF3p_zzOExyL_NzOMzlH2SY14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2607fb-6b84-456e-aa09-9d8bc8115f68/1/zXuMw5yQJF8hXAAuz5MdQ8rQoCM.roa
Signing time: Wed 12 Feb 2025 11:45:02 +0000
ROA not before: Wed 12 Feb 2025 11:45:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207459
IP address blocks: 2a14:4e40::/64 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f9:fa:10:98:66:12:24:41:c6:9a:42:1b:ee:af:41:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04d3c5de9ff3cce131c8bfcdcce333947d92635e
Validity
Not Before: Feb 12 11:45:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd7b8cc39c90245f215c002ecf931d43cad0a023
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a4:cb:71:a0:cd:7a:c8:a1:f7:b2:75:79:70:
33:d0:7b:f2:87:5e:5f:4a:e5:af:bb:a2:af:44:a5:
40:f9:11:fc:d4:c9:9c:42:f8:0a:c0:b9:17:30:57:
31:01:a5:22:33:5e:e2:10:52:a9:6c:4c:65:5c:e1:
b6:25:3e:7e:4b:41:9a:fd:19:c5:67:f6:50:67:39:
5e:98:8f:e0:01:db:69:0d:3d:94:df:b9:26:2c:7a:
40:40:b1:e8:d5:40:fa:b8:af:d6:7b:f3:40:76:80:
8f:90:eb:b5:97:ee:2f:1d:e9:0d:e8:52:ee:35:f9:
89:3e:58:2b:cc:fa:e3:6f:69:2d:70:82:c5:64:36:
25:39:91:32:e7:26:9f:af:92:3c:af:ab:1b:87:d0:
50:13:4d:f0:f2:0e:dc:71:d7:6d:5f:4d:dc:59:47:
fa:95:12:16:c5:9d:50:65:12:ba:32:37:17:fc:da:
2c:a1:8c:df:c7:0d:fd:ef:81:70:c8:6d:9b:a7:a0:
75:9a:28:49:bc:3c:d1:03:e2:93:de:05:cb:3c:23:
4d:a7:f5:9c:3d:3e:b7:68:37:51:3e:b6:5d:98:6b:
b3:de:20:32:99:0b:57:31:e9:70:ed:38:fb:03:ad:
be:ac:22:66:e0:27:38:a0:b1:7c:9a:16:3b:29:89:
c3:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:7B:8C:C3:9C:90:24:5F:21:5C:00:2E:CF:93:1D:43:CA:D0:A0:23
X509v3 Authority Key Identifier:
keyid:04:D3:C5:DE:9F:F3:CC:E1:31:C8:BF:CD:CC:E3:33:94:7D:92:63:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BNPF3p_zzOExyL_NzOMzlH2SY14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2607fb-6b84-456e-aa09-9d8bc8115f68/1/zXuMw5yQJF8hXAAuz5MdQ8rQoCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2607fb-6b84-456e-aa09-9d8bc8115f68/1/BNPF3p_zzOExyL_NzOMzlH2SY14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:4e40::/64
Signature Algorithm: sha256WithRSAEncryption
83:f9:33:28:fd:97:0e:fa:44:a3:e8:f3:6a:e1:1e:6b:03:87:
67:e4:7d:21:7c:df:4d:7c:e7:41:23:65:af:ad:3f:ef:c5:bc:
a4:f8:b2:78:4f:ba:6a:62:32:d9:0a:05:b6:ba:62:95:85:74:
20:a3:d9:84:0c:cc:1f:8f:49:b0:31:7f:c8:2e:64:bd:f0:37:
a6:34:f0:b7:b6:fa:e6:d8:63:94:a8:e1:1d:8a:27:75:20:8f:
45:82:dc:68:0d:fc:9b:f9:a3:eb:f1:1b:e8:52:98:8a:0a:02:
90:28:0e:d1:c4:f4:8f:dc:72:b8:5d:76:49:5b:9d:1f:3b:79:
72:c7:0d:15:77:0d:d8:0e:90:df:a6:08:72:09:0d:62:66:61:
67:8c:45:9d:b5:f2:09:cf:9c:30:70:1f:1c:ad:56:e4:c0:9b:
1b:4a:52:e8:3a:07:fd:da:c4:3e:94:3f:bf:2d:3e:93:74:6e:
cb:d9:ad:58:66:ef:20:fb:8b:fb:90:fd:5a:db:a7:31:30:84:
19:e9:dd:62:af:00:33:95:5f:32:dd:77:21:c7:ea:c1:34:d2:
0c:e2:e4:b9:6f:f2:2d:5d:bc:7f:cb:ca:7e:63:79:fa:e2:ac:
7f:ef:7e:95:ae:cd:ff:d5:25:4e:8b:92:3b:6f:13:4f:13:66:
5a:dd:cc:de
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAZT5+hCYZhIkQcaaQhvur0HnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0ZDNjNWRlOWZmM2NjZTEzMWM4YmZjZGNjZTMzMzk0N2Q5
MjYzNWUwHhcNMjUwMjEyMTE0NTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDdiOGNjMzljOTAyNDVmMjE1YzAwMmVjZjkzMWQ0M2NhZDBhMDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaTLcaDNesih97J1eXAz0Hvyh15f
SuWvu6KvRKVA+RH81MmcQvgKwLkXMFcxAaUiM17iEFKpbExlXOG2JT5+S0Ga/RnF
Z/ZQZzlemI/gAdtpDT2U37kmLHpAQLHo1UD6uK/We/NAdoCPkOu1l+4vHekN6FLu
NfmJPlgrzPrjb2ktcILFZDYlOZEy5yafr5I8r6sbh9BQE03w8g7ccddtX03cWUf6
lRIWxZ1QZRK6MjcX/NosoYzfxw3974FwyG2bp6B1mihJvDzRA+KT3gXLPCNNp/Wc
PT63aDdRPrZdmGuz3iAymQtXMelw7Tj7A62+rCJm4Cc4oLF8mhY7KYnDLwIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFM17jMOckCRfIVwALs+THUPK0KAjMB8GA1UdIwQY
MBaAFATTxd6f88zhMci/zczjM5R9kmNeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk5QRjNwX3p6T0V4eUxfTnpPTXpsSDJTWTE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yNjA3ZmItNmI4NC00NTZlLWFhMDkt
OWQ4YmM4MTE1ZjY4LzEvelh1TXc1eVFKRjhoWEFBdXo1TWRROHJRb0NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8yNjA3ZmItNmI4NC00NTZlLWFhMDktOWQ4YmM4MTE1ZjY4
LzEvQk5QRjNwX3p6T0V4eUxfTnpPTXpsSDJTWTE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAAjALAwkAKhROQAAA
AAAwDQYJKoZIhvcNAQELBQADggEBAIP5Myj9lw76RKPo82rhHmsDh2fkfSF83018
50EjZa+tP+/FvKT4snhPumpiMtkKBba6YpWFdCCj2YQMzB+PSbAxf8guZL3wN6Y0
8Le2+ubYY5So4R2KJ3Ugj0WC3GgN/Jv5o+vxG+hSmIoKApAoDtHE9I/ccrhddklb
nR87eXLHDRV3DdgOkN+mCHIJDWJmYWeMRZ218gnPnDBwHxytVuTAmxtKUug6B/3a
xD6UP78tPpN0bsvZrVhm7yD7i/uQ/VrbpzEwhBnp3WKvADOVXzLddyHH6sE00gzi
5Llv8i1dvH/Lyn5jefrirH/vfpWuzf/VJU6LkjtvE08TZlrdzN4=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:55:26 2025 by rpki-client