Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/Zu89JCX9Tcb6xew2WTlyJUrYtOw.roa
File: Zu89JCX9Tcb6xew2WTlyJUrYtOw.roa (raw, json)
Hash identifier: 2rQpqBYCq0/WRNJMPnYiUAQVrMdBa7IxcJhWDU8Wwv8=
Subject key identifier: 66:EF:3D:24:25:FD:4D:C6:FA:C5:EC:36:59:39:72:25:4A:D8:B4:EC
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 01942067C0E0D934A815C052BDB1A2F3D0F5
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/Zu89JCX9Tcb6xew2WTlyJUrYtOw.roa
Signing time: Wed 01 Jan 2025 05:47:37 +0000
ROA not before: Wed 01 Jan 2025 05:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15398
IP address blocks: 2001:918:ff5d::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:c0:e0:d9:34:a8:15:c0:52:bd:b1:a2:f3:d0:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 05:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=66ef3d2425fd4dc6fac5ec36593972254ad8b4ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:aa:9e:a8:ff:d2:10:23:0c:53:d2:ca:d4:cc:
12:b1:4e:a2:54:59:bd:7a:35:a5:3c:e5:63:43:5b:
f8:cb:30:ca:6c:01:9c:87:65:b7:ef:20:60:01:ca:
49:44:a5:34:a2:ed:c3:df:e2:04:96:af:23:16:01:
d2:a5:0f:90:6b:2a:a4:40:ab:34:e9:b5:30:e6:9a:
81:c8:1a:97:65:ce:63:48:4d:68:dc:8f:d2:4d:5b:
68:69:be:3c:0a:06:0e:77:97:62:63:1a:d5:9c:cc:
9e:f8:c5:24:86:34:9d:35:e3:2b:43:c3:38:6e:19:
0b:f6:92:0f:f6:db:3d:4b:b6:32:53:3c:4b:ff:37:
49:ad:a4:da:a1:e5:a0:99:d6:72:6a:fa:08:84:6f:
ba:f6:74:d7:68:81:da:ae:88:21:1a:38:9f:78:db:
c5:f3:d9:31:10:46:e9:e2:94:23:6e:c2:91:63:9d:
a6:f5:17:d1:bf:b8:7d:56:a4:b1:89:a4:d9:e4:ac:
38:70:88:8a:55:d9:a6:63:02:c1:2d:95:6f:93:79:
d2:1f:b3:5a:d5:df:99:d8:fe:5b:8a:5a:4b:89:2f:
9a:64:87:70:4b:fb:a8:a8:ce:78:24:10:88:40:bb:
dc:6f:e7:d5:2f:9f:96:f5:6c:f4:2e:86:4c:07:e0:
3c:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:EF:3D:24:25:FD:4D:C6:FA:C5:EC:36:59:39:72:25:4A:D8:B4:EC
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/Zu89JCX9Tcb6xew2WTlyJUrYtOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:918:ff5d::/48
Signature Algorithm: sha256WithRSAEncryption
90:b2:74:ce:90:67:9e:92:ae:2f:4b:4b:9d:d5:f4:32:b3:0e:
8b:aa:a7:76:bf:07:7d:b0:4b:be:cc:bd:ef:33:4e:ea:99:e4:
59:73:b5:b2:66:06:bd:19:28:d6:c4:e5:9d:81:2c:f2:8a:97:
b7:eb:7b:b7:c5:30:23:3e:e3:e2:69:b6:4f:7e:5b:83:e4:bb:
95:b0:18:f0:e8:ce:09:da:6e:6a:ae:5e:f7:3a:95:a6:1c:66:
ac:f1:5c:70:f0:c1:b3:38:ca:ee:7c:fd:23:1a:ec:40:40:69:
a7:ef:7e:9c:76:b4:07:e6:a6:66:53:8f:cd:cd:6d:77:fe:a2:
60:a9:ef:87:81:a9:ad:57:bc:52:cb:d2:05:dd:d9:28:e3:15:
4a:38:d3:2d:27:51:05:50:4c:9f:a6:0e:bf:10:11:89:06:31:
18:36:a1:19:ed:67:3d:af:6f:ef:9a:e6:b5:a9:d7:a0:a3:57:
15:99:57:b7:46:6e:a6:88:1c:c6:fb:db:a3:87:c5:2a:7d:10:
33:4e:19:79:ae:07:f2:e0:98:92:67:5f:b9:93:91:f6:3e:70:
54:69:ed:58:ed:33:ae:03:c7:3a:fd:56:93:9a:ba:40:79:68:
11:4f:cf:82:98:81:f7:45:26:0a:2e:bb:0a:7d:bb:18:eb:7c:
3e:81:d9:08
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQgZ8Dg2TSoFcBSvbGi89D1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjUwMTAxMDU0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmVmM2QyNDI1ZmQ0ZGM2ZmFjNWVjMzY1OTM5NzIyNTRhZDhiNGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqqeqP/SECMMU9LK1MwSsU6iVFm9
ejWlPOVjQ1v4yzDKbAGch2W37yBgAcpJRKU0ou3D3+IElq8jFgHSpQ+QayqkQKs0
6bUw5pqByBqXZc5jSE1o3I/STVtoab48CgYOd5diYxrVnMye+MUkhjSdNeMrQ8M4
bhkL9pIP9ts9S7YyUzxL/zdJraTaoeWgmdZyavoIhG+69nTXaIHaroghGjifeNvF
89kxEEbp4pQjbsKRY52m9RfRv7h9VqSxiaTZ5Kw4cIiKVdmmYwLBLZVvk3nSH7Na
1d+Z2P5bilpLiS+aZIdwS/uoqM54JBCIQLvcb+fVL5+W9Wz0LoZMB+A84QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGbvPSQl/U3G+sXsNlk5ciVK2LTsMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvWnU4OUpDWDlUY2I2eGV3MldUbHlKVXJZdE93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEJGP9d
MA0GCSqGSIb3DQEBCwUAA4IBAQCQsnTOkGeekq4vS0ud1fQysw6Lqqd2vwd9sEu+
zL3vM07qmeRZc7WyZga9GSjWxOWdgSzyipe363u3xTAjPuPiabZPfluD5LuVsBjw
6M4J2m5qrl73OpWmHGas8Vxw8MGzOMrufP0jGuxAQGmn736cdrQH5qZmU4/NzW13
/qJgqe+HgamtV7xSy9IF3dko4xVKONMtJ1EFUEyfpg6/EBGJBjEYNqEZ7Wc9r2/v
mua1qdego1cVmVe3Rm6miBzG+9ujh8UqfRAzThl5rgfy4JiSZ1+5k5H2PnBUae1Y
7TOuA8c6/VaTmrpAeWgRT8+CmIH3RSYKLrsKfbsY63w+gdkI
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:44:12 2025 by rpki-client