Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/7cf42e-2ae8-4f13-a0c4-4e1fb76c847a/1/ZCwrk3DUvn-uZjo3WgvhoOWpHv0.roa
File: ZCwrk3DUvn-uZjo3WgvhoOWpHv0.roa (raw, json)
Hash identifier: AtdbQHHLI0H407seskZvbBq2HBK/6vTqf2YFUILBHxY=
Subject key identifier: 64:2C:2B:93:70:D4:BE:7F:AE:66:3A:37:5A:0B:E1:A0:E5:A9:1E:FD
Certificate issuer: /CN=4a6376ce92087e4c7ce536686537769e2cc34059
Certificate serial: 019424B2D495ED59480F7D61E9E5684D0A11
Authority key identifier: 4A:63:76:CE:92:08:7E:4C:7C:E5:36:68:65:37:76:9E:2C:C3:40:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmN2zpIIfkx85TZoZTd2nizDQFk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/7cf42e-2ae8-4f13-a0c4-4e1fb76c847a/1/ZCwrk3DUvn-uZjo3WgvhoOWpHv0.roa
Signing time: Thu 02 Jan 2025 01:48:07 +0000
ROA not before: Thu 02 Jan 2025 01:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12843
IP address blocks: 2001:678:490::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:d4:95:ed:59:48:0f:7d:61:e9:e5:68:4d:0a:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a6376ce92087e4c7ce536686537769e2cc34059
Validity
Not Before: Jan 2 01:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=642c2b9370d4be7fae663a375a0be1a0e5a91efd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:28:c9:e4:0d:5a:41:19:9f:60:0b:fd:39:ef:
b6:86:a8:84:73:75:03:42:92:1a:05:ad:f2:46:0f:
6e:e9:19:fb:d1:76:8c:0e:3f:00:0a:4b:98:2d:6d:
da:1c:26:4e:1c:6e:9f:5d:28:9a:76:4d:51:59:ab:
f5:a5:c4:1e:31:e1:ad:c6:0a:74:08:56:4c:c1:1e:
77:36:75:ca:b8:7b:06:f5:33:49:d0:65:97:90:74:
8f:7a:d2:aa:50:64:8f:1d:f4:59:7e:d4:f7:6d:ef:
56:84:0f:75:be:3f:a5:91:06:f1:8d:f5:b5:ba:f6:
87:65:28:ca:52:e7:11:74:cb:a5:09:47:c9:a2:0a:
2f:dd:b6:07:e2:d3:90:a3:d9:6b:ed:3c:6f:6d:6d:
0f:79:4e:00:53:3e:c3:a0:18:8b:e7:7e:c0:4c:23:
a1:c2:63:a1:09:de:29:49:c5:02:16:47:c7:e3:da:
b8:ed:37:39:c5:f8:49:ce:70:00:ab:ea:1f:84:77:
39:59:e8:26:e0:bd:ae:95:5e:0e:ec:fc:3f:96:47:
30:bf:de:6c:2c:17:3e:23:c6:17:0c:24:7e:f9:aa:
e8:6f:45:27:ae:9f:4a:bf:ff:c8:23:9c:c8:28:02:
76:1a:83:b4:51:f6:ab:92:90:2f:50:47:87:c1:cd:
15:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:2C:2B:93:70:D4:BE:7F:AE:66:3A:37:5A:0B:E1:A0:E5:A9:1E:FD
X509v3 Authority Key Identifier:
keyid:4A:63:76:CE:92:08:7E:4C:7C:E5:36:68:65:37:76:9E:2C:C3:40:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmN2zpIIfkx85TZoZTd2nizDQFk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/7cf42e-2ae8-4f13-a0c4-4e1fb76c847a/1/ZCwrk3DUvn-uZjo3WgvhoOWpHv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/7cf42e-2ae8-4f13-a0c4-4e1fb76c847a/1/SmN2zpIIfkx85TZoZTd2nizDQFk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:490::/48
Signature Algorithm: sha256WithRSAEncryption
ad:87:74:59:e7:ce:8e:7c:0d:d0:78:3d:3f:f6:b6:3d:4f:f0:
17:7f:f7:f9:72:fd:d8:c6:15:35:82:d5:10:f2:55:9b:62:24:
c8:cb:33:ff:7f:2c:7f:da:b9:1e:ec:52:33:ce:75:3a:2a:89:
01:5c:65:59:03:80:51:58:7e:6d:17:ce:88:b6:4b:47:ff:52:
03:3e:90:4b:a1:6e:34:b3:99:80:65:46:6a:b9:dd:b5:12:1f:
ce:89:d2:1f:01:f8:da:d6:fd:aa:de:aa:c0:ed:d0:27:b4:51:
1b:57:93:a3:eb:8f:53:db:9f:50:a7:9d:c9:30:ad:57:4a:a9:
dc:98:16:d4:7e:3c:e6:35:35:db:b6:cf:27:8d:3c:3b:45:13:
d1:1b:12:b3:f5:5f:0c:3c:bf:df:55:d1:0c:65:5a:7b:62:cb:
22:95:e7:42:1f:3e:da:06:5d:04:c3:70:e9:1e:38:55:e6:49:
4a:be:c1:6a:82:92:f7:08:61:95:08:62:13:25:4b:77:15:f0:
bc:23:ca:db:5d:57:9c:6f:71:d3:1d:9f:a9:23:8e:52:cd:c3:
8c:26:0a:e8:3e:2e:4e:67:03:96:eb:57:86:ab:f5:14:19:c0:
5b:fc:13:07:89:a5:f0:35:ea:d5:80:52:47:1e:a3:0d:32:fe:
cd:6a:72:00
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQkstSV7VlID31h6eVoTQoRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjM3NmNlOTIwODdlNGM3Y2U1MzY2ODY1Mzc3NjllMmNj
MzQwNTkwHhcNMjUwMTAyMDE0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDJjMmI5MzcwZDRiZTdmYWU2NjNhMzc1YTBiZTFhMGU1YTkxZWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9SjJ5A1aQRmfYAv9Oe+2hqiEc3UD
QpIaBa3yRg9u6Rn70XaMDj8ACkuYLW3aHCZOHG6fXSiadk1RWav1pcQeMeGtxgp0
CFZMwR53NnXKuHsG9TNJ0GWXkHSPetKqUGSPHfRZftT3be9WhA91vj+lkQbxjfW1
uvaHZSjKUucRdMulCUfJogov3bYH4tOQo9lr7TxvbW0PeU4AUz7DoBiL537ATCOh
wmOhCd4pScUCFkfH49q47Tc5xfhJznAAq+ofhHc5Wegm4L2ulV4O7Pw/lkcwv95s
LBc+I8YXDCR++arob0Unrp9Kv//II5zIKAJ2GoO0UfarkpAvUEeHwc0VpQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGQsK5Nw1L5/rmY6N1oL4aDlqR79MB8GA1UdIwQY
MBaAFEpjds6SCH5MfOU2aGU3dp4sw0BZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21OMnpwSUlma3g4NVRab1pUZDJuaXpEUUZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS83Y2Y0MmUtMmFlOC00ZjEzLWEwYzQt
NGUxZmI3NmM4NDdhLzEvWkN3cmszRFV2bi11WmpvM1dndmhvT1dwSHYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS83Y2Y0MmUtMmFlOC00ZjEzLWEwYzQtNGUxZmI3NmM4NDdh
LzEvU21OMnpwSUlma3g4NVRab1pUZDJuaXpEUUZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeASQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCth3RZ586OfA3QeD0/9rY9T/AXf/f5cv3YxhU1
gtUQ8lWbYiTIyzP/fyx/2rke7FIzznU6KokBXGVZA4BRWH5tF86ItktH/1IDPpBL
oW40s5mAZUZqud21Eh/OidIfAfja1v2q3qrA7dAntFEbV5Oj649T259Qp53JMK1X
SqncmBbUfjzmNTXbts8njTw7RRPRGxKz9V8MPL/fVdEMZVp7YssiledCHz7aBl0E
w3DpHjhV5klKvsFqgpL3CGGVCGITJUt3FfC8I8rbXVecb3HTHZ+pI45SzcOMJgro
Pi5OZwOW61eGq/UUGcBb/BMHiaXwNerVgFJHHqMNMv7NanIA
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:46:13 2025 by rpki-client