Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/776681-b5ee-430f-8693-101abd7391a6/1/Z9hqFRirUe4P1_J6cnVrlFkJUwM.roa
File: Z9hqFRirUe4P1_J6cnVrlFkJUwM.roa (raw, json)
Hash identifier: 1rB513D+oaDkVMZd5WQl+V38WfLdjvRgbt7ShIhiM3k=
Subject key identifier: 67:D8:6A:15:18:AB:51:EE:0F:D7:F2:7A:72:75:6B:94:59:09:53:03
Certificate issuer: /CN=8bb1308c6a977d5cb903bf25a96308b0e8ce3b46
Certificate serial: 01955368EC27B8935DFC6E34FAF858691B07
Authority key identifier: 8B:B1:30:8C:6A:97:7D:5C:B9:03:BF:25:A9:63:08:B0:E8:CE:3B:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i7EwjGqXfVy5A78lqWMIsOjOO0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/776681-b5ee-430f-8693-101abd7391a6/1/Z9hqFRirUe4P1_J6cnVrlFkJUwM.roa
Signing time: Sat 01 Mar 2025 20:32:19 +0000
ROA not before: Sat 01 Mar 2025 20:32:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207787
IP address blocks: 2a0e:2940::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:53:68:ec:27:b8:93:5d:fc:6e:34:fa:f8:58:69:1b:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bb1308c6a977d5cb903bf25a96308b0e8ce3b46
Validity
Not Before: Mar 1 20:32:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67d86a1518ab51ee0fd7f27a72756b9459095303
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:a9:fc:f3:83:3f:2e:f8:4b:4c:35:23:66:44:
62:a3:5e:5d:42:af:2c:bf:c7:9d:e9:79:e4:e1:fd:
e8:58:de:bd:73:07:8c:96:d2:0a:93:1a:a8:f4:6b:
fc:16:14:0d:5b:59:85:be:7f:58:2d:9e:18:4c:13:
f6:a3:54:52:a7:75:24:f5:39:83:28:06:8b:9c:7a:
c9:20:fa:8b:d7:20:bc:e8:79:3c:ae:fe:58:93:82:
da:84:f2:1c:46:8b:d8:9d:cc:05:e4:8d:aa:bd:7c:
66:73:94:0f:e0:11:a0:1e:18:aa:99:0d:68:88:8f:
6c:bd:86:b0:5e:3f:9f:5d:bd:ff:23:66:ab:50:c0:
71:eb:ba:df:84:11:50:73:72:8f:37:a7:79:58:e2:
2c:b2:70:78:51:95:0d:e9:96:da:4d:1d:5f:28:92:
32:3f:67:0b:3d:cc:47:c2:76:ca:e6:6e:34:91:b4:
b6:13:29:a6:1b:e5:30:0e:9f:e9:68:68:78:b7:cd:
56:86:6b:00:c8:13:27:c6:ee:64:4c:fc:a9:fd:21:
57:f2:f9:b7:4d:4a:e9:f8:5f:e0:46:f6:3a:9c:be:
24:18:38:eb:f5:26:e0:fd:df:e6:d7:80:a9:aa:88:
3c:e2:36:b9:36:b3:84:59:a3:4a:83:c9:7c:6a:ea:
c9:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:D8:6A:15:18:AB:51:EE:0F:D7:F2:7A:72:75:6B:94:59:09:53:03
X509v3 Authority Key Identifier:
keyid:8B:B1:30:8C:6A:97:7D:5C:B9:03:BF:25:A9:63:08:B0:E8:CE:3B:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i7EwjGqXfVy5A78lqWMIsOjOO0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/776681-b5ee-430f-8693-101abd7391a6/1/Z9hqFRirUe4P1_J6cnVrlFkJUwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/776681-b5ee-430f-8693-101abd7391a6/1/i7EwjGqXfVy5A78lqWMIsOjOO0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:2940::/29
Signature Algorithm: sha256WithRSAEncryption
3c:77:02:ff:4c:44:be:f3:8a:e6:32:f1:76:b9:cf:0d:24:76:
ec:1d:5a:95:c0:0c:ec:5d:c3:a0:8e:fa:4e:4b:e2:d3:8a:92:
30:39:57:66:ac:32:3d:03:b9:2d:57:5a:23:14:57:4c:7e:52:
22:8e:38:d8:c8:0d:54:5f:fb:5b:40:c8:17:17:91:b5:d2:39:
c0:55:05:8e:1e:ac:19:03:e8:82:9e:c2:73:09:39:0a:1a:11:
e0:6e:8b:56:0f:cf:ff:bd:a9:a7:31:a4:2f:2c:da:91:3f:80:
64:97:af:4a:d9:04:03:86:ca:7a:67:63:8a:07:3e:d2:37:a9:
cd:58:b6:9e:10:7f:e9:95:0a:f5:95:16:ec:0b:79:94:fc:a0:
6f:a8:5d:ef:10:ae:28:04:b5:eb:cc:e2:17:dc:a6:c4:ae:18:
61:5e:4c:76:70:f7:79:94:87:c6:1a:11:60:9d:9c:12:5d:43:
09:f2:58:84:b3:4a:25:22:3c:56:95:03:67:0a:7e:00:6b:54:
66:9a:2b:ee:ef:3d:4d:ac:e6:b6:37:03:26:f6:7e:99:56:eb:
e4:06:59:00:e1:28:52:35:29:a9:fb:c4:7d:3d:44:0a:34:4f:
9f:16:ed:41:45:a8:b1:07:e1:4a:50:7e:14:23:aa:07:05:42:
8e:4c:6b:a2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZVTaOwnuJNd/G40+vhYaRsHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYjEzMDhjNmE5NzdkNWNiOTAzYmYyNWE5NjMwOGIwZThj
ZTNiNDYwHhcNMjUwMzAxMjAzMjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2Q4NmExNTE4YWI1MWVlMGZkN2YyN2E3Mjc1NmI5NDU5MDk1MzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA46n884M/LvhLTDUjZkRio15dQq8s
v8ed6Xnk4f3oWN69cweMltIKkxqo9Gv8FhQNW1mFvn9YLZ4YTBP2o1RSp3Uk9TmD
KAaLnHrJIPqL1yC86Hk8rv5Yk4LahPIcRovYncwF5I2qvXxmc5QP4BGgHhiqmQ1o
iI9svYawXj+fXb3/I2arUMBx67rfhBFQc3KPN6d5WOIssnB4UZUN6ZbaTR1fKJIy
P2cLPcxHwnbK5m40kbS2EymmG+UwDp/paGh4t81WhmsAyBMnxu5kTPyp/SFX8vm3
TUrp+F/gRvY6nL4kGDjr9Sbg/d/m14Cpqog84ja5NrOEWaNKg8l8aurJowIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGfYahUYq1HuD9fyenJ1a5RZCVMDMB8GA1UdIwQY
MBaAFIuxMIxql31cuQO/JaljCLDozjtGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTdFd2pHcVhmVnk1QTc4bHFXTUlzT2pPTzBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy83NzY2ODEtYjVlZS00MzBmLTg2OTMt
MTAxYWJkNzM5MWE2LzEvWjlocUZSaXJVZTRQMV9KNmNuVnJsRmtKVXdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy83NzY2ODEtYjVlZS00MzBmLTg2OTMtMTAxYWJkNzM5MWE2
LzEvaTdFd2pHcVhmVnk1QTc4bHFXTUlzT2pPTzBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg4pQDAN
BgkqhkiG9w0BAQsFAAOCAQEAPHcC/0xEvvOK5jLxdrnPDSR27B1alcAM7F3DoI76
Tkvi04qSMDlXZqwyPQO5LVdaIxRXTH5SIo442MgNVF/7W0DIFxeRtdI5wFUFjh6s
GQPogp7Ccwk5ChoR4G6LVg/P/72ppzGkLyzakT+AZJevStkEA4bKemdjigc+0jep
zVi2nhB/6ZUK9ZUW7At5lPygb6hd7xCuKAS168ziF9ymxK4YYV5MdnD3eZSHxhoR
YJ2cEl1DCfJYhLNKJSI8VpUDZwp+AGtUZpor7u89TazmtjcDJvZ+mVbr5AZZAOEo
UjUpqfvEfT1ECjRPnxbtQUWosQfhSlB+FCOqBwVCjkxrog==
-----END CERTIFICATE-----
Generated at Thu Apr 10 13:39:47 2025 by rpki-client