Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/a13c40-dc67-423c-979e-2fad9a2fc3ef/1/ZRn8_lnFsXvgqivcUn4eIrUv-Ic.roa
File: ZRn8_lnFsXvgqivcUn4eIrUv-Ic.roa (raw, json)
Hash identifier: ViUiWV5ebu4waGuKqQE1IWidKaFMMzGFtUARe3tVsh4=
Subject key identifier: 65:19:FC:FE:59:C5:B1:7B:E0:AA:2B:DC:52:7E:1E:22:B5:2F:F8:87
Certificate issuer: /CN=6b7d1f1e877c12798274e01334554f899f38eac1
Certificate serial: 019426D965EE37AB1DA849002A99459D66E3
Authority key identifier: 6B:7D:1F:1E:87:7C:12:79:82:74:E0:13:34:55:4F:89:9F:38:EA:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a30fHod8EnmCdOATNFVPiZ846sE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/a13c40-dc67-423c-979e-2fad9a2fc3ef/1/ZRn8_lnFsXvgqivcUn4eIrUv-Ic.roa
Signing time: Thu 02 Jan 2025 11:49:29 +0000
ROA not before: Thu 02 Jan 2025 11:49:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40970
IP address blocks: 2a0c:7100::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:65:ee:37:ab:1d:a8:49:00:2a:99:45:9d:66:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b7d1f1e877c12798274e01334554f899f38eac1
Validity
Not Before: Jan 2 11:49:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6519fcfe59c5b17be0aa2bdc527e1e22b52ff887
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:3d:54:92:a6:33:29:89:e8:eb:bb:d6:56:06:
59:9f:1c:50:83:88:9f:7f:13:a3:1e:03:37:6a:f6:
64:13:a6:32:09:d3:ac:42:37:6f:88:21:29:3e:d5:
2e:24:ac:5b:1e:51:06:48:a1:41:80:ae:86:46:56:
a0:fe:d5:fa:dc:c4:84:76:96:00:10:a0:02:13:c5:
2a:ea:ee:fc:59:f6:6f:bb:86:ba:c9:87:3e:27:5b:
a3:63:bb:ce:8c:9e:af:30:43:50:b3:a4:a7:12:e7:
f9:48:8d:d0:2b:d6:66:6d:c9:9d:f1:96:0d:77:55:
bf:22:6b:a9:be:d6:5e:ca:19:36:76:99:f6:b6:da:
47:12:eb:ed:2d:52:b7:37:b2:54:bf:15:5d:79:46:
bf:1a:b0:b9:d9:84:06:db:b9:0b:c9:7d:7a:e6:b2:
b8:15:11:01:65:52:76:3f:77:c6:53:dd:30:ad:eb:
c3:c8:71:d8:a7:72:c7:45:97:5c:d4:59:e4:5a:02:
35:0f:7d:d8:be:91:2a:87:23:d2:cd:d9:eb:dc:d2:
4e:10:c0:35:ea:e0:5f:11:6b:68:09:6f:f3:7d:bd:
e4:6b:f8:0e:fb:d1:f4:bd:43:a5:8d:30:64:d0:2e:
69:e7:4b:94:f7:fb:58:41:06:57:db:ce:fe:65:92:
a8:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:19:FC:FE:59:C5:B1:7B:E0:AA:2B:DC:52:7E:1E:22:B5:2F:F8:87
X509v3 Authority Key Identifier:
keyid:6B:7D:1F:1E:87:7C:12:79:82:74:E0:13:34:55:4F:89:9F:38:EA:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a30fHod8EnmCdOATNFVPiZ846sE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/a13c40-dc67-423c-979e-2fad9a2fc3ef/1/ZRn8_lnFsXvgqivcUn4eIrUv-Ic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/a13c40-dc67-423c-979e-2fad9a2fc3ef/1/a30fHod8EnmCdOATNFVPiZ846sE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:7100::/29
Signature Algorithm: sha256WithRSAEncryption
9e:08:9a:2f:d2:c7:18:6a:ff:35:0a:83:ee:bf:31:6a:d5:e1:
d1:cb:7b:d2:68:dc:5a:94:76:17:0e:09:cd:07:1f:e4:db:d0:
34:0c:81:b1:93:e8:f3:bc:b2:f8:f4:f2:8a:d6:65:79:81:89:
2c:96:c6:b1:54:fa:19:4b:c7:b7:92:58:66:bd:4c:a5:fc:14:
e1:4b:5e:f5:e6:e5:8e:42:f5:53:05:57:75:e5:b8:5f:35:43:
59:75:9f:fa:82:d4:88:e1:e2:fd:57:ec:98:3f:f0:04:a0:04:
21:21:b6:b3:76:13:54:55:cd:0d:5c:4f:6e:31:be:1b:35:ce:
f8:5f:7f:14:b5:fd:16:d7:b7:7c:db:3b:1a:6c:cb:a8:35:a0:
5a:27:84:b4:60:1a:f0:f8:a7:f9:52:71:cc:18:5d:83:3d:99:
43:2f:2e:74:09:ef:6f:80:b6:a1:49:16:4f:b7:70:ee:c4:c4:
83:7b:c7:97:5f:cc:0a:2e:a0:3d:3a:69:c8:d3:53:64:ab:c0:
fe:d7:ea:30:92:50:40:a7:9e:05:4f:3b:e6:a6:2b:3c:86:de:
f8:8b:1b:38:a5:85:bd:aa:64:19:3d:51:ee:6d:c4:73:8b:9c:
51:37:d6:0c:56:a1:b8:dd:fe:cd:34:ee:f7:12:cc:3d:40:69:
5f:6e:86:ea
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQm2WXuN6sdqEkAKplFnWbjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiN2QxZjFlODc3YzEyNzk4Mjc0ZTAxMzM0NTU0Zjg5OWYz
OGVhYzEwHhcNMjUwMTAyMTE0OTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTE5ZmNmZTU5YzViMTdiZTBhYTJiZGM1MjdlMWUyMmI1MmZmODg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4T1UkqYzKYno67vWVgZZnxxQg4if
fxOjHgM3avZkE6YyCdOsQjdviCEpPtUuJKxbHlEGSKFBgK6GRlag/tX63MSEdpYA
EKACE8Uq6u78WfZvu4a6yYc+J1ujY7vOjJ6vMENQs6SnEuf5SI3QK9Zmbcmd8ZYN
d1W/ImupvtZeyhk2dpn2ttpHEuvtLVK3N7JUvxVdeUa/GrC52YQG27kLyX165rK4
FREBZVJ2P3fGU90wrevDyHHYp3LHRZdc1FnkWgI1D33YvpEqhyPSzdnr3NJOEMA1
6uBfEWtoCW/zfb3ka/gO+9H0vUOljTBk0C5p50uU9/tYQQZX287+ZZKoGQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGUZ/P5ZxbF74Kor3FJ+HiK1L/iHMB8GA1UdIwQY
MBaAFGt9Hx6HfBJ5gnTgEzRVT4mfOOrBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTMwZkhvZDhFbm1DZE9BVE5GVlBpWjg0NnNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9hMTNjNDAtZGM2Ny00MjNjLTk3OWUt
MmZhZDlhMmZjM2VmLzEvWlJuOF9sbkZzWHZncWl2Y1VuNGVJclV2LUljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9hMTNjNDAtZGM2Ny00MjNjLTk3OWUtMmZhZDlhMmZjM2Vm
LzEvYTMwZkhvZDhFbm1DZE9BVE5GVlBpWjg0NnNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgxxADAN
BgkqhkiG9w0BAQsFAAOCAQEAngiaL9LHGGr/NQqD7r8xatXh0ct70mjcWpR2Fw4J
zQcf5NvQNAyBsZPo87yy+PTyitZleYGJLJbGsVT6GUvHt5JYZr1MpfwU4Ute9ebl
jkL1UwVXdeW4XzVDWXWf+oLUiOHi/VfsmD/wBKAEISG2s3YTVFXNDVxPbjG+GzXO
+F9/FLX9Fte3fNs7GmzLqDWgWieEtGAa8Pin+VJxzBhdgz2ZQy8udAnvb4C2oUkW
T7dw7sTEg3vHl1/MCi6gPTppyNNTZKvA/tfqMJJQQKeeBU875qYrPIbe+IsbOKWF
vapkGT1R7m3Ec4ucUTfWDFahuN3+zTTu9xLMPUBpX26G6g==
-----END CERTIFICATE-----
Generated at Tue Apr 8 13:06:36 2025 by rpki-client