Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/04f736-3713-40ba-8c08-9ae900df4f88/1/zSJ_P5pv1HzQ8hvu19sQp2HnlDA.roa
File: zSJ_P5pv1HzQ8hvu19sQp2HnlDA.roa (raw, json)
Hash identifier: qAEiL4ToqpIPLGT1RE35tlHZ4lj+5tb3m4XW3uq1NSo=
Subject key identifier: CD:22:7F:3F:9A:6F:D4:7C:D0:F2:1B:EE:D7:DB:10:A7:61:E7:94:30
Certificate issuer: /CN=3b0f37f43a268342eaf0fec53960634090b5b1b7
Certificate serial: 019421B1EE746898E8B1A6C318763FA9301D
Authority key identifier: 3B:0F:37:F4:3A:26:83:42:EA:F0:FE:C5:39:60:63:40:90:B5:B1:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ow839Domg0Lq8P7FOWBjQJC1sbc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/04f736-3713-40ba-8c08-9ae900df4f88/1/zSJ_P5pv1HzQ8hvu19sQp2HnlDA.roa
Signing time: Wed 01 Jan 2025 11:48:16 +0000
ROA not before: Wed 01 Jan 2025 11:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31404
IP address blocks: 2a03:9ec0:fc02::/48 maxlen: 48
2a03:9ec0:fc0f::/48 maxlen: 48
2a03:9ec0:fc60::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:ee:74:68:98:e8:b1:a6:c3:18:76:3f:a9:30:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b0f37f43a268342eaf0fec53960634090b5b1b7
Validity
Not Before: Jan 1 11:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd227f3f9a6fd47cd0f21beed7db10a761e79430
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:32:fc:6a:e2:1b:23:4b:32:06:d1:4c:98:16:
0d:4c:fc:ab:62:be:a9:5a:2e:ab:96:56:44:cd:82:
09:54:a2:cf:36:cf:33:da:01:8b:e9:10:a5:1e:23:
83:bc:ae:66:86:eb:fa:6f:60:49:89:05:e3:fe:c1:
1a:ae:0e:97:0a:63:94:81:83:37:b2:ac:f7:18:5a:
ee:e8:22:13:fa:6c:ee:18:0c:30:3b:dd:c8:fb:81:
b4:10:87:51:b4:a5:3b:67:88:4d:29:86:9e:ae:42:
ef:cf:fc:c4:97:18:c8:d1:1b:5b:98:62:b3:32:9d:
8a:fc:57:1b:26:03:eb:26:81:0a:0c:cf:4a:d1:93:
db:36:bf:33:f4:65:e4:96:8c:1e:c8:ab:20:b0:23:
2b:f8:ff:5f:01:eb:d2:fe:99:81:95:fe:71:5d:f8:
b1:a5:90:c4:d2:9e:c0:59:bc:4d:c3:ee:57:6e:65:
9c:f2:21:c1:4b:13:26:a7:ee:db:09:de:23:61:54:
11:a5:a9:12:23:fb:43:69:b2:71:3f:88:53:91:8a:
93:b5:1f:d6:5a:f9:84:dd:1c:0e:53:14:28:3e:87:
8d:71:ba:8d:2b:3d:ea:84:2f:2d:2c:34:76:2b:d3:
49:7d:f6:7c:6e:f7:75:71:57:f5:29:32:fe:2b:7c:
de:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:22:7F:3F:9A:6F:D4:7C:D0:F2:1B:EE:D7:DB:10:A7:61:E7:94:30
X509v3 Authority Key Identifier:
keyid:3B:0F:37:F4:3A:26:83:42:EA:F0:FE:C5:39:60:63:40:90:B5:B1:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ow839Domg0Lq8P7FOWBjQJC1sbc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/04f736-3713-40ba-8c08-9ae900df4f88/1/zSJ_P5pv1HzQ8hvu19sQp2HnlDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/04f736-3713-40ba-8c08-9ae900df4f88/1/Ow839Domg0Lq8P7FOWBjQJC1sbc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:9ec0:fc02::/48
2a03:9ec0:fc0f::/48
2a03:9ec0:fc60::/44
Signature Algorithm: sha256WithRSAEncryption
7e:cd:a6:03:5f:8f:18:82:06:d4:eb:a8:fb:a9:f9:60:ca:99:
92:c8:d6:06:51:9b:14:3c:a7:d0:6e:3d:f0:03:9c:b1:4e:17:
f6:70:91:7e:81:8f:9e:d5:e9:52:c8:42:c4:f5:ed:f3:8f:d1:
e0:28:08:3a:91:36:57:e2:e4:c8:23:b4:73:97:4c:fc:d7:3a:
84:61:cb:b0:51:1c:df:82:34:59:25:25:bf:21:a4:02:48:4f:
18:92:05:bc:04:90:b0:5b:eb:1e:91:d4:70:c9:5c:fb:65:f0:
44:d1:5a:cd:fb:f9:85:50:d0:b0:24:b1:93:6d:24:f3:ba:8a:
67:26:6a:23:b5:a8:4e:b0:6d:42:e0:04:96:db:83:47:bd:41:
3c:91:e7:7a:6d:63:75:7f:e3:b4:0e:57:17:4b:f7:f1:34:9f:
66:4f:96:8b:2e:dd:fe:4c:b1:a5:b6:33:17:5c:96:4a:cf:8d:
56:b0:77:2e:84:5e:dc:ce:fc:c3:bd:d4:e6:da:76:d8:c9:ea:
f5:e6:a2:7f:33:6a:28:60:b2:e7:ea:07:d2:ae:6e:52:16:00:
17:71:f2:6a:f6:13:0c:82:23:78:65:5a:93:ff:82:d8:b2:41:
cb:f8:37:21:59:3e:0c:1b:4a:4a:09:95:21:e1:26:1c:02:a7:
f7:83:7e:e9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQhse50aJjosabDGHY/qTAdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMGYzN2Y0M2EyNjgzNDJlYWYwZmVjNTM5NjA2MzQwOTBi
NWIxYjcwHhcNMjUwMTAxMTE0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDIyN2YzZjlhNmZkNDdjZDBmMjFiZWVkN2RiMTBhNzYxZTc5NDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTL8auIbI0syBtFMmBYNTPyrYr6p
Wi6rllZEzYIJVKLPNs8z2gGL6RClHiODvK5mhuv6b2BJiQXj/sEarg6XCmOUgYM3
sqz3GFru6CIT+mzuGAwwO93I+4G0EIdRtKU7Z4hNKYaerkLvz/zElxjI0RtbmGKz
Mp2K/FcbJgPrJoEKDM9K0ZPbNr8z9GXkloweyKsgsCMr+P9fAevS/pmBlf5xXfix
pZDE0p7AWbxNw+5XbmWc8iHBSxMmp+7bCd4jYVQRpakSI/tDabJxP4hTkYqTtR/W
WvmE3RwOUxQoPoeNcbqNKz3qhC8tLDR2K9NJffZ8bvd1cVf1KTL+K3zeTwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFM0ifz+ab9R80PIb7tfbEKdh55QwMB8GA1UdIwQY
MBaAFDsPN/Q6JoNC6vD+xTlgY0CQtbG3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3c4MzlEb21nMExxOFA3Rk9XQmpRSkMxc2JjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wNGY3MzYtMzcxMy00MGJhLThjMDgt
OWFlOTAwZGY0Zjg4LzEvelNKX1A1cHYxSHpROGh2dTE5c1FwMkhubERBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wNGY3MzYtMzcxMy00MGJhLThjMDgtOWFlOTAwZGY0Zjg4
LzEvT3c4MzlEb21nMExxOFA3Rk9XQmpRSkMxc2JjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKgOewPwC
AwcAKgOewPwPAwcEKgOewPxgMA0GCSqGSIb3DQEBCwUAA4IBAQB+zaYDX48YggbU
66j7qflgypmSyNYGUZsUPKfQbj3wA5yxThf2cJF+gY+e1elSyELE9e3zj9HgKAg6
kTZX4uTII7Rzl0z81zqEYcuwURzfgjRZJSW/IaQCSE8YkgW8BJCwW+sekdRwyVz7
ZfBE0VrN+/mFUNCwJLGTbSTzuopnJmojtahOsG1C4ASW24NHvUE8ked6bWN1f+O0
DlcXS/fxNJ9mT5aLLt3+TLGltjMXXJZKz41WsHcuhF7czvzDvdTm2nbYyer15qJ/
M2ooYLLn6gfSrm5SFgAXcfJq9hMMgiN4ZVqT/4LYskHL+DchWT4MG0pKCZUh4SYc
Aqf3g37p
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:55:19 2025 by rpki-client