Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/464631-ca8e-4c6a-b091-d9f6d9642537/1/2zshn4FJi-fPnQP7m_tZ42iMcYg.roa
File: 2zshn4FJi-fPnQP7m_tZ42iMcYg.roa (raw, json)
Hash identifier: h+aVaIXaAs/oxlcu7KDo+oBWPGK9uouAkBi2S7HUIPU=
Subject key identifier: DB:3B:21:9F:81:49:8B:E7:CF:9D:03:FB:9B:FB:59:E3:68:8C:71:88
Certificate issuer: /CN=54914541fd1b95e7c0afc875fbef78794f55386b
Certificate serial: 01823EA569165D032D50899BC98A72E236DE
Authority key identifier: 54:91:45:41:FD:1B:95:E7:C0:AF:C8:75:FB:EF:78:79:4F:55:38:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VJFFQf0blefAr8h1--94eU9VOGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/464631-ca8e-4c6a-b091-d9f6d9642537/1/2zshn4FJi-fPnQP7m_tZ42iMcYg.roa
Signing time: Wed 27 Jul 2022 07:53:23 +0000
ROA not before: Wed 27 Jul 2022 07:53:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206016
IP address blocks: 2a06:a005:a0c::/48 maxlen: 48
2a06:a005:db0::/44 maxlen: 48
2a06:a005:990::/44 maxlen: 48
2a06:a005:1390::/44 maxlen: 48
2a06:a005:1380::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:3e:a5:69:16:5d:03:2d:50:89:9b:c9:8a:72:e2:36:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54914541fd1b95e7c0afc875fbef78794f55386b
Validity
Not Before: Jul 27 07:53:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db3b219f81498be7cf9d03fb9bfb59e3688c7188
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:6f:b1:c3:f9:40:08:35:90:0a:30:7b:26:c3:
cd:40:03:77:01:24:00:eb:29:29:2b:e6:49:a5:14:
3a:70:ea:51:af:ba:47:6e:81:e0:8d:32:10:d1:61:
b0:08:7d:11:f5:7f:8c:5c:88:83:06:0f:05:8d:0b:
c2:3c:7a:a2:45:02:c5:48:75:56:b8:ca:35:70:ad:
06:48:e4:06:74:d6:31:51:98:7a:df:e0:5e:57:bb:
cc:fd:83:3e:73:37:55:4b:76:14:82:bc:7a:d0:06:
42:08:64:4e:0c:06:af:15:52:03:33:99:65:57:09:
e2:e4:f3:20:7a:19:3d:64:92:bf:af:f6:c9:93:42:
13:70:57:79:da:be:06:4f:c0:35:24:fa:aa:43:1e:
e9:8b:5f:ef:89:93:49:3b:06:f4:39:e7:85:84:8e:
70:10:6f:88:d7:6e:e2:04:0c:a8:37:f9:8b:e3:5c:
f9:71:1f:1d:9f:2d:51:9b:0a:9f:c9:39:2e:5e:b9:
ca:28:ba:b1:65:a9:fe:5b:50:bd:36:95:70:ff:b5:
41:71:cb:4e:1a:29:e3:18:3f:1a:0d:91:5a:e0:28:
a3:35:c0:63:1a:64:73:84:83:d4:fc:81:4e:bd:35:
96:ae:c4:68:36:a1:27:a7:f2:5a:c9:c1:aa:27:72:
43:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:3B:21:9F:81:49:8B:E7:CF:9D:03:FB:9B:FB:59:E3:68:8C:71:88
X509v3 Authority Key Identifier:
keyid:54:91:45:41:FD:1B:95:E7:C0:AF:C8:75:FB:EF:78:79:4F:55:38:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VJFFQf0blefAr8h1--94eU9VOGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/464631-ca8e-4c6a-b091-d9f6d9642537/1/2zshn4FJi-fPnQP7m_tZ42iMcYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/464631-ca8e-4c6a-b091-d9f6d9642537/1/VJFFQf0blefAr8h1--94eU9VOGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:990::/44
2a06:a005:a0c::/48
2a06:a005:db0::/44
2a06:a005:1380::/43
Signature Algorithm: sha256WithRSAEncryption
2b:a9:78:11:09:fc:66:46:57:6d:93:c1:8f:ea:ca:e5:a1:61:
6b:74:0b:26:6e:b0:9f:00:b8:f0:85:b7:63:8f:e8:9a:74:27:
9d:60:32:0e:5f:46:b7:b7:0b:f3:7f:7e:47:37:32:2a:34:98:
74:c0:03:8b:e2:87:38:05:15:97:39:54:b7:5e:76:e5:e8:84:
63:c8:bc:58:ac:e8:65:45:e5:d7:7a:6e:98:e2:f0:c0:c6:f1:
39:c8:4b:7e:3b:71:be:83:5e:43:b7:a3:d1:24:99:be:fb:a8:
a4:69:c6:85:f3:ab:47:15:d5:f5:6d:f9:f1:fa:38:a1:4e:96:
dc:f6:89:2b:65:94:73:f8:47:9b:17:88:f9:a4:8f:01:34:9c:
ff:c1:2a:cf:08:85:48:9b:89:f7:31:4f:5d:60:3c:1a:b2:3a:
f6:18:de:76:ae:99:1f:50:4e:09:74:60:fd:40:0f:56:55:57:
2c:de:d0:00:2d:3c:0a:5a:47:30:ca:f8:dd:00:5b:b8:6f:8a:
3f:12:86:86:69:ca:a0:21:d3:95:25:3b:d0:0e:3e:fe:cc:69:
5c:09:e7:17:cd:cf:5a:0d:22:42:7e:0b:6e:f3:b8:64:a3:34:
19:a4:26:1a:13:4a:48:b9:e2:9f:58:66:32:da:4e:d6:04:d7:
72:4e:52:b1
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYI+pWkWXQMtUImbyYpy4jbeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0OTE0NTQxZmQxYjk1ZTdjMGFmYzg3NWZiZWY3ODc5NGY1
NTM4NmIwHhcNMjIwNzI3MDc1MzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjNiMjE5ZjgxNDk4YmU3Y2Y5ZDAzZmI5YmZiNTllMzY4OGM3MTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhW+xw/lACDWQCjB7JsPNQAN3ASQA
6ykpK+ZJpRQ6cOpRr7pHboHgjTIQ0WGwCH0R9X+MXIiDBg8FjQvCPHqiRQLFSHVW
uMo1cK0GSOQGdNYxUZh63+BeV7vM/YM+czdVS3YUgrx60AZCCGRODAavFVIDM5ll
Vwni5PMgehk9ZJK/r/bJk0ITcFd52r4GT8A1JPqqQx7pi1/viZNJOwb0OeeFhI5w
EG+I127iBAyoN/mL41z5cR8dny1RmwqfyTkuXrnKKLqxZan+W1C9NpVw/7VBcctO
GinjGD8aDZFa4CijNcBjGmRzhIPU/IFOvTWWrsRoNqEnp/JaycGqJ3JD1wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNs7IZ+BSYvnz50D+5v7WeNojHGIMB8GA1UdIwQY
MBaAFFSRRUH9G5XnwK/IdfvveHlPVThrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkpGRlFmMGJsZWZBcjhoMS0tOTRlVTlWT0dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS80NjQ2MzEtY2E4ZS00YzZhLWIwOTEt
ZDlmNmQ5NjQyNTM3LzEvMnpzaG40RkppLWZQblFQN21fdFo0MmlNY1lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS80NjQ2MzEtY2E4ZS00YzZhLWIwOTEtZDlmNmQ5NjQyNTM3
LzEvVkpGRlFmMGJsZWZBcjhoMS0tOTRlVTlWT0dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcEKgagBQmQ
AwcAKgagBQoMAwcEKgagBQ2wAwcFKgagBROAMA0GCSqGSIb3DQEBCwUAA4IBAQAr
qXgRCfxmRldtk8GP6srloWFrdAsmbrCfALjwhbdjj+iadCedYDIOX0a3twvzf35H
NzIqNJh0wAOL4oc4BRWXOVS3Xnbl6IRjyLxYrOhlReXXem6Y4vDAxvE5yEt+O3G+
g15Dt6PRJJm++6ikacaF86tHFdX1bfnx+jihTpbc9okrZZRz+EebF4j5pI8BNJz/
wSrPCIVIm4n3MU9dYDwasjr2GN52rpkfUE4JdGD9QA9WVVcs3tAALTwKWkcwyvjd
AFu4b4o/EoaGacqgIdOVJTvQDj7+zGlcCecXzc9aDSJCfgtu87hkozQZpCYaE0pI
ueKfWGYy2k7WBNdyTlKx
-----END CERTIFICATE-----
Generated at Fri Apr 18 09:58:09 2025 by rpki-client