Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/zfGaREwozQlPDznadYm5iZBdTbo.roa
File: zfGaREwozQlPDznadYm5iZBdTbo.roa (raw, json)
Hash identifier: BQ/Qo3WVP+Q/nW3nNfYM3evPzNFHtG1U5B77mp2vN9c=
Subject key identifier: CD:F1:9A:44:4C:28:CD:09:4F:0F:39:DA:75:89:B9:89:90:5D:4D:BA
Certificate issuer: /CN=0563cb263df50d2d4d073c0f7db6cd2776302c9d
Certificate serial: 019423D73550B631FBAE32F84343E618606D
Authority key identifier: 05:63:CB:26:3D:F5:0D:2D:4D:07:3C:0F:7D:B6:CD:27:76:30:2C:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/zfGaREwozQlPDznadYm5iZBdTbo.roa
Signing time: Wed 01 Jan 2025 21:48:13 +0000
ROA not before: Wed 01 Jan 2025 21:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212270
IP address blocks: 2a0f:9240:2000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:35:50:b6:31:fb:ae:32:f8:43:43:e6:18:60:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0563cb263df50d2d4d073c0f7db6cd2776302c9d
Validity
Not Before: Jan 1 21:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cdf19a444c28cd094f0f39da7589b989905d4dba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c4:70:8d:0f:f4:8d:5a:7a:bf:81:8b:04:f8:
ad:d4:ab:2f:02:2b:7f:bc:6c:cf:06:a4:db:a4:f5:
50:e4:a2:3e:92:dc:29:6f:89:db:b5:1d:3e:73:1c:
40:0d:fa:9b:15:35:60:2f:e3:bd:46:1c:1b:cd:42:
e3:cc:49:0c:4e:b0:b8:46:38:ce:0a:41:3e:c2:08:
73:16:d6:db:6b:1d:3a:0c:0a:fd:9a:37:cb:f6:ca:
09:a9:22:a7:f3:f5:88:2a:a4:83:46:35:61:a3:a8:
5f:f7:02:dd:a2:6a:5c:f3:f1:d6:c7:01:0d:f1:6d:
29:78:b2:51:c9:41:29:c2:c4:e3:49:fe:0f:86:27:
d9:76:bb:a6:86:35:f5:74:9e:da:29:3b:92:4e:a8:
d1:56:8b:c1:02:b9:a1:e1:77:06:4e:35:52:b9:28:
e2:15:85:b0:6c:5d:70:2a:3f:97:20:16:bb:8d:46:
75:d6:d7:88:d5:97:0a:13:c3:88:60:de:f3:b6:a9:
5e:dd:0c:ee:c1:37:ba:84:91:6b:8d:cf:f4:33:78:
c4:3f:e6:dc:27:7d:b5:73:25:16:72:b7:92:c3:31:
1e:f7:42:23:93:a2:cf:d4:6e:2a:d0:2d:cb:31:89:
bf:ea:50:d2:5c:62:d9:25:7e:b4:67:44:9a:98:b8:
f9:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:F1:9A:44:4C:28:CD:09:4F:0F:39:DA:75:89:B9:89:90:5D:4D:BA
X509v3 Authority Key Identifier:
keyid:05:63:CB:26:3D:F5:0D:2D:4D:07:3C:0F:7D:B6:CD:27:76:30:2C:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/zfGaREwozQlPDznadYm5iZBdTbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9240:2000::/48
Signature Algorithm: sha256WithRSAEncryption
79:ed:37:94:73:4f:a9:00:38:cf:a2:73:2c:86:41:d6:94:9a:
c7:62:82:a9:35:83:31:e4:11:12:7b:fc:6a:6e:e9:66:5d:f6:
00:53:59:cd:08:d8:87:2d:05:8b:56:5a:de:52:5f:3c:89:c8:
31:f3:51:fc:74:0b:56:fd:7b:43:a6:b5:f4:3a:74:d9:d0:7e:
04:8a:a4:6e:66:cb:77:38:47:7c:f9:d4:3c:8b:e8:8f:dc:10:
6f:33:46:89:08:a0:8b:c0:8b:06:00:ec:bb:e8:de:ec:ca:7c:
6c:1c:68:b1:7b:08:33:5d:7e:96:bf:9c:40:1d:5d:75:e0:c4:
6b:e4:c5:97:d1:35:f4:75:9c:82:ab:9a:40:03:b7:3b:3f:ce:
d0:a9:06:c6:c2:4c:1e:8c:8d:c3:93:bc:a0:dd:f2:12:2c:c7:
58:dd:21:b6:c2:43:8b:5f:4b:d7:9a:a6:6c:0f:a7:4c:63:62:
f7:1e:46:e5:10:47:0c:d3:e4:db:24:ff:8c:92:2b:70:ac:77:
56:d6:81:47:8b:d5:c6:d0:fd:e8:ca:34:92:3a:77:bb:06:b8:
f8:f7:34:9b:7e:80:92:eb:d4:43:f9:ab:92:b5:e7:2d:4f:5f:
18:e8:eb:ee:23:1a:92:05:da:17:17:41:41:46:c5:bc:e5:b7:
d9:76:c8:47
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQj1zVQtjH7rjL4Q0PmGGBtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NjNjYjI2M2RmNTBkMmQ0ZDA3M2MwZjdkYjZjZDI3NzYz
MDJjOWQwHhcNMjUwMTAxMjE0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGYxOWE0NDRjMjhjZDA5NGYwZjM5ZGE3NTg5Yjk4OTkwNWQ0ZGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsRwjQ/0jVp6v4GLBPit1KsvAit/
vGzPBqTbpPVQ5KI+ktwpb4nbtR0+cxxADfqbFTVgL+O9RhwbzULjzEkMTrC4RjjO
CkE+wghzFtbbax06DAr9mjfL9soJqSKn8/WIKqSDRjVho6hf9wLdompc8/HWxwEN
8W0peLJRyUEpwsTjSf4PhifZdrumhjX1dJ7aKTuSTqjRVovBArmh4XcGTjVSuSji
FYWwbF1wKj+XIBa7jUZ11teI1ZcKE8OIYN7ztqle3QzuwTe6hJFrjc/0M3jEP+bc
J321cyUWcreSwzEe90Ijk6LP1G4q0C3LMYm/6lDSXGLZJX60Z0SamLj5zQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFM3xmkRMKM0JTw852nWJuYmQXU26MB8GA1UdIwQY
MBaAFAVjyyY99Q0tTQc8D322zSd2MCydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQldQTEpqMzFEUzFOQnp3UGZiYk5KM1l3TEowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi82MmU1ZjItMjViMy00NTU3LWFhOTQt
MTUwMzU0YjAwZTU1LzEvemZHYVJFd296UWxQRHpuYWRZbTVpWkJkVGJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi82MmU1ZjItMjViMy00NTU3LWFhOTQtMTUwMzU0YjAwZTU1
LzEvQldQTEpqMzFEUzFOQnp3UGZiYk5KM1l3TEowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+SQCAA
MA0GCSqGSIb3DQEBCwUAA4IBAQB57TeUc0+pADjPonMshkHWlJrHYoKpNYMx5BES
e/xqbulmXfYAU1nNCNiHLQWLVlreUl88icgx81H8dAtW/XtDprX0OnTZ0H4EiqRu
Zst3OEd8+dQ8i+iP3BBvM0aJCKCLwIsGAOy76N7synxsHGixewgzXX6Wv5xAHV11
4MRr5MWX0TX0dZyCq5pAA7c7P87QqQbGwkwejI3Dk7yg3fISLMdY3SG2wkOLX0vX
mqZsD6dMY2L3HkblEEcM0+TbJP+MkitwrHdW1oFHi9XG0P3oyjSSOne7Brj49zSb
foCS69RD+auStectT18Y6OvuIxqSBdoXF0FBRsW85bfZdshH
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:32:13 2025 by rpki-client