Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b48bfd-797d-47a9-8a62-44313b43e594/1/VzQqyrs-uqIcVAV9Qkei6a34wwc.roa
File: VzQqyrs-uqIcVAV9Qkei6a34wwc.roa (raw, json)
Hash identifier: fyOWws5YA8x0adXdJbC1gsHmLihm5Um5wk56YNm2GDk=
Subject key identifier: 57:34:2A:CA:BB:3E:BA:A2:1C:54:05:7D:42:47:A2:E9:AD:F8:C3:07
Certificate issuer: /CN=64c0bc594af811753dfc116af459b1b874471489
Certificate serial: 01956D40857724E60678AD5DA0A96904A620
Authority key identifier: 64:C0:BC:59:4A:F8:11:75:3D:FC:11:6A:F4:59:B1:B8:74:47:14:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZMC8WUr4EXU9_BFq9FmxuHRHFIk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b48bfd-797d-47a9-8a62-44313b43e594/1/VzQqyrs-uqIcVAV9Qkei6a34wwc.roa
Signing time: Thu 06 Mar 2025 20:58:19 +0000
ROA not before: Thu 06 Mar 2025 20:58:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 2a00:b320::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6d:40:85:77:24:e6:06:78:ad:5d:a0:a9:69:04:a6:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64c0bc594af811753dfc116af459b1b874471489
Validity
Not Before: Mar 6 20:58:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=57342acabb3ebaa21c54057d4247a2e9adf8c307
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:da:53:49:ec:ff:c2:2a:c1:92:d7:6a:b5:50:
0b:ad:5f:36:e6:a5:36:1d:d6:16:c7:ee:c4:6d:2a:
25:e5:c8:4b:95:69:93:99:6e:f1:66:4c:8a:91:fd:
04:f3:92:3f:65:d1:03:88:df:e5:26:bb:ae:9f:b1:
18:f6:d2:32:09:7e:8a:86:e6:58:a1:d9:99:e8:1b:
2e:9e:77:1f:44:1d:c2:23:aa:da:a4:fe:92:35:2d:
32:07:51:1b:95:7a:69:71:89:29:84:81:17:72:ca:
fe:dc:b3:0a:c0:f7:a8:b1:f6:b3:0f:74:ec:af:98:
b1:de:51:61:20:9f:42:dc:f0:ad:e1:50:03:40:2e:
b7:25:d9:19:54:6c:3b:5e:5a:63:cd:fb:e1:9e:1f:
49:39:b3:c9:f0:bf:6c:df:ad:9c:88:e7:49:68:17:
6a:8f:58:ba:0a:f4:13:8d:3f:0f:49:6b:b0:91:91:
68:2e:b7:e8:c8:6d:83:15:e3:4b:c9:80:cf:5d:b1:
40:be:c3:18:b9:5b:fd:d2:b1:69:94:4a:7d:40:6e:
50:24:db:59:e7:4d:c4:4e:26:39:0b:28:a6:81:2f:
94:90:f3:97:d2:d6:93:31:61:db:52:f3:1c:5c:25:
31:b4:8d:b2:54:6e:23:5d:6a:41:7d:7d:e2:c1:40:
e2:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:34:2A:CA:BB:3E:BA:A2:1C:54:05:7D:42:47:A2:E9:AD:F8:C3:07
X509v3 Authority Key Identifier:
keyid:64:C0:BC:59:4A:F8:11:75:3D:FC:11:6A:F4:59:B1:B8:74:47:14:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZMC8WUr4EXU9_BFq9FmxuHRHFIk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b48bfd-797d-47a9-8a62-44313b43e594/1/VzQqyrs-uqIcVAV9Qkei6a34wwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b48bfd-797d-47a9-8a62-44313b43e594/1/ZMC8WUr4EXU9_BFq9FmxuHRHFIk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:b320::/48
Signature Algorithm: sha256WithRSAEncryption
3d:39:26:b6:94:f5:3b:24:aa:c7:4a:db:60:3c:8f:7a:6a:5a:
c5:5f:fc:5d:60:5e:af:0b:5e:36:87:8b:2f:d7:a9:b2:04:6a:
38:e8:3f:be:74:3c:97:98:1e:11:b3:0d:3e:ef:c0:5b:20:99:
ff:29:3b:bd:29:62:1c:ac:3d:e1:a1:7c:d3:a3:0c:8c:9a:ac:
0a:2d:60:96:75:e4:7a:6b:4b:b1:cf:8f:59:ee:06:e9:18:72:
42:7e:77:7e:2d:25:9f:59:b7:2b:13:96:bf:36:cd:b5:4f:b4:
f9:82:24:a1:81:6d:21:8f:80:69:83:49:16:11:d2:1a:ac:1a:
f4:ca:a6:8e:f3:83:45:16:e6:52:cc:d2:2a:30:a3:44:be:f0:
7b:a3:f9:4d:68:bb:ba:e1:0b:c8:45:27:df:c4:66:d9:1d:1b:
23:ef:27:a1:1c:54:6d:98:fc:2e:7a:df:c0:20:76:8f:fc:4e:
b5:6e:2a:9e:1a:a9:35:f0:b4:70:e0:72:c2:38:e6:61:32:9f:
a4:0e:ef:4f:5b:f7:df:ea:30:b7:7f:bd:22:f0:1b:bd:15:7e:
e3:a2:d9:d8:11:52:df:a0:b1:e5:7e:d2:19:1b:f4:d3:b4:40:
98:08:37:e8:66:98:9d:46:63:c5:d8:18:c1:a7:c1:07:a7:0d:
3e:f8:6a:43
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZVtQIV3JOYGeK1doKlpBKYgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YzBiYzU5NGFmODExNzUzZGZjMTE2YWY0NTliMWI4NzQ0
NzE0ODkwHhcNMjUwMzA2MjA1ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzM0MmFjYWJiM2ViYWEyMWM1NDA1N2Q0MjQ3YTJlOWFkZjhjMzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9pTSez/wirBktdqtVALrV825qU2
HdYWx+7EbSol5chLlWmTmW7xZkyKkf0E85I/ZdEDiN/lJruun7EY9tIyCX6KhuZY
odmZ6BsunncfRB3CI6rapP6SNS0yB1EblXppcYkphIEXcsr+3LMKwPeosfazD3Ts
r5ix3lFhIJ9C3PCt4VADQC63JdkZVGw7Xlpjzfvhnh9JObPJ8L9s362ciOdJaBdq
j1i6CvQTjT8PSWuwkZFoLrfoyG2DFeNLyYDPXbFAvsMYuVv90rFplEp9QG5QJNtZ
503ETiY5CyimgS+UkPOX0taTMWHbUvMcXCUxtI2yVG4jXWpBfX3iwUDiSwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFc0Ksq7PrqiHFQFfUJHoumt+MMHMB8GA1UdIwQY
MBaAFGTAvFlK+BF1PfwRavRZsbh0RxSJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk1DOFdVcjRFWFU5X0JGcTlGbXh1SFJIRklrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNDhiZmQtNzk3ZC00N2E5LThhNjIt
NDQzMTNiNDNlNTk0LzEvVnpRcXlycy11cUljVkFWOVFrZWk2YTM0d3djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNDhiZmQtNzk3ZC00N2E5LThhNjItNDQzMTNiNDNlNTk0
LzEvWk1DOFdVcjRFWFU5X0JGcTlGbXh1SFJIRklrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgCzIAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQA9OSa2lPU7JKrHSttgPI96alrFX/xdYF6vC142
h4sv16myBGo46D++dDyXmB4Rsw0+78BbIJn/KTu9KWIcrD3hoXzTowyMmqwKLWCW
deR6a0uxz49Z7gbpGHJCfnd+LSWfWbcrE5a/Ns21T7T5giShgW0hj4Bpg0kWEdIa
rBr0yqaO84NFFuZSzNIqMKNEvvB7o/lNaLu64QvIRSffxGbZHRsj7yehHFRtmPwu
et/AIHaP/E61biqeGqk18LRw4HLCOOZhMp+kDu9PW/ff6jC3f70i8Bu9FX7jotnY
EVLfoLHlftIZG/TTtECYCDfoZpidRmPF2BjBp8EHpw0++GpD
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:19:55 2025 by rpki-client