Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/ZyvSvqBO_CRtrjVV5g_m38QqdF0.roa
File: ZyvSvqBO_CRtrjVV5g_m38QqdF0.roa (raw, json)
Hash identifier: EMjT9dIsrbauUL5Ml+fcJBjE3Hsiqb5K2tYe1FIy+Zk=
Subject key identifier: 67:2B:D2:BE:A0:4E:FC:24:6D:AE:35:55:E6:0F:E6:DF:C4:2A:74:5D
Certificate issuer: /CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Certificate serial: 01941F8C78A022875339F806C57EFDDD23B0
Authority key identifier: C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/ZyvSvqBO_CRtrjVV5g_m38QqdF0.roa
Signing time: Wed 01 Jan 2025 01:48:07 +0000
ROA not before: Wed 01 Jan 2025 01:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21449
IP address blocks: 2a07:2911::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:78:a0:22:87:53:39:f8:06:c5:7e:fd:dd:23:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Validity
Not Before: Jan 1 01:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=672bd2bea04efc246dae3555e60fe6dfc42a745d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8a:06:c8:cc:9d:91:ea:83:f6:54:2d:d0:57:
b1:40:4a:c9:0d:c4:6b:2d:db:f1:67:0c:17:ca:76:
fd:7e:4d:98:68:3b:e6:b7:9a:e1:0d:2e:23:27:88:
9c:7b:a4:b1:ee:96:f2:d1:87:0e:c3:43:b1:c1:59:
6b:ae:a8:e6:fc:34:b0:00:8c:b7:ee:61:ff:0e:5f:
29:7e:81:04:97:6b:e7:16:c1:bc:8a:5d:21:17:a5:
e2:b0:b9:e6:e5:54:fa:77:6e:1a:94:62:4d:77:81:
f5:dc:52:d2:c0:d8:59:63:ba:6b:06:ba:a7:38:8e:
d1:e2:ec:89:35:55:4b:af:27:08:ee:08:70:ac:2d:
d5:5a:25:b2:a6:b3:a7:d1:f2:b3:b3:4a:c0:ac:ae:
6f:e9:08:20:e7:5b:98:68:4c:8b:8f:f0:10:a2:b6:
35:ec:17:68:63:81:c6:70:16:c7:1e:e5:79:e6:e8:
30:e3:5b:53:f0:6f:26:1b:fc:0d:36:8f:b8:66:9e:
df:35:5a:49:89:35:a5:d7:e0:39:f2:fc:61:d4:a1:
55:89:80:fd:ca:7a:12:ba:c2:9c:ff:15:75:5b:57:
3a:25:20:79:25:2f:bf:f6:4b:01:10:8e:7f:b3:32:
6c:33:86:14:2f:f2:d4:7d:5d:60:6f:2c:25:22:3e:
fe:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:2B:D2:BE:A0:4E:FC:24:6D:AE:35:55:E6:0F:E6:DF:C4:2A:74:5D
X509v3 Authority Key Identifier:
keyid:C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/ZyvSvqBO_CRtrjVV5g_m38QqdF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:2911::/32
Signature Algorithm: sha256WithRSAEncryption
81:ef:7d:a5:75:59:1f:2f:0e:44:c7:7d:5f:cf:78:a0:bc:4b:
10:e9:f5:37:2f:34:eb:f7:b8:01:73:74:0b:af:5e:ef:a9:d4:
3d:2f:aa:7a:d1:fa:83:8a:ca:24:70:2d:aa:70:d6:ba:41:d2:
4e:ae:d9:6f:5d:1b:8b:3e:f3:5d:fa:16:4e:71:0d:8d:c8:44:
a2:0b:0b:a2:34:a7:96:b9:6d:c7:46:25:71:54:75:7f:9d:66:
00:a2:11:7c:7d:47:55:be:46:79:ed:67:48:c5:19:d6:2c:b2:
84:fe:f0:7b:5f:79:26:db:b9:e8:10:2a:08:bd:96:e3:0b:63:
1b:2c:2e:77:3f:30:fe:01:6f:79:99:56:36:ff:d7:79:35:b8:
ef:e4:76:07:60:19:9d:c4:27:fb:80:24:fa:a8:05:bb:71:9a:
7e:08:86:50:51:2a:2c:83:06:fa:76:5c:d9:db:a3:c0:71:95:
cb:3d:69:d1:0b:ab:81:22:0c:43:cf:cf:02:8a:cd:47:f8:22:
fb:dc:28:e5:5f:88:e1:e8:24:52:89:01:32:f4:82:96:67:85:
17:81:93:de:31:a2:a5:cb:22:3d:fa:4c:89:36:ac:84:0b:7b:
00:dd:ab:18:ad:a5:f1:60:0a:5f:b3:b6:a8:b9:24:c4:80:c3:
52:ab:6b:e4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQfjHigIodTOfgGxX793SOwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NWM2ODNjYjFlYjljMGY0OWI5NjdlM2JkOWI4Yjg0Y2Yw
OTliYjgwHhcNMjUwMTAxMDE0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzJiZDJiZWEwNGVmYzI0NmRhZTM1NTVlNjBmZTZkZmM0MmE3NDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsooGyMydkeqD9lQt0FexQErJDcRr
LdvxZwwXynb9fk2YaDvmt5rhDS4jJ4ice6Sx7pby0YcOw0OxwVlrrqjm/DSwAIy3
7mH/Dl8pfoEEl2vnFsG8il0hF6XisLnm5VT6d24alGJNd4H13FLSwNhZY7prBrqn
OI7R4uyJNVVLrycI7ghwrC3VWiWyprOn0fKzs0rArK5v6Qgg51uYaEyLj/AQorY1
7BdoY4HGcBbHHuV55ugw41tT8G8mG/wNNo+4Zp7fNVpJiTWl1+A58vxh1KFViYD9
ynoSusKc/xV1W1c6JSB5JS+/9ksBEI5/szJsM4YUL/LUfV1gbywlIj7+xwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGcr0r6gTvwkba41VeYP5t/EKnRdMB8GA1UdIwQY
MBaAFMRcaDyx65wPSbln472bi4TPCZu4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEZ4b1BMSHJuQTlKdVdmanZadUxoTThKbTdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MzlhMTAtNjBjNC00YzI4LTkxYmYt
ODhkMmRmMTBkMTViLzEvWnl2U3ZxQk9fQ1J0cmpWVjVnX20zOFFxZEYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC80MzlhMTAtNjBjNC00YzI4LTkxYmYtODhkMmRmMTBkMTVi
LzEveEZ4b1BMSHJuQTlKdVdmanZadUxoTThKbTdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgcpETAN
BgkqhkiG9w0BAQsFAAOCAQEAge99pXVZHy8ORMd9X894oLxLEOn1Ny806/e4AXN0
C69e76nUPS+qetH6g4rKJHAtqnDWukHSTq7Zb10biz7zXfoWTnENjchEogsLojSn
lrltx0YlcVR1f51mAKIRfH1HVb5Gee1nSMUZ1iyyhP7we195Jtu56BAqCL2W4wtj
Gywudz8w/gFveZlWNv/XeTW47+R2B2AZncQn+4Ak+qgFu3GafgiGUFEqLIMG+nZc
2dujwHGVyz1p0QurgSIMQ8/PAorNR/gi+9wo5V+I4egkUokBMvSClmeFF4GT3jGi
pcsiPfpMiTashAt7AN2rGK2l8WAKX7O2qLkkxIDDUqtr5A==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:55:08 2025 by rpki-client