Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/ZdlemGQCA8jrtuYIR9ZFtWke_wc.roa
File: ZdlemGQCA8jrtuYIR9ZFtWke_wc.roa (raw, json)
Hash identifier: yL1F1JtC6s6D+a5TG0GVaaYEiJsHRH7GC/1uOa8xe0w=
Subject key identifier: 65:D9:5E:98:64:02:03:C8:EB:B6:E6:08:47:D6:45:B5:69:1E:FF:07
Certificate issuer: /CN=3691d2950145dceac00c0ca4eb536d92867b38d3
Certificate serial: 01942444CFD350A30CC737051A18C9040743
Authority key identifier: 36:91:D2:95:01:45:DC:EA:C0:0C:0C:A4:EB:53:6D:92:86:7B:38:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpHSlQFF3OrADAyk61NtkoZ7ONM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/ZdlemGQCA8jrtuYIR9ZFtWke_wc.roa
Signing time: Wed 01 Jan 2025 23:47:56 +0000
ROA not before: Wed 01 Jan 2025 23:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212232
IP address blocks: 2a0c:2f05::/32 maxlen: 48
2a0c:2f05:18::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:cf:d3:50:a3:0c:c7:37:05:1a:18:c9:04:07:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3691d2950145dceac00c0ca4eb536d92867b38d3
Validity
Not Before: Jan 1 23:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=65d95e98640203c8ebb6e60847d645b5691eff07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3c:ff:4d:64:fc:5c:5c:47:ca:ff:1e:eb:0e:
8c:a3:09:af:56:32:87:7d:58:10:80:b9:6d:97:b9:
6f:64:30:12:5a:ea:ab:41:bb:48:80:7d:f1:41:e3:
6d:3a:67:b1:0f:03:52:a4:0e:3d:5f:9a:61:f4:28:
80:d9:ee:39:2b:b1:0a:32:8c:e2:d5:0c:15:a8:75:
4a:ab:f0:4e:6e:a5:21:f2:81:19:44:53:6f:c4:90:
08:55:cf:44:eb:67:9d:1b:d5:42:85:5b:f7:0d:c5:
9c:38:00:af:e8:66:ed:7a:37:83:6b:c2:78:1b:d4:
4b:cf:c5:0f:45:1b:a4:33:fe:eb:00:a4:31:fe:ba:
bd:fb:e5:f0:04:94:b5:d5:5e:14:33:15:c4:e3:1c:
17:87:b0:5b:87:5d:90:c3:8c:ce:9f:ec:38:36:55:
4d:39:12:2e:c7:9c:f1:a2:16:e3:24:78:fa:8e:cc:
03:3c:39:3d:1c:1f:d5:42:4d:f0:08:f8:14:c5:fd:
be:2b:8f:5c:8d:0a:ff:43:b7:06:93:7c:d8:8e:70:
21:54:2d:66:09:8b:6a:f1:ad:a4:01:8c:96:9f:36:
d2:79:36:b2:f0:bb:d3:7e:a3:67:65:c9:f9:da:ca:
5d:3d:56:17:a3:9f:59:84:80:f6:00:ea:76:ed:3d:
2e:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:D9:5E:98:64:02:03:C8:EB:B6:E6:08:47:D6:45:B5:69:1E:FF:07
X509v3 Authority Key Identifier:
keyid:36:91:D2:95:01:45:DC:EA:C0:0C:0C:A4:EB:53:6D:92:86:7B:38:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpHSlQFF3OrADAyk61NtkoZ7ONM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/ZdlemGQCA8jrtuYIR9ZFtWke_wc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/NpHSlQFF3OrADAyk61NtkoZ7ONM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:2f05::/32
Signature Algorithm: sha256WithRSAEncryption
0c:32:22:4c:54:a9:13:db:61:82:a1:df:96:37:49:2a:3a:6f:
5e:47:26:6e:71:37:ec:44:3f:cf:4d:8d:fb:2b:8e:12:7e:87:
b8:32:f3:80:9e:8e:39:2b:8a:b8:ee:6c:b7:21:2b:66:24:3a:
e5:29:05:a1:38:3a:ae:3a:6b:e8:88:1e:4f:df:7a:0e:b2:3b:
bc:ef:3f:5d:40:b3:98:ee:c5:b0:d9:6a:bf:45:1e:70:38:51:
be:03:c9:8c:9a:83:e5:bf:c5:4f:5e:a6:5c:26:9c:e7:17:08:
14:19:b9:9e:17:fc:2b:dd:6e:ab:ad:52:64:39:5d:3a:ae:14:
9f:8d:5a:be:45:5d:59:29:32:2f:06:fd:cc:a4:58:0e:a9:10:
a9:5b:11:5d:41:df:60:92:96:79:5a:51:c6:78:f2:9c:19:87:
45:0c:3b:24:44:1a:18:04:b2:89:c8:f1:8b:30:38:f5:91:80:
8c:c2:c6:71:ea:0b:53:07:b1:40:1c:89:71:62:d8:fa:c8:63:
56:c9:6f:4f:cd:4b:3a:33:41:e8:79:5c:ae:67:24:db:9a:6a:
5b:c7:2b:43:1c:01:87:42:97:b1:f8:a7:25:0e:4d:1c:4a:df:
e2:71:c2:98:47:a4:88:6e:93:6a:7e:be:94:02:2a:e7:b3:ce:
3d:f4:79:e0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQkRM/TUKMMxzcFGhjJBAdDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTFkMjk1MDE0NWRjZWFjMDBjMGNhNGViNTM2ZDkyODY3
YjM4ZDMwHhcNMjUwMTAxMjM0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWQ5NWU5ODY0MDIwM2M4ZWJiNmU2MDg0N2Q2NDViNTY5MWVmZjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTz/TWT8XFxHyv8e6w6MowmvVjKH
fVgQgLltl7lvZDASWuqrQbtIgH3xQeNtOmexDwNSpA49X5ph9CiA2e45K7EKMozi
1QwVqHVKq/BObqUh8oEZRFNvxJAIVc9E62edG9VChVv3DcWcOACv6GbtejeDa8J4
G9RLz8UPRRukM/7rAKQx/rq9++XwBJS11V4UMxXE4xwXh7Bbh12Qw4zOn+w4NlVN
ORIux5zxohbjJHj6jswDPDk9HB/VQk3wCPgUxf2+K49cjQr/Q7cGk3zYjnAhVC1m
CYtq8a2kAYyWnzbSeTay8LvTfqNnZcn52spdPVYXo59ZhID2AOp27T0uXQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGXZXphkAgPI67bmCEfWRbVpHv8HMB8GA1UdIwQY
MBaAFDaR0pUBRdzqwAwMpOtTbZKGezjTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBIU2xRRkYzT3JBREF5azYxTnRrb1o3T05NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8yYTk0MmEtZjFiZi00M2UyLWI5MmEt
MWRlYzQwNTg0ODA2LzEvWmRsZW1HUUNBOGpydHVZSVI5WkZ0V2tlX3djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8yYTk0MmEtZjFiZi00M2UyLWI5MmEtMWRlYzQwNTg0ODA2
LzEvTnBIU2xRRkYzT3JBREF5azYxTnRrb1o3T05NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgwvBTAN
BgkqhkiG9w0BAQsFAAOCAQEADDIiTFSpE9thgqHfljdJKjpvXkcmbnE37EQ/z02N
+yuOEn6HuDLzgJ6OOSuKuO5styErZiQ65SkFoTg6rjpr6IgeT996DrI7vO8/XUCz
mO7FsNlqv0UecDhRvgPJjJqD5b/FT16mXCac5xcIFBm5nhf8K91uq61SZDldOq4U
n41avkVdWSkyLwb9zKRYDqkQqVsRXUHfYJKWeVpRxnjynBmHRQw7JEQaGASyicjx
izA49ZGAjMLGceoLUwexQByJcWLY+shjVslvT81LOjNB6Hlcrmck25pqW8crQxwB
h0KXsfinJQ5NHErf4nHCmEekiG6Tan6+lAIq57POPfR54A==
-----END CERTIFICATE-----
Generated at Tue Apr 8 23:31:53 2025 by rpki-client