Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/ZOc4yScbQ2pOrLNTSn7WIc7mrdg.roa
File: ZOc4yScbQ2pOrLNTSn7WIc7mrdg.roa (raw, json)
Hash identifier: a4V9Qq7aPmpRS+o4fuJXmCiOvZod1MlSuqcU6KwqGoY=
Subject key identifier: 64:E7:38:C9:27:1B:43:6A:4E:AC:B3:53:4A:7E:D6:21:CE:E6:AD:D8
Certificate issuer: /CN=2c3b0ae5b7f781122c709a2650adf9729187e1e1
Certificate serial: 01955CE13C6F528FCBC0876AD384DB0350F9
Authority key identifier: 2C:3B:0A:E5:B7:F7:81:12:2C:70:9A:26:50:AD:F9:72:91:87:E1:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LDsK5bf3gRIscJomUK35cpGH4eE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/ZOc4yScbQ2pOrLNTSn7WIc7mrdg.roa
Signing time: Mon 03 Mar 2025 16:40:19 +0000
ROA not before: Mon 03 Mar 2025 16:40:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 2a00:dc80::/33 maxlen: 48
2a00:dc87:8000::/33 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5c:e1:3c:6f:52:8f:cb:c0:87:6a:d3:84:db:03:50:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c3b0ae5b7f781122c709a2650adf9729187e1e1
Validity
Not Before: Mar 3 16:40:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=64e738c9271b436a4eacb3534a7ed621cee6add8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d8:b5:cd:b4:8a:29:fb:4e:1f:25:09:f7:9e:
e8:f7:bc:82:02:cd:67:8a:87:af:4b:35:67:fb:c2:
1c:46:00:44:54:1a:a0:e2:9d:30:4c:80:ab:4b:a5:
96:ce:33:c7:0f:b4:78:91:00:d3:0c:b8:de:d4:36:
18:91:a7:01:25:76:28:65:65:3a:e0:ef:96:f3:c8:
94:5b:b1:49:10:a7:c2:1b:0e:79:a0:95:21:f5:83:
85:53:f7:6d:ee:3d:10:f6:d8:b7:a4:84:db:4d:29:
d6:53:f0:83:dc:14:fa:87:96:a7:94:89:5b:26:b9:
12:22:d1:f6:7d:21:01:75:86:05:77:fb:44:f1:69:
f7:b4:1f:78:14:02:76:20:e4:5b:0f:a3:ae:01:07:
82:c3:c9:1e:c8:20:09:58:f0:57:84:8e:c7:e4:0b:
ce:c4:14:f7:72:30:45:20:b9:98:ea:3a:51:a4:09:
0e:22:c5:87:91:53:fb:d8:b0:37:c8:90:02:b6:8d:
e0:7d:12:5d:5c:bc:9e:84:5f:1b:b8:e5:84:05:86:
c2:d7:6e:4a:7c:9d:c0:f7:c8:24:fc:d1:fd:a7:c8:
39:5e:f3:94:47:8f:17:76:01:3f:e0:c5:97:e2:3f:
f4:d8:ba:7e:06:f9:6e:ca:35:eb:54:95:f5:31:2e:
8d:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:E7:38:C9:27:1B:43:6A:4E:AC:B3:53:4A:7E:D6:21:CE:E6:AD:D8
X509v3 Authority Key Identifier:
keyid:2C:3B:0A:E5:B7:F7:81:12:2C:70:9A:26:50:AD:F9:72:91:87:E1:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LDsK5bf3gRIscJomUK35cpGH4eE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/ZOc4yScbQ2pOrLNTSn7WIc7mrdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/LDsK5bf3gRIscJomUK35cpGH4eE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:dc80::/33
2a00:dc87:8000::/33
Signature Algorithm: sha256WithRSAEncryption
1f:f9:5f:e2:f3:dd:82:42:64:bd:f7:2e:f3:63:fa:b7:35:5c:
84:ba:d6:93:18:71:ce:bb:02:6b:bc:eb:0d:41:47:4d:79:74:
6c:48:a4:57:ea:4a:74:75:05:a8:90:ad:1d:39:a7:2a:14:c6:
3f:b8:79:6b:30:73:ac:1c:27:2d:07:78:9c:9d:1e:4c:c2:65:
d6:53:37:1a:40:c3:f3:d6:4a:7d:10:26:fc:0c:48:4d:25:b2:
61:6c:bd:8c:39:13:1a:69:83:10:d6:aa:29:06:f3:1c:3f:fe:
ac:bb:b2:bd:f4:80:ca:b5:fe:88:04:3c:6d:16:3d:a8:d9:60:
cb:40:93:09:34:19:02:ac:c4:fe:8f:09:ec:43:92:86:23:68:
dd:3b:16:2e:e2:f4:d5:2f:ab:c1:4c:75:a5:76:7b:23:f3:60:
05:3f:cc:1e:08:2a:5f:47:47:bf:75:57:73:f5:71:f1:57:99:
51:95:72:2d:76:fd:08:ba:1d:00:ce:fe:5d:c6:e7:7b:ca:55:
74:0a:0b:2f:36:0c:04:ba:79:fa:e1:9b:65:e2:e4:f4:95:9e:
1d:ac:e5:be:bb:77:7d:72:bd:13:c2:ba:fa:cd:63:5f:ef:27:
95:bf:70:88:8a:1a:cb:90:ee:02:3f:7b:74:8c:5d:f3:7b:c0:
5e:51:ab:f5
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZVc4TxvUo/LwIdq04TbA1D5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjM2IwYWU1YjdmNzgxMTIyYzcwOWEyNjUwYWRmOTcyOTE4
N2UxZTEwHhcNMjUwMzAzMTY0MDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGU3MzhjOTI3MWI0MzZhNGVhY2IzNTM0YTdlZDYyMWNlZTZhZGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudi1zbSKKftOHyUJ957o97yCAs1n
ioevSzVn+8IcRgBEVBqg4p0wTICrS6WWzjPHD7R4kQDTDLje1DYYkacBJXYoZWU6
4O+W88iUW7FJEKfCGw55oJUh9YOFU/dt7j0Q9ti3pITbTSnWU/CD3BT6h5anlIlb
JrkSItH2fSEBdYYFd/tE8Wn3tB94FAJ2IORbD6OuAQeCw8keyCAJWPBXhI7H5AvO
xBT3cjBFILmY6jpRpAkOIsWHkVP72LA3yJACto3gfRJdXLyehF8buOWEBYbC125K
fJ3A98gk/NH9p8g5XvOUR48XdgE/4MWX4j/02Lp+BvluyjXrVJX1MS6NyQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFGTnOMknG0NqTqyzU0p+1iHO5q3YMB8GA1UdIwQY
MBaAFCw7CuW394ESLHCaJlCt+XKRh+HhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTERzSzViZjNnUklzY0pvbVVLMzVjcEdINGVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi81M2UyNmItZTdlZS00NzNlLWE1NGEt
ZmZjY2EzZTFmMTdmLzEvWk9jNHlTY2JRMnBPckxOVFNuN1dJYzdtcmRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi81M2UyNmItZTdlZS00NzNlLWE1NGEtZmZjY2EzZTFmMTdm
LzEvTERzSzViZjNnUklzY0pvbVVLMzVjcEdINGVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYHKgDcgAAD
BgcqANyHgDANBgkqhkiG9w0BAQsFAAOCAQEAH/lf4vPdgkJkvfcu82P6tzVchLrW
kxhxzrsCa7zrDUFHTXl0bEikV+pKdHUFqJCtHTmnKhTGP7h5azBzrBwnLQd4nJ0e
TMJl1lM3GkDD89ZKfRAm/AxITSWyYWy9jDkTGmmDENaqKQbzHD/+rLuyvfSAyrX+
iAQ8bRY9qNlgy0CTCTQZAqzE/o8J7EOShiNo3TsWLuL01S+rwUx1pXZ7I/NgBT/M
HggqX0dHv3VXc/Vx8VeZUZVyLXb9CLodAM7+Xcbne8pVdAoLLzYMBLp5+uGbZeLk
9JWeHazlvrt3fXK9E8K6+s1jX+8nlb9wiIoay5DuAj97dIxd83vAXlGr9Q==
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:28:08 2025 by rpki-client