Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/ZgkKPqbv9uiQkq9_E4cqyYGcFls.roa
File: ZgkKPqbv9uiQkq9_E4cqyYGcFls.roa (raw, json)
Hash identifier: m/krRcpOPe54FnCcamtSok5EA+fs9cArfGttZA4+K7A=
Subject key identifier: 66:09:0A:3E:A6:EF:F6:E8:90:92:AF:7F:13:87:2A:C9:81:9C:16:5B
Certificate issuer: /CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Certificate serial: 019424453F5EF63D0B8B677768E57DF57539
Authority key identifier: 83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/ZgkKPqbv9uiQkq9_E4cqyYGcFls.roa
Signing time: Wed 01 Jan 2025 23:48:25 +0000
ROA not before: Wed 01 Jan 2025 23:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 2a0b:6b86:f00::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:3f:5e:f6:3d:0b:8b:67:77:68:e5:7d:f5:75:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Validity
Not Before: Jan 1 23:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=66090a3ea6eff6e89092af7f13872ac9819c165b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:80:6a:26:82:fb:48:84:fc:0b:93:39:df:4f:
19:24:07:3b:c4:d6:fb:52:58:b2:84:fb:32:e4:2f:
d9:bd:e6:ed:de:06:53:e0:b8:f4:1f:bb:2c:78:8a:
42:81:b0:80:86:e5:12:65:66:f4:af:f4:8b:54:35:
e0:a8:8f:69:e2:4d:63:29:31:cd:ce:0c:99:cb:1c:
8d:00:7f:50:9e:42:2d:dc:4f:f2:b6:bb:05:21:4d:
c9:54:8c:78:1b:96:c8:e2:ee:7c:d9:a5:34:79:c1:
1a:2a:da:9d:46:3c:bf:70:ec:04:86:82:2d:0e:e4:
8b:5f:23:30:53:e4:78:1e:36:77:6f:e0:34:cf:d8:
79:ac:9f:91:75:0a:e2:18:f2:20:fc:a8:13:80:86:
ce:6b:ae:87:20:6b:42:7c:39:8f:c5:8d:25:fc:78:
9a:86:bd:85:ee:dd:2c:3a:38:ee:ea:87:af:3a:43:
03:5f:3b:18:57:79:7f:85:dc:ec:01:04:10:f0:0c:
ec:16:73:ac:02:09:03:9b:2d:7d:ee:55:3e:af:93:
59:b0:45:91:bc:43:7f:a5:ac:7c:73:7c:00:ec:cf:
09:bb:a4:97:a6:c5:09:9d:87:13:49:65:34:2b:1e:
14:e7:bd:53:b8:72:eb:e5:03:8f:63:df:8f:02:39:
e7:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:09:0A:3E:A6:EF:F6:E8:90:92:AF:7F:13:87:2A:C9:81:9C:16:5B
X509v3 Authority Key Identifier:
keyid:83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/ZgkKPqbv9uiQkq9_E4cqyYGcFls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:6b86:f00::/40
Signature Algorithm: sha256WithRSAEncryption
9a:ec:c1:0f:2b:48:6c:48:9b:a7:ec:b7:ce:fb:d1:bd:f1:6b:
27:7e:38:ea:9e:b4:53:d5:1f:41:b6:f5:5d:08:5f:06:e3:d6:
f5:d0:d0:93:7e:66:a2:cd:1b:99:2f:30:ac:ff:35:95:75:77:
2d:20:c6:38:44:c5:17:2e:e0:ca:b0:88:78:37:26:90:47:43:
ec:e6:e2:38:0e:cd:04:8b:8d:23:63:52:81:0f:65:1e:e2:93:
64:1c:90:ac:c0:06:d2:c4:93:18:c9:cf:83:73:33:8a:42:0c:
64:d3:9d:a5:4d:df:f1:6e:8d:33:d9:32:d6:be:13:e9:c5:db:
ff:e6:fb:4c:89:69:bf:03:ba:14:21:8e:78:c8:85:d5:1c:4d:
89:a2:38:cc:72:8e:a0:7c:0e:84:15:88:dd:33:36:ec:14:25:
c5:47:f3:a7:39:2c:31:a9:a4:20:3c:13:b2:0d:88:76:7b:15:
d2:3b:53:1d:ef:56:be:2c:da:11:03:6e:27:8f:3b:83:d0:fd:
56:df:43:ca:79:f0:43:00:39:9f:4f:56:8b:bf:d2:00:ab:a2:
73:a2:2e:7c:f5:90:b9:2a:c4:57:24:52:88:4e:fb:25:0c:d5:
92:d2:e3:86:70:52:26:e0:00:98:f4:86:32:56:b9:de:bc:1a:
20:24:7b:f8
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQkRT9e9j0Li2d3aOV99XU5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNWJjOWJiNTQ3ZTI3Nzg4ZDIyMWJjOGJiZDVmYjAyZTAy
NDQ4MGYwHhcNMjUwMTAxMjM0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjA5MGEzZWE2ZWZmNmU4OTA5MmFmN2YxMzg3MmFjOTgxOWMxNjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoBqJoL7SIT8C5M5308ZJAc7xNb7
UliyhPsy5C/Zvebt3gZT4Lj0H7sseIpCgbCAhuUSZWb0r/SLVDXgqI9p4k1jKTHN
zgyZyxyNAH9QnkIt3E/ytrsFIU3JVIx4G5bI4u582aU0ecEaKtqdRjy/cOwEhoIt
DuSLXyMwU+R4HjZ3b+A0z9h5rJ+RdQriGPIg/KgTgIbOa66HIGtCfDmPxY0l/Hia
hr2F7t0sOjju6oevOkMDXzsYV3l/hdzsAQQQ8AzsFnOsAgkDmy197lU+r5NZsEWR
vEN/pax8c3wA7M8Ju6SXpsUJnYcTSWU0Kx4U571TuHLr5QOPY9+PAjnnxQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGYJCj6m7/bokJKvfxOHKsmBnBZbMB8GA1UdIwQY
MBaAFINbybtUfid4jSIbyLvV+wLgJEgPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEt
YjM2YTI0ZDM5NDI3LzEvWmdrS1BxYnY5dWlRa3E5X0U0Y3F5WUdjRmxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEtYjM2YTI0ZDM5NDI3
LzEvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgtrhg8w
DQYJKoZIhvcNAQELBQADggEBAJrswQ8rSGxIm6fst8770b3xayd+OOqetFPVH0G2
9V0IXwbj1vXQ0JN+ZqLNG5kvMKz/NZV1dy0gxjhExRcu4MqwiHg3JpBHQ+zm4jgO
zQSLjSNjUoEPZR7ik2QckKzABtLEkxjJz4NzM4pCDGTTnaVN3/FujTPZMta+E+nF
2//m+0yJab8DuhQhjnjIhdUcTYmiOMxyjqB8DoQViN0zNuwUJcVH86c5LDGppCA8
E7INiHZ7FdI7Ux3vVr4s2hEDbiePO4PQ/VbfQ8p58EMAOZ9PVou/0gCronOiLnz1
kLkqxFckUohO+yUM1ZLS44ZwUibgAJj0hjJWud68GiAke/g=
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:32:42 2025 by rpki-client