Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Sz853BT-ZEs84_klPnDrlyW8_A8.roa
File: Sz853BT-ZEs84_klPnDrlyW8_A8.roa (raw, json)
Hash identifier: 6LMuPPnZJDwkNU0qz19RxDBP4BqIuoEtCY2cIHV+dgk=
Subject key identifier: 4B:3F:39:DC:14:FE:64:4B:3C:E3:F9:25:3E:70:EB:97:25:BC:FC:0F
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01959C82C329B269D65E8FE8F174FC71A9C1
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Sz853BT-ZEs84_klPnDrlyW8_A8.roa
Signing time: Sun 16 Mar 2025 01:12:50 +0000
ROA not before: Sun 16 Mar 2025 01:12:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:9c:82:c3:29:b2:69:d6:5e:8f:e8:f1:74:fc:71:a9:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 16 01:12:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4b3f39dc14fe644b3ce3f9253e70eb9725bcfc0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f6:d0:16:7e:a6:83:80:f7:fe:77:b8:aa:ef:
1c:ca:40:01:e4:d8:0a:a3:b7:0f:10:2b:9f:79:94:
de:35:66:01:bf:0a:99:83:c6:19:3e:d7:0e:aa:e4:
dd:23:a9:65:30:1b:2a:38:90:dd:11:6c:e4:e6:56:
49:31:7b:ae:2a:39:9d:42:6f:29:30:8e:3e:4c:05:
c1:e6:2e:77:1a:0d:f4:2c:72:14:29:fc:0b:a9:24:
6f:c6:1c:50:e8:ee:9b:fe:ef:8b:06:35:f9:23:11:
23:4a:37:06:5c:3b:0a:0e:82:b8:98:d1:28:55:6c:
bf:20:b0:e5:6c:e3:9f:bb:96:4f:b5:ee:52:f1:dc:
5e:d9:e9:06:74:b6:63:9a:d7:1e:f7:13:49:d5:a6:
34:f3:27:05:6f:73:bd:9f:4e:71:59:52:78:7d:f9:
99:e4:a0:83:07:e4:bf:64:5a:bc:4c:81:98:c2:55:
38:b3:a7:2e:42:a9:e8:0f:df:ff:ae:c0:61:70:f4:
13:12:ac:0f:4b:49:09:f9:5d:4f:18:51:63:ee:11:
bf:52:e7:36:f9:89:b3:ef:be:ea:9e:a2:4c:a9:63:
3e:32:c5:f3:48:d8:33:64:01:6e:87:96:28:b4:c3:
57:e1:23:47:b6:87:f1:02:6a:42:33:0b:f3:68:59:
79:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:3F:39:DC:14:FE:64:4B:3C:E3:F9:25:3E:70:EB:97:25:BC:FC:0F
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Sz853BT-ZEs84_klPnDrlyW8_A8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
22:f6:21:19:28:1a:a8:9c:5f:83:c7:5d:4b:33:e1:5f:3d:3a:
ba:f8:0d:27:f6:5b:98:13:2b:cc:0a:dc:ae:87:6f:66:29:0f:
4b:03:6d:aa:9e:ce:5f:d0:fd:10:f5:6a:59:58:ea:73:1b:b9:
ba:4d:9e:8e:da:c3:b7:08:b4:13:82:c0:f4:eb:53:ff:a3:d5:
8a:ee:91:42:3d:65:37:d9:46:0d:c3:84:18:e9:a5:24:6d:4f:
24:ba:ed:88:17:bd:d3:72:c0:03:71:b5:30:cb:c1:cb:25:03:
07:51:53:ee:86:5a:d9:1b:2f:1a:38:2a:b7:9f:bf:00:cd:fc:
26:41:31:84:af:fe:4c:59:81:a4:7a:97:2e:da:01:fe:ef:a8:
a8:13:fa:0b:f7:9f:79:0c:4c:ac:79:c3:fe:d2:95:0b:3b:a6:
47:8a:17:38:ab:0c:b9:b0:1b:de:96:e0:ec:d3:cd:6e:b4:ff:
a8:b8:18:b5:b8:8b:6f:45:91:e8:f3:f7:86:1e:8d:0b:60:7d:
f1:96:3e:94:69:d0:aa:d5:98:dd:5c:58:b5:6c:64:cf:c9:c7:
d5:95:15:00:e0:3e:23:be:84:9b:59:c1:43:df:fc:ed:ea:64:
87:cc:70:6e:ee:0d:20:09:43:15:85:0a:d7:6a:4a:1c:47:59:
fc:55:f9:0c
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWcgsMpsmnWXo/o8XT8canBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE2MDExMjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjNmMzlkYzE0ZmU2NDRiM2NlM2Y5MjUzZTcwZWI5NzI1YmNmYzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfbQFn6mg4D3/ne4qu8cykAB5NgK
o7cPECufeZTeNWYBvwqZg8YZPtcOquTdI6llMBsqOJDdEWzk5lZJMXuuKjmdQm8p
MI4+TAXB5i53Gg30LHIUKfwLqSRvxhxQ6O6b/u+LBjX5IxEjSjcGXDsKDoK4mNEo
VWy/ILDlbOOfu5ZPte5S8dxe2ekGdLZjmtce9xNJ1aY08ycFb3O9n05xWVJ4ffmZ
5KCDB+S/ZFq8TIGYwlU4s6cuQqnoD9//rsBhcPQTEqwPS0kJ+V1PGFFj7hG/Uuc2
+Ymz777qnqJMqWM+MsXzSNgzZAFuh5YotMNX4SNHtofxAmpCMwvzaFl5kwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFEs/OdwU/mRLPOP5JT5w65clvPwPMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvU3o4NTNCVC1aRXM4NF9rbFBuRHJseVc4X0E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAIvYhGSgaqJxfg8ddSzPhXz06
uvgNJ/ZbmBMrzArcrodvZikPSwNtqp7OX9D9EPVqWVjqcxu5uk2ejtrDtwi0E4LA
9OtT/6PViu6RQj1lN9lGDcOEGOmlJG1PJLrtiBe903LAA3G1MMvByyUDB1FT7oZa
2RsvGjgqt5+/AM38JkExhK/+TFmBpHqXLtoB/u+oqBP6C/efeQxMrHnD/tKVCzum
R4oXOKsMubAb3pbg7NPNbrT/qLgYtbiLb0WR6PP3hh6NC2B98ZY+lGnQqtWY3VxY
tWxkz8nH1ZUVAOA+I76Em1nBQ9/87epkh8xwbu4NIAlDFYUK12pKHEdZ/FX5DA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:17:20 2025 by rpki-client