Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ZoZh5SD7bFbYzqIW4eEWIWyPJT4.roa
File: ZoZh5SD7bFbYzqIW4eEWIWyPJT4.roa (raw, json)
Hash identifier: Idw3In15PK5uVPQV1ht5qeSn5h8xMcAXfM1maJkCROc=
Subject key identifier: 66:86:61:E5:20:FB:6C:56:D8:CE:A2:16:E1:E1:16:21:6C:8F:25:3E
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019234A886C3B4CCD6EC1184A9337150E698
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ZoZh5SD7bFbYzqIW4eEWIWyPJT4.roa
Signing time: Fri 27 Sep 2024 18:05:12 +0000
ROA not before: Fri 27 Sep 2024 18:05:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:192:34a7:c7c6/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:34:a8:86:c3:b4:cc:d6:ec:11:84:a9:33:71:50:e6:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 27 18:05:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=668661e520fb6c56d8cea216e1e116216c8f253e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:1a:8c:af:e7:b2:97:c4:f1:7e:35:93:75:61:
a0:d8:7e:c7:02:67:04:ea:30:b1:93:d9:9b:44:04:
d2:fa:f8:00:63:d3:36:af:b3:d3:d6:eb:7c:62:36:
eb:be:16:e5:73:3f:36:b8:19:e8:d2:49:57:cb:3e:
33:71:ca:44:73:5a:9b:99:36:c8:f5:0d:7f:b3:8d:
aa:f8:80:80:3f:4b:79:f4:d9:c7:bb:a1:4a:ad:d6:
30:38:7b:b3:45:03:39:aa:bf:da:19:6c:ba:6e:7b:
0c:5f:ba:c3:fc:18:73:c4:4b:f4:df:dc:1a:0c:29:
fd:b6:07:87:f1:76:ca:24:0a:1f:af:08:d7:06:ca:
2e:58:eb:10:21:f0:47:c2:5c:67:ab:09:a4:f3:d4:
e0:52:d3:a5:e8:ec:2c:b6:c0:80:85:b3:54:42:27:
c4:4d:34:f5:80:7d:b3:00:38:57:80:5b:76:26:16:
bc:d9:b3:ee:dd:83:9f:ac:d8:47:c9:52:a3:d8:89:
64:24:ac:df:e4:5c:fa:f8:2c:c7:5a:0f:24:d4:45:
e0:5b:4c:eb:a6:01:48:4a:f4:1b:dd:34:15:df:92:
52:82:70:9d:c0:9a:10:9e:dd:65:99:20:ef:25:98:
55:ba:c2:3f:db:a7:55:bd:79:ff:90:4e:3f:0c:3a:
8b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:86:61:E5:20:FB:6C:56:D8:CE:A2:16:E1:E1:16:21:6C:8F:25:3E
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ZoZh5SD7bFbYzqIW4eEWIWyPJT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:192:34a7:c7c6/128
Signature Algorithm: sha256WithRSAEncryption
79:f7:4b:30:be:f7:e8:f6:e7:41:fb:ed:5c:33:73:ef:44:dc:
ac:42:7f:27:20:70:8d:77:7c:d5:88:6d:23:ab:e5:81:50:01:
2e:49:12:8d:fc:4c:18:b4:22:4b:30:5d:d2:e8:29:62:07:4c:
b7:9e:59:10:5f:62:59:c1:50:20:57:ee:06:1c:f7:a9:5c:4e:
4a:14:63:f4:ab:55:e1:b3:df:8d:d0:37:0d:ef:5d:58:f8:fb:
9c:19:92:8b:b6:28:77:15:45:ee:60:4e:0e:35:e1:12:b2:8b:
ac:06:c7:b4:29:55:7a:4d:7a:d2:de:77:37:8b:da:c6:5a:ef:
bf:67:33:f6:ca:1b:6a:d5:59:ea:da:43:e9:8e:38:ac:26:eb:
db:3c:24:de:8f:d2:50:db:5e:1d:e6:54:46:5b:55:a2:65:7b:
e3:67:b5:1f:29:f7:bf:b7:66:e2:ee:98:05:62:a7:41:9b:23:
b4:71:2c:10:96:8b:41:54:71:9b:04:77:b4:16:a5:97:e6:54:
cd:af:33:88:45:45:eb:1f:8b:3f:0a:2a:da:f9:44:77:25:1e:
c4:3a:6b:94:63:cd:76:47:f6:2b:b4:9a:af:95:e4:50:fb:a5:
18:c7:fd:7a:cd:2d:00:7f:13:c4:3f:cb:e9:bb:2d:f1:db:66:
14:ca:86:a8
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZI0qIbDtMzW7BGEqTNxUOaYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTI3MTgwNTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Njg2NjFlNTIwZmI2YzU2ZDhjZWEyMTZlMWUxMTYyMTZjOGYyNTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2hqMr+eyl8TxfjWTdWGg2H7HAmcE
6jCxk9mbRATS+vgAY9M2r7PT1ut8Yjbrvhblcz82uBno0klXyz4zccpEc1qbmTbI
9Q1/s42q+ICAP0t59NnHu6FKrdYwOHuzRQM5qr/aGWy6bnsMX7rD/BhzxEv039wa
DCn9tgeH8XbKJAofrwjXBsouWOsQIfBHwlxnqwmk89TgUtOl6OwstsCAhbNUQifE
TTT1gH2zADhXgFt2Jha82bPu3YOfrNhHyVKj2IlkJKzf5Fz6+CzHWg8k1EXgW0zr
pgFISvQb3TQV35JSgnCdwJoQnt1lmSDvJZhVusI/26dVvXn/kE4/DDqLuwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGaGYeUg+2xW2M6iFuHhFiFsjyU+MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWm9aaDVTRDdiRmJZenFJVzRlRVdJV3lQSlQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGSNKfHxjANBgkqhkiG9w0BAQsFAAOCAQEAefdLML736PbnQfvtXDNz70Tc
rEJ/JyBwjXd81YhtI6vlgVABLkkSjfxMGLQiSzBd0ugpYgdMt55ZEF9iWcFQIFfu
Bhz3qVxOShRj9KtV4bPfjdA3De9dWPj7nBmSi7YodxVF7mBODjXhErKLrAbHtClV
ek160t53N4vaxlrvv2cz9sobatVZ6tpD6Y44rCbr2zwk3o/SUNteHeZURltVomV7
42e1Hyn3v7dm4u6YBWKnQZsjtHEsEJaLQVRxmwR3tBall+ZUza8ziEVF6x+LPwoq
2vlEdyUexDprlGPNdkf2K7Sar5XkUPulGMf9es0tAH8TxD/L6bst8dtmFMqGqA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:15:34 2025 by rpki-client