Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/1-ZESMOk1LJHGfQydJ6f-WFvcNo.roa
File: 1-ZESMOk1LJHGfQydJ6f-WFvcNo.roa (raw, json)
Hash identifier: 5QkCvHy5dIWdMGbQWI3sNyu1/RQRwh4wQ0S1Muo61+Y=
Subject key identifier: D7:E6:44:48:C3:A4:D4:B2:47:19:F4:32:74:9E:9F:F9:61:6F:70:DA
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 01856C784DC5490886E04A3E42BCC2E127D7
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/1-ZESMOk1LJHGfQydJ6f-WFvcNo.roa
Signing time: Sun 01 Jan 2023 08:35:01 +0000
ROA not before: Sun 01 Jan 2023 08:35:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210743
IP address blocks: 2a10:3980::/29 maxlen: 29
2a10:14c0::/29 maxlen: 29
2a0e:5780::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:4d:c5:49:08:86:e0:4a:3e:42:bc:c2:e1:27:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Jan 1 08:35:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d7e64448c3a4d4b24719f432749e9ff9616f70da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:eb:68:7d:52:9e:82:bf:92:d3:9e:ae:c1:e7:
1a:a7:ce:61:9f:11:bf:db:c5:d1:f8:c1:c7:43:83:
3d:c5:34:a9:07:92:23:7a:ef:17:05:75:f3:fb:1b:
32:e2:11:92:ca:77:3d:2f:84:d9:4f:a4:12:99:e7:
1b:2d:35:96:9f:ac:0c:17:ec:84:87:ef:73:be:5e:
3c:23:44:da:98:a1:02:4d:95:84:c1:76:83:3e:1b:
44:4b:90:1e:c4:07:d1:b2:1a:c5:c9:31:d4:d4:07:
61:b3:08:d8:89:64:26:9e:e4:62:d5:3e:81:9d:97:
6e:29:e5:6a:44:5f:59:de:9a:da:a5:3c:4d:30:0e:
06:75:0d:35:67:68:e2:54:fa:86:37:57:e9:43:29:
b3:9e:63:22:a1:23:2d:db:bb:6f:31:83:2e:56:6f:
df:a3:f1:a1:46:13:98:80:73:8e:e6:d3:bb:59:9a:
de:4f:f6:25:ac:fa:54:ea:74:ae:f7:95:57:1a:b5:
0e:9f:20:dd:e9:5e:49:c7:33:b4:f8:38:90:e9:f6:
83:ae:6b:fc:f0:92:5c:e3:fd:95:8f:c0:b6:7c:7c:
be:13:79:03:ea:3c:06:f8:ca:ee:89:6e:7c:ff:bc:
b1:aa:f3:ed:3e:36:cf:5d:79:2d:fa:af:0c:6f:ca:
5a:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:E6:44:48:C3:A4:D4:B2:47:19:F4:32:74:9E:9F:F9:61:6F:70:DA
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/1-ZESMOk1LJHGfQydJ6f-WFvcNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:5780::/29
2a10:14c0::/29
2a10:3980::/29
Signature Algorithm: sha256WithRSAEncryption
59:f6:07:20:1e:f3:79:b2:50:ea:20:ce:c4:57:8c:58:ea:23:
e2:4c:b8:5b:57:ef:a1:97:b9:87:cb:f7:47:46:3f:05:b6:4a:
ee:00:50:c3:04:ae:83:b8:b2:94:30:90:9b:5d:66:ec:66:33:
52:4c:47:99:57:dd:02:c6:77:cf:93:d5:df:8f:6d:d4:88:31:
0e:00:6d:54:a0:c2:bb:91:ee:e5:ac:80:ea:21:67:ba:e2:a4:
b0:72:db:a1:51:f7:fd:62:ab:9b:6a:04:1b:2e:a8:17:d3:85:
50:e0:1f:37:4d:f6:81:ad:e0:ed:d7:fb:eb:98:08:fa:d4:22:
08:6d:ea:ec:a6:05:26:68:86:ed:b5:2d:dd:33:76:12:9c:ad:
44:4c:6a:ea:80:bd:e9:d0:44:6f:b7:0c:57:96:20:bb:c7:04:
24:03:bb:10:b1:14:4c:5c:ca:60:8e:1e:03:5c:5e:3b:15:1a:
4b:06:50:f3:26:2f:68:f6:4d:af:71:ff:58:5f:cf:96:6f:9c:
14:6f:d3:1e:96:93:4c:1a:44:0f:be:73:af:2b:ca:26:7d:ed:
7e:15:04:62:bc:5e:6e:d5:61:f7:62:61:de:6e:6b:ce:5f:d7:
07:ce:8f:50:c3:87:80:26:ca:80:27:e9:f1:a8:6b:d4:7e:76:
62:3e:80:68
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVseE3FSQiG4Eo+QrzC4SfXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjMwMTAxMDgzNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2U2NDQ0OGMzYTRkNGIyNDcxOWY0MzI3NDllOWZmOTYxNmY3MGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArutofVKegr+S056uwecap85hnxG/
28XR+MHHQ4M9xTSpB5Ijeu8XBXXz+xsy4hGSync9L4TZT6QSmecbLTWWn6wMF+yE
h+9zvl48I0TamKECTZWEwXaDPhtES5AexAfRshrFyTHU1AdhswjYiWQmnuRi1T6B
nZduKeVqRF9Z3prapTxNMA4GdQ01Z2jiVPqGN1fpQymznmMioSMt27tvMYMuVm/f
o/GhRhOYgHOO5tO7WZreT/YlrPpU6nSu95VXGrUOnyDd6V5JxzO0+DiQ6faDrmv8
8JJc4/2Vj8C2fHy+E3kD6jwG+MruiW58/7yxqvPtPjbPXXkt+q8Mb8palwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNfmREjDpNSyRxn0MnSen/lhb3DaMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvMS1aRVNNT2sxTEpIR2ZReWRKNmYtV0Z2Y05vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg5XgAMF
AyoQFMADBQMqEDmAMA0GCSqGSIb3DQEBCwUAA4IBAQBZ9gcgHvN5slDqIM7EV4xY
6iPiTLhbV++hl7mHy/dHRj8FtkruAFDDBK6DuLKUMJCbXWbsZjNSTEeZV90CxnfP
k9Xfj23UiDEOAG1UoMK7ke7lrIDqIWe64qSwctuhUff9YqubagQbLqgX04VQ4B83
TfaBreDt1/vrmAj61CIIberspgUmaIbttS3dM3YSnK1ETGrqgL3p0ERvtwxXliC7
xwQkA7sQsRRMXMpgjh4DXF47FRpLBlDzJi9o9k2vcf9YX8+Wb5wUb9MelpNMGkQP
vnOvK8omfe1+FQRivF5u1WH3YmHebmvOX9cHzo9Qw4eAJsqAJ+nxqGvUfnZiPoBo
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:49 2025 by rpki-client