Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/lZk1JIP8_C7hDNXHw1WT1O1-u7Q.roa
File: lZk1JIP8_C7hDNXHw1WT1O1-u7Q.roa (raw, json)
Hash identifier: Dhpv7HsasW2h0lalzWLImx/yhoxcIiseYipJwKv/OHI=
Subject key identifier: 95:99:35:24:83:FC:FC:2E:E1:0C:D5:C7:C3:55:93:D4:ED:7E:BB:B4
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 019425FDBCAFAD9767B744B0A2427CE7EA42
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/lZk1JIP8_C7hDNXHw1WT1O1-u7Q.roa
Signing time: Thu 02 Jan 2025 07:49:33 +0000
ROA not before: Thu 02 Jan 2025 07:49:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34663
IP address blocks: 2a04:9a01:1000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:bc:af:ad:97:67:b7:44:b0:a2:42:7c:e7:ea:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Jan 2 07:49:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9599352483fcfc2ee10cd5c7c35593d4ed7ebbb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:45:3c:57:f2:f7:05:ef:99:6f:e0:db:5b:4f:
78:86:04:0b:a6:69:3a:10:56:4c:06:3d:a4:dd:4b:
a3:7d:a3:9e:cf:11:27:56:e5:f2:c3:95:99:e2:74:
2a:a9:b3:29:82:34:b7:2c:d7:ec:0a:2f:ba:09:2a:
58:4f:4e:51:b2:42:9d:b5:f0:a5:d7:17:63:7e:4d:
58:e8:b9:4d:95:22:0e:f7:8e:9c:32:18:ea:3f:f8:
ca:20:ad:f7:e1:94:4c:80:d6:c7:65:3a:a1:f3:e0:
ec:3a:53:0a:58:86:5d:dc:2f:d5:95:6f:16:62:1b:
1d:d9:98:d4:6f:d0:6e:66:f5:f7:2a:85:e4:32:1a:
47:8e:a6:87:5b:74:0a:2d:11:94:92:1e:0a:d2:a2:
5d:3f:cb:78:b5:ba:05:65:4f:bb:05:1d:ef:4f:bb:
59:f9:e5:06:23:9d:43:a2:cd:81:95:8e:11:fc:5e:
b0:eb:2b:37:bd:b9:0e:20:2b:2a:87:1d:77:95:7d:
9f:38:ff:50:7d:d6:05:36:f8:f7:04:78:e0:a4:b2:
81:e8:3d:de:5b:d1:bc:9b:83:81:99:fa:11:f5:5b:
34:0e:db:c6:8b:17:db:c7:6f:71:fa:f7:33:ef:40:
0c:da:90:8f:ce:c7:1c:bd:c4:98:19:27:fc:46:ea:
ee:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:99:35:24:83:FC:FC:2E:E1:0C:D5:C7:C3:55:93:D4:ED:7E:BB:B4
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/lZk1JIP8_C7hDNXHw1WT1O1-u7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:9a01:1000::/36
Signature Algorithm: sha256WithRSAEncryption
bf:82:1f:ba:2b:4b:9d:d9:60:4a:1d:1d:4e:ee:ff:b9:f8:23:
75:b4:70:5a:cc:8e:e1:4d:1e:88:70:f7:33:f4:a5:f6:5b:f2:
d0:31:a0:4a:5e:71:3a:13:fb:b4:9c:bb:b0:ba:a8:bf:47:5d:
0d:16:06:5e:55:33:de:41:50:14:cb:90:bb:5d:e9:1f:4b:0a:
cc:13:c2:3b:c6:30:d4:5e:56:1e:64:b3:58:df:fa:32:42:66:
b0:83:cd:2c:c3:a4:f6:5e:b7:0b:29:47:7c:a3:77:b1:3a:62:
c3:e2:dc:fa:84:b0:e6:2a:e9:46:76:97:42:e4:7e:ad:b4:a9:
c2:c8:29:10:0b:e4:c4:44:a5:8c:6e:56:09:2c:0d:ed:0b:1c:
70:98:67:de:cf:8a:54:d3:c7:be:d6:79:08:a8:90:3f:af:4c:
59:d5:de:5d:9f:99:47:18:a2:08:c1:87:d6:ef:9e:e9:8d:a4:
36:e4:e6:8a:b8:b2:eb:7b:41:8b:d7:c2:37:4e:c8:66:41:94:
5e:9b:f5:94:be:97:18:45:7c:4d:26:b7:7f:53:cc:29:bc:c0:
46:85:3b:0e:28:1c:62:94:5d:e3:e3:d4:e3:20:f5:96:e3:cd:
0b:bc:56:49:9a:af:bd:af:98:25:bb:fa:b3:49:d4:ef:40:97:
17:0a:b5:d1
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQl/byvrZdnt0SwokJ85+pCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjUwMTAyMDc0OTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTk5MzUyNDgzZmNmYzJlZTEwY2Q1YzdjMzU1OTNkNGVkN2ViYmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEU8V/L3Be+Zb+DbW094hgQLpmk6
EFZMBj2k3UujfaOezxEnVuXyw5WZ4nQqqbMpgjS3LNfsCi+6CSpYT05RskKdtfCl
1xdjfk1Y6LlNlSIO946cMhjqP/jKIK334ZRMgNbHZTqh8+DsOlMKWIZd3C/VlW8W
Yhsd2ZjUb9BuZvX3KoXkMhpHjqaHW3QKLRGUkh4K0qJdP8t4tboFZU+7BR3vT7tZ
+eUGI51Dos2BlY4R/F6w6ys3vbkOICsqhx13lX2fOP9QfdYFNvj3BHjgpLKB6D3e
W9G8m4OBmfoR9Vs0DtvGixfbx29x+vcz70AM2pCPzsccvcSYGSf8RururwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJWZNSSD/Pwu4QzVx8NVk9Ttfru0MB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvbFprMUpJUDhfQzdoRE5YSHcxV1QxTzEtdTdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgSaARAw
DQYJKoZIhvcNAQELBQADggEBAL+CH7orS53ZYEodHU7u/7n4I3W0cFrMjuFNHohw
9zP0pfZb8tAxoEpecToT+7Scu7C6qL9HXQ0WBl5VM95BUBTLkLtd6R9LCswTwjvG
MNReVh5ks1jf+jJCZrCDzSzDpPZetwspR3yjd7E6YsPi3PqEsOYq6UZ2l0Lkfq20
qcLIKRAL5MREpYxuVgksDe0LHHCYZ97PilTTx77WeQiokD+vTFnV3l2fmUcYogjB
h9bvnumNpDbk5oq4sut7QYvXwjdOyGZBlF6b9ZS+lxhFfE0mt39TzCm8wEaFOw4o
HGKUXePj1OMg9ZbjzQu8Vkmar72vmCW7+rNJ1O9AlxcKtdE=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:29:32 2025 by rpki-client