Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/z1vRGniO23gVYF0AUC3jyWJmafQ.roa
File: z1vRGniO23gVYF0AUC3jyWJmafQ.roa (raw, json)
Hash identifier: VAmWSohq1epmIvQoYMaQ+yj+j83tSGe23L2elsQsrWg=
Subject key identifier: CF:5B:D1:1A:78:8E:DB:78:15:60:5D:00:50:2D:E3:C9:62:66:69:F4
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 019425FDBD76463F7ABDD3974311427502F5
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/z1vRGniO23gVYF0AUC3jyWJmafQ.roa
Signing time: Thu 02 Jan 2025 07:49:33 +0000
ROA not before: Thu 02 Jan 2025 07:49:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39686
IP address blocks: 2a07:3500:11e0::/48 maxlen: 48
2a07:3501:1050::/48 maxlen: 48
2a07:3501:1060::/48 maxlen: 48
2a07:3502:10e0::/48 maxlen: 48
2a07:3502:11c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:bd:76:46:3f:7a:bd:d3:97:43:11:42:75:02:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Jan 2 07:49:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf5bd11a788edb7815605d00502de3c9626669f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:29:0e:03:37:4f:22:45:85:7d:30:35:73:72:
78:ac:ad:32:14:c5:8b:e5:e8:af:65:1e:33:2d:c9:
61:d7:5c:ce:ff:93:8b:b8:a2:48:82:3e:2c:ab:fe:
57:22:5c:11:c8:15:b4:18:76:bc:97:0a:52:a9:c0:
cb:4b:89:fc:83:64:94:51:c6:61:ff:8b:6e:9c:0b:
20:1c:48:ed:a0:49:81:eb:88:d7:8b:b0:bf:bd:d2:
6f:16:e3:1c:a9:db:8c:ef:f6:e4:eb:9c:63:9b:37:
4b:e5:d4:3b:24:3e:35:dd:c5:74:9e:12:ef:a3:1c:
1d:57:f3:33:66:54:e6:a7:b3:2f:f7:ae:37:90:88:
c4:d2:20:46:a6:f7:3a:8b:e9:22:8e:a7:43:53:a6:
4b:3c:c6:fa:48:5d:22:f0:09:ff:58:4b:ee:f2:ff:
40:57:dc:03:d2:ad:d2:ed:d4:78:d1:6e:a3:87:74:
3f:0d:b8:91:14:b9:72:87:1e:89:5f:3d:95:19:2f:
ed:9c:de:1e:ae:94:25:1d:71:72:80:73:de:a2:50:
dc:9a:8e:fe:27:5b:40:8e:75:ab:12:d6:63:1b:99:
05:df:db:75:b4:6a:17:a1:70:57:b1:32:a8:cf:44:
6a:41:c9:de:73:93:f1:65:45:bf:a8:fa:ca:03:2f:
4a:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:5B:D1:1A:78:8E:DB:78:15:60:5D:00:50:2D:E3:C9:62:66:69:F4
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/z1vRGniO23gVYF0AUC3jyWJmafQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:3500:11e0::/48
2a07:3501:1050::/48
2a07:3501:1060::/48
2a07:3502:10e0::/48
2a07:3502:11c0::/48
Signature Algorithm: sha256WithRSAEncryption
26:3e:d8:b4:d3:4f:cf:de:44:da:19:67:f7:02:1d:6d:8d:d0:
42:69:0e:3e:c2:11:03:aa:14:fa:7f:61:4a:f8:e2:fe:f8:f2:
6c:ad:50:61:9f:78:05:ad:72:7c:b7:60:d8:56:4f:8f:6b:25:
76:5e:06:a1:bb:63:8d:ff:58:0f:8a:cc:07:0c:3b:02:41:c9:
e7:6b:17:b0:f4:12:c3:54:66:39:44:9f:a3:58:f0:ab:14:41:
eb:7e:8f:84:4a:23:57:16:99:f6:4d:23:3d:49:64:4e:2b:99:
95:9c:b8:9b:1f:40:f0:65:bd:4b:b1:7a:b6:db:c4:94:d4:4e:
1a:70:89:59:d6:84:13:16:97:4a:20:35:ba:5f:bf:ad:73:6e:
be:5b:01:04:b5:06:57:e3:00:8c:4d:0a:ff:cc:13:71:e3:5a:
fc:61:14:ba:20:cf:99:73:73:98:96:17:54:ba:e2:63:1a:2b:
d1:b4:c2:f3:11:71:26:d8:13:36:98:21:24:99:fa:a1:24:da:
e5:65:d1:8f:1f:a1:a2:6e:7a:c9:43:0b:b8:59:18:55:db:9e:
c9:9f:97:e8:53:c2:a5:85:89:09:fd:bb:43:53:44:65:a4:16:
32:1e:e2:6d:a9:ed:6b:6a:f4:17:e0:7d:fc:9b:ce:bb:27:e7:
dc:b8:d5:a3
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQl/b12Rj96vdOXQxFCdQL1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjUwMTAyMDc0OTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjViZDExYTc4OGVkYjc4MTU2MDVkMDA1MDJkZTNjOTYyNjY2OWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCkOAzdPIkWFfTA1c3J4rK0yFMWL
5eivZR4zLclh11zO/5OLuKJIgj4sq/5XIlwRyBW0GHa8lwpSqcDLS4n8g2SUUcZh
/4tunAsgHEjtoEmB64jXi7C/vdJvFuMcqduM7/bk65xjmzdL5dQ7JD413cV0nhLv
oxwdV/MzZlTmp7Mv9643kIjE0iBGpvc6i+kijqdDU6ZLPMb6SF0i8An/WEvu8v9A
V9wD0q3S7dR40W6jh3Q/DbiRFLlyhx6JXz2VGS/tnN4erpQlHXFygHPeolDcmo7+
J1tAjnWrEtZjG5kF39t1tGoXoXBXsTKoz0RqQcnec5PxZUW/qPrKAy9K+wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFM9b0Rp4jtt4FWBdAFAt48liZmn0MB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvejF2UkduaU8yM2dWWUYwQVVDM2p5V0ptYWZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAAjAtAwcAKgc1ABHg
AwcAKgc1ARBQAwcAKgc1ARBgAwcAKgc1AhDgAwcAKgc1AhHAMA0GCSqGSIb3DQEB
CwUAA4IBAQAmPti000/P3kTaGWf3Ah1tjdBCaQ4+whEDqhT6f2FK+OL++PJsrVBh
n3gFrXJ8t2DYVk+PayV2Xgahu2ON/1gPiswHDDsCQcnnaxew9BLDVGY5RJ+jWPCr
FEHrfo+ESiNXFpn2TSM9SWROK5mVnLibH0DwZb1LsXq228SU1E4acIlZ1oQTFpdK
IDW6X7+tc26+WwEEtQZX4wCMTQr/zBNx41r8YRS6IM+Zc3OYlhdUuuJjGivRtMLz
EXEm2BM2mCEkmfqhJNrlZdGPH6GibnrJQwu4WRhV257Jn5foU8KlhYkJ/btDU0Rl
pBYyHuJtqe1ravQX4H38m867J+fcuNWj
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:17 2025 by rpki-client