Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/zm_RPXJ5mWAYkRg_iDKTirW7uMo.roa
File: zm_RPXJ5mWAYkRg_iDKTirW7uMo.roa (raw, json)
Hash identifier: J9uSD71AWQdV3dY1nYbCSbcteJGRO6RJS8oy+TAwB6g=
Subject key identifier: CE:6F:D1:3D:72:79:99:60:18:91:18:3F:88:32:93:8A:B5:BB:B8:CA
Certificate issuer: /CN=d60f45f7cc4b691fd4a31c1f1c0b4f605d77a6ef
Certificate serial: 01856FCBC0E60D591502F87555110B5D24E5
Authority key identifier: D6:0F:45:F7:CC:4B:69:1F:D4:A3:1C:1F:1C:0B:4F:60:5D:77:A6:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1g9F98xLaR_UoxwfHAtPYF13pu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/zm_RPXJ5mWAYkRg_iDKTirW7uMo.roa
Signing time: Mon 02 Jan 2023 00:05:02 +0000
ROA not before: Mon 02 Jan 2023 00:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213253
IP address blocks: 2a0e:e704:42::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:c0:e6:0d:59:15:02:f8:75:55:11:0b:5d:24:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60f45f7cc4b691fd4a31c1f1c0b4f605d77a6ef
Validity
Not Before: Jan 2 00:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce6fd13d727999601891183f8832938ab5bbb8ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:cb:28:a7:0b:8a:f7:b2:66:c3:9c:24:26:c0:
ae:5c:94:7d:5b:9a:63:41:25:b1:35:f8:9f:fe:06:
3f:f3:f2:88:5e:52:98:04:b4:ea:13:f4:9f:a1:36:
2a:d2:54:59:c1:4e:e1:54:9b:64:4b:f5:46:42:da:
f6:58:97:17:8b:71:66:ef:4e:ba:67:a4:ff:7c:50:
4c:50:0d:61:ab:79:be:31:24:a4:af:41:ca:f6:3f:
b1:28:80:8e:3e:8f:a2:3e:96:cf:84:fd:3a:b9:c8:
b9:b0:44:5e:7f:17:99:31:25:e3:c1:2d:9d:1d:3f:
4a:a6:fb:53:2a:0b:8d:6b:a7:b1:a9:1f:4c:57:ff:
ee:f2:4f:1b:25:68:ff:d3:fb:9c:f6:75:e5:b1:3c:
50:fd:ac:36:9a:6f:06:01:6f:64:92:a5:15:85:57:
19:9a:33:28:0e:39:00:5f:48:d1:6d:cb:78:47:ca:
6f:40:96:f5:7a:fb:47:f3:13:a3:09:08:e6:fe:9d:
01:9d:92:48:f7:d0:79:86:dd:cc:f5:f5:cf:3a:31:
eb:ab:ed:34:c0:47:d0:19:6e:ef:0f:35:b3:6f:06:
98:02:c5:76:aa:28:a6:f6:6a:b9:f7:a2:74:14:de:
a6:d2:81:fe:f6:cc:7c:34:3e:92:5c:d2:be:92:e9:
fd:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:6F:D1:3D:72:79:99:60:18:91:18:3F:88:32:93:8A:B5:BB:B8:CA
X509v3 Authority Key Identifier:
keyid:D6:0F:45:F7:CC:4B:69:1F:D4:A3:1C:1F:1C:0B:4F:60:5D:77:A6:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1g9F98xLaR_UoxwfHAtPYF13pu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/zm_RPXJ5mWAYkRg_iDKTirW7uMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/1g9F98xLaR_UoxwfHAtPYF13pu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:e704:42::/48
Signature Algorithm: sha256WithRSAEncryption
7e:1a:33:5c:a5:22:da:51:28:c0:27:06:03:a3:3b:d2:5c:62:
e9:04:9d:d7:28:44:ae:e8:ec:6c:9e:2b:36:8e:be:1b:f9:ca:
6e:08:ed:bf:6a:be:59:6e:56:ea:bf:8e:28:fa:6a:8f:be:c0:
9b:e4:dc:44:3c:05:eb:46:ec:47:02:18:ed:95:7b:e4:0e:69:
ba:62:14:cd:5e:b1:86:30:6f:2b:52:21:bd:1b:91:54:90:3f:
59:2c:b1:d3:60:97:84:20:52:ab:7b:0f:a2:09:6e:e7:6b:8b:
76:e6:f7:12:5c:b1:ab:2e:db:89:77:32:49:89:0e:4f:12:4f:
e3:a4:e6:49:ec:3f:28:41:6e:cc:48:65:6b:d5:9e:31:3f:70:
21:cd:09:c4:bc:87:61:1f:36:d5:17:74:c3:fc:22:32:93:48:
77:c8:ad:af:90:d1:6d:fd:5c:cd:55:ba:7e:39:6a:d3:47:f0:
ac:07:e5:65:38:cb:54:06:d7:43:40:5d:08:e7:48:1a:ea:66:
96:b6:48:5c:6c:ee:1c:64:66:52:6f:d6:70:ec:dc:13:5a:42:
fe:84:73:47:62:84:84:6c:15:40:48:8e:ed:27:fe:74:e5:30:
88:05:a4:17:a7:08:3a:68:26:23:bf:39:24:52:fc:3e:c0:15:
a3:66:6d:99
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvy8DmDVkVAvh1VRELXSTlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MGY0NWY3Y2M0YjY5MWZkNGEzMWMxZjFjMGI0ZjYwNWQ3
N2E2ZWYwHhcNMjMwMTAyMDAwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTZmZDEzZDcyNzk5OTYwMTg5MTE4M2Y4ODMyOTM4YWI1YmJiOGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8sopwuK97Jmw5wkJsCuXJR9W5pj
QSWxNfif/gY/8/KIXlKYBLTqE/SfoTYq0lRZwU7hVJtkS/VGQtr2WJcXi3Fm7066
Z6T/fFBMUA1hq3m+MSSkr0HK9j+xKICOPo+iPpbPhP06uci5sERefxeZMSXjwS2d
HT9KpvtTKguNa6exqR9MV//u8k8bJWj/0/uc9nXlsTxQ/aw2mm8GAW9kkqUVhVcZ
mjMoDjkAX0jRbct4R8pvQJb1evtH8xOjCQjm/p0BnZJI99B5ht3M9fXPOjHrq+00
wEfQGW7vDzWzbwaYAsV2qiim9mq596J0FN6m0oH+9sx8ND6SXNK+kun9NwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFM5v0T1yeZlgGJEYP4gyk4q1u7jKMB8GA1UdIwQY
MBaAFNYPRffMS2kf1KMcHxwLT2Bdd6bvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWc5Rjk4eExhUl9Vb3h3ZkhBdFBZRjEzcHU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9hZDMwNDQtY2RjZS00NmNmLTkyYzkt
YTk1NGQwNTM5OTRhLzEvem1fUlBYSjVtV0FZa1JnX2lES1Rpclc3dU1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9hZDMwNDQtY2RjZS00NmNmLTkyYzktYTk1NGQwNTM5OTRh
LzEvMWc5Rjk4eExhUl9Vb3h3ZkhBdFBZRjEzcHU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg7nBABC
MA0GCSqGSIb3DQEBCwUAA4IBAQB+GjNcpSLaUSjAJwYDozvSXGLpBJ3XKESu6Oxs
nis2jr4b+cpuCO2/ar5Zblbqv44o+mqPvsCb5NxEPAXrRuxHAhjtlXvkDmm6YhTN
XrGGMG8rUiG9G5FUkD9ZLLHTYJeEIFKrew+iCW7na4t25vcSXLGrLtuJdzJJiQ5P
Ek/jpOZJ7D8oQW7MSGVr1Z4xP3AhzQnEvIdhHzbVF3TD/CIyk0h3yK2vkNFt/VzN
Vbp+OWrTR/CsB+VlOMtUBtdDQF0I50ga6maWtkhcbO4cZGZSb9Zw7NwTWkL+hHNH
YoSEbBVASI7tJ/505TCIBaQXpwg6aCYjvzkkUvw+wBWjZm2Z
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:36:31 2025 by rpki-client