Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/ee09f1-7d0b-431f-aaee-bb8debc00388/1/z5AaUIsCUfsHWnAtqAIr_d8n8do.roa
File: z5AaUIsCUfsHWnAtqAIr_d8n8do.roa (raw, json)
Hash identifier: rmzyF9COLH0iNSyMo0DleMzCkcEN6+9Om4xVkdPkL6s=
Subject key identifier: CF:90:1A:50:8B:02:51:FB:07:5A:70:2D:A8:02:2B:FD:DF:27:F1:DA
Certificate issuer: /CN=c61850173c8d28d5afbf91091ca63e5da3c75ed4
Certificate serial: 019423D744BCFD73BDD35189323296A2A8FB
Authority key identifier: C6:18:50:17:3C:8D:28:D5:AF:BF:91:09:1C:A6:3E:5D:A3:C7:5E:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhhQFzyNKNWvv5EJHKY-XaPHXtQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/ee09f1-7d0b-431f-aaee-bb8debc00388/1/z5AaUIsCUfsHWnAtqAIr_d8n8do.roa
Signing time: Wed 01 Jan 2025 21:48:17 +0000
ROA not before: Wed 01 Jan 2025 21:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29684
IP address blocks: 2a05:5100::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:44:bc:fd:73:bd:d3:51:89:32:32:96:a2:a8:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c61850173c8d28d5afbf91091ca63e5da3c75ed4
Validity
Not Before: Jan 1 21:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf901a508b0251fb075a702da8022bfddf27f1da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8c:72:59:4a:9f:c3:f7:25:12:c9:59:4c:8d:
ad:fe:e6:88:90:aa:24:55:f1:fd:a7:4f:93:5e:17:
db:14:9e:cb:2d:e1:06:84:8e:6c:fa:af:75:7e:df:
87:2b:39:14:c5:ae:34:9a:fd:7d:9a:ed:1a:6d:72:
91:ca:08:f2:d8:a5:c0:d1:93:ba:b5:e6:9e:30:dd:
e0:4b:e1:e2:6e:99:d8:0d:ff:e5:53:bd:f4:f3:52:
4b:ea:70:fb:87:6d:a6:b1:cd:47:4d:36:e8:96:a8:
68:88:1b:c3:a0:2a:6e:a4:3d:b7:2a:61:f1:fc:6e:
db:6b:9a:ff:fd:07:39:81:12:57:7b:7c:bc:02:57:
d9:d4:ad:b0:1f:33:d8:52:e2:b8:5c:62:d0:6f:35:
3d:ee:b0:2e:a1:82:11:af:27:53:e5:6c:27:f5:ac:
38:6d:13:90:58:36:66:2c:77:f4:80:d4:67:66:00:
c1:bb:ee:39:79:72:a6:26:e2:4b:f4:82:a9:1b:c2:
d5:f7:62:48:78:0b:a6:97:a3:5b:bf:b3:13:14:e0:
c6:f1:47:da:97:40:6e:dd:83:48:5f:47:45:76:ee:
b7:d2:d7:f7:22:8a:34:b5:95:3e:6e:8a:1c:18:2d:
27:52:45:1b:13:a6:98:da:7d:75:a8:8f:48:cc:25:
3d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:90:1A:50:8B:02:51:FB:07:5A:70:2D:A8:02:2B:FD:DF:27:F1:DA
X509v3 Authority Key Identifier:
keyid:C6:18:50:17:3C:8D:28:D5:AF:BF:91:09:1C:A6:3E:5D:A3:C7:5E:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhhQFzyNKNWvv5EJHKY-XaPHXtQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/ee09f1-7d0b-431f-aaee-bb8debc00388/1/z5AaUIsCUfsHWnAtqAIr_d8n8do.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/ee09f1-7d0b-431f-aaee-bb8debc00388/1/xhhQFzyNKNWvv5EJHKY-XaPHXtQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:5100::/48
Signature Algorithm: sha256WithRSAEncryption
4d:9b:d1:9a:fa:56:89:22:32:4d:e4:45:eb:8b:b9:4c:fa:66:
ec:2a:df:89:f1:52:db:35:8c:f4:49:53:be:d8:33:a7:21:75:
95:d5:be:31:7e:3a:f2:45:33:24:d4:70:a4:df:46:c5:d8:ca:
62:12:88:11:f3:54:66:70:db:25:e5:b0:e6:4f:35:90:b1:dc:
5f:ef:40:4f:7c:7e:27:07:1c:8d:72:44:4c:0d:d1:c6:ab:69:
72:33:c3:38:e6:b8:c9:65:91:55:39:47:9c:e5:ae:07:cf:d3:
3b:06:55:2e:ba:c1:cc:9f:6c:27:c7:89:3d:e9:17:33:44:f8:
b4:d5:ba:4b:30:94:7f:9c:2d:b1:53:98:e3:25:71:cb:aa:50:
dc:f9:58:d5:b7:f1:f4:93:b5:f7:d9:d0:f9:42:a0:00:0a:98:
a8:77:52:c2:a8:60:06:a1:c5:4b:96:00:4d:bc:78:7e:d7:60:
3b:73:57:ff:89:35:a1:e4:e1:ba:9b:c1:48:a1:47:33:47:3c:
d8:22:84:d4:1a:05:97:bf:78:67:f4:61:ef:53:b6:da:b7:f8:
4a:68:4e:aa:0a:2b:9a:d2:5f:69:32:2e:1a:a7:0c:bd:3c:87:
7c:e5:8a:82:46:f0:56:b7:ca:d7:f5:f1:18:9f:1a:03:38:84:
01:21:fa:82
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQj10S8/XO901GJMjKWoqj7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTg1MDE3M2M4ZDI4ZDVhZmJmOTEwOTFjYTYzZTVkYTNj
NzVlZDQwHhcNMjUwMTAxMjE0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjkwMWE1MDhiMDI1MWZiMDc1YTcwMmRhODAyMmJmZGRmMjdmMWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4xyWUqfw/clEslZTI2t/uaIkKok
VfH9p0+TXhfbFJ7LLeEGhI5s+q91ft+HKzkUxa40mv19mu0abXKRygjy2KXA0ZO6
teaeMN3gS+HibpnYDf/lU73081JL6nD7h22msc1HTTbolqhoiBvDoCpupD23KmHx
/G7ba5r//Qc5gRJXe3y8AlfZ1K2wHzPYUuK4XGLQbzU97rAuoYIRrydT5Wwn9aw4
bROQWDZmLHf0gNRnZgDBu+45eXKmJuJL9IKpG8LV92JIeAuml6Nbv7MTFODG8Ufa
l0Bu3YNIX0dFdu630tf3Ioo0tZU+boocGC0nUkUbE6aY2n11qI9IzCU9cQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFM+QGlCLAlH7B1pwLagCK/3fJ/HaMB8GA1UdIwQY
MBaAFMYYUBc8jSjVr7+RCRymPl2jx17UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhoUUZ6eU5LTld2djVFSkhLWS1YYVBIWHRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9lZTA5ZjEtN2QwYi00MzFmLWFhZWUt
YmI4ZGViYzAwMzg4LzEvejVBYVVJc0NVZnNIV25BdHFBSXJfZDhuOGRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9lZTA5ZjEtN2QwYi00MzFmLWFhZWUtYmI4ZGViYzAwMzg4
LzEveGhoUUZ6eU5LTld2djVFSkhLWS1YYVBIWHRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgVRAAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBNm9Ga+laJIjJN5EXri7lM+mbsKt+J8VLbNYz0
SVO+2DOnIXWV1b4xfjryRTMk1HCk30bF2MpiEogR81RmcNsl5bDmTzWQsdxf70BP
fH4nBxyNckRMDdHGq2lyM8M45rjJZZFVOUec5a4Hz9M7BlUuusHMn2wnx4k96Rcz
RPi01bpLMJR/nC2xU5jjJXHLqlDc+VjVt/H0k7X32dD5QqAACpiod1LCqGAGocVL
lgBNvHh+12A7c1f/iTWh5OG6m8FIoUczRzzYIoTUGgWXv3hn9GHvU7bat/hKaE6q
Ciua0l9pMi4apwy9PId85YqCRvBWt8rX9fEYnxoDOIQBIfqC
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:11:46 2025 by rpki-client