Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/zaJ9Zg3gpoof-1TDPW9q8kLCC6g.roa
File: zaJ9Zg3gpoof-1TDPW9q8kLCC6g.roa (raw, json)
Hash identifier: phfz0bwObOHp1+/7GxAO/slnmah5rz/UxWYcFIjQLtI=
Subject key identifier: CD:A2:7D:66:0D:E0:A6:8A:1F:FB:54:C3:3D:6F:6A:F2:42:C2:0B:A8
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0194712F33EC67F29AAF6328C0AD9E898BD6
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/zaJ9Zg3gpoof-1TDPW9q8kLCC6g.roa
Signing time: Thu 16 Jan 2025 22:15:06 +0000
ROA not before: Thu 16 Jan 2025 22:15:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:71:2f:33:ec:67:f2:9a:af:63:28:c0:ad:9e:89:8b:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 16 22:15:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cda27d660de0a68a1ffb54c33d6f6af242c20ba8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:90:72:d5:44:3b:7d:42:a6:ba:62:34:03:9c:
11:ae:94:6c:a2:81:fb:5f:33:6f:22:c6:e5:27:89:
86:84:5a:4d:3d:3d:17:e5:2c:c2:b1:35:b9:78:ce:
76:3b:dc:6a:0e:72:85:4c:91:b2:87:9f:2a:42:d2:
ef:ad:56:2a:13:7a:ce:c5:f0:94:12:4c:fa:aa:da:
c4:49:dd:c4:8f:57:42:2b:dd:19:41:f0:58:a2:ac:
cd:ae:eb:00:99:6b:30:51:f7:de:5f:ac:6d:06:c7:
03:d8:fc:08:45:e3:f7:be:b8:6d:5b:4d:5f:4d:52:
07:e4:11:93:eb:31:5c:8d:02:c2:0a:4a:d2:92:15:
ce:d2:9a:d0:f3:92:b5:8c:ed:20:6b:4c:ad:a3:20:
49:b9:99:01:60:fa:60:d1:7f:91:bc:22:59:62:12:
11:c6:c3:d7:63:07:1c:92:17:38:e9:90:f1:2a:ca:
da:46:14:22:85:65:ab:72:8a:6e:c1:26:ce:30:ba:
7a:51:01:55:60:8d:b1:9d:c5:81:7b:56:58:98:15:
8f:b8:bd:c3:34:6a:b5:08:90:73:40:09:1c:d5:de:
ed:e2:2e:be:d5:67:05:74:44:f7:ef:bd:59:61:f7:
c7:88:44:83:38:f9:f5:be:e7:fa:50:63:b3:b8:d6:
1b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:A2:7D:66:0D:E0:A6:8A:1F:FB:54:C3:3D:6F:6A:F2:42:C2:0B:A8
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/zaJ9Zg3gpoof-1TDPW9q8kLCC6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
94:f6:22:65:64:6d:71:8b:83:44:6f:f4:de:86:3b:7b:dc:4b:
74:76:5f:31:4d:9f:8a:6d:f1:51:6c:a8:f5:9c:d5:d7:64:3c:
10:ff:fa:d8:32:24:5f:a3:83:25:45:fe:d9:01:07:eb:bc:2a:
af:40:6e:49:5c:52:b0:54:27:1d:00:46:5f:72:83:22:fd:93:
7e:1e:04:c0:d8:9b:46:3e:83:ea:ad:c4:35:0f:1c:1f:37:97:
3b:76:4e:09:d1:41:4d:5f:83:d7:ca:ae:da:fa:3c:49:d9:08:
b0:ef:c3:b5:0e:20:9b:25:35:c4:76:22:49:61:ef:1e:42:d0:
96:25:96:13:79:16:c0:43:b5:4e:75:c2:32:56:2e:2d:7a:a6:
ca:68:6f:79:f5:6c:29:cd:cf:a7:19:a1:cf:b4:3c:d3:86:ac:
48:f4:57:49:a2:6e:a8:79:4b:47:3b:15:fa:b9:fb:9a:59:51:
42:b3:f3:a7:0f:40:a5:0d:89:84:9d:5f:d4:38:5c:02:6c:69:
60:5e:fc:46:d7:e6:f5:c3:69:5a:0d:bb:d7:c6:b8:7c:47:2f:
b8:40:a8:76:a4:b0:c9:16:b3:19:34:eb:4c:84:5e:b6:2e:62:
9d:b7:53:a0:e6:3e:31:e0:8d:55:97:a8:1c:53:c2:8f:3c:08:
0a:1e:59:70
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZRxLzPsZ/Kar2MowK2eiYvWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTE2MjIxNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGEyN2Q2NjBkZTBhNjhhMWZmYjU0YzMzZDZmNmFmMjQyYzIwYmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZBy1UQ7fUKmumI0A5wRrpRsooH7
XzNvIsblJ4mGhFpNPT0X5SzCsTW5eM52O9xqDnKFTJGyh58qQtLvrVYqE3rOxfCU
Ekz6qtrESd3Ej1dCK90ZQfBYoqzNrusAmWswUffeX6xtBscD2PwIReP3vrhtW01f
TVIH5BGT6zFcjQLCCkrSkhXO0prQ85K1jO0ga0ytoyBJuZkBYPpg0X+RvCJZYhIR
xsPXYwcckhc46ZDxKsraRhQihWWrcopuwSbOMLp6UQFVYI2xncWBe1ZYmBWPuL3D
NGq1CJBzQAkc1d7t4i6+1WcFdET3771ZYffHiESDOPn1vuf6UGOzuNYbawIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFM2ifWYN4KaKH/tUwz1vavJCwguoMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvemFKOVpnM2dwb29mLTFURFBXOXE4a0xDQzZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEAlPYiZWRtcYuDRG/03oY7e9xL
dHZfMU2fim3xUWyo9ZzV12Q8EP/62DIkX6ODJUX+2QEH67wqr0BuSVxSsFQnHQBG
X3KDIv2Tfh4EwNibRj6D6q3ENQ8cHzeXO3ZOCdFBTV+D18qu2vo8SdkIsO/DtQ4g
myU1xHYiSWHvHkLQliWWE3kWwEO1TnXCMlYuLXqmymhvefVsKc3Ppxmhz7Q804as
SPRXSaJuqHlLRzsV+rn7mllRQrPzpw9ApQ2JhJ1f1DhcAmxpYF78Rtfm9cNpWg27
18a4fEcvuECodqSwyRazGTTrTIReti5inbdToOY+MeCNVZeoHFPCjzwICh5ZcA==
-----END CERTIFICATE-----
Generated at Mon Jun 16 15:56:27 2025 by rpki-client