Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/ZpR5RrZCeOAjRf8Bmcohe3YCcXY.roa
File: ZpR5RrZCeOAjRf8Bmcohe3YCcXY.roa (raw, json)
Hash identifier: pTEfc3PDuejgf4x4olTLHWXi7yz1fRVMFq2Y3JTaBo4=
Subject key identifier: 66:94:79:46:B6:42:78:E0:23:45:FF:01:99:CA:21:7B:76:02:71:76
Certificate issuer: /CN=ba67bff7bad1eb8384b585df7bef1206f7f19f7e
Certificate serial: 0194266C180C44B280F6E8A61634A570CF29
Authority key identifier: BA:67:BF:F7:BA:D1:EB:83:84:B5:85:DF:7B:EF:12:06:F7:F1:9F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ume_97rR64OEtYXfe-8SBvfxn34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/ZpR5RrZCeOAjRf8Bmcohe3YCcXY.roa
Signing time: Thu 02 Jan 2025 09:50:05 +0000
ROA not before: Thu 02 Jan 2025 09:50:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57797
IP address blocks: 2a12:8ac0::/29 maxlen: 48
2a12:8ac0::/40 maxlen: 48
2a12:8ac1::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:18:0c:44:b2:80:f6:e8:a6:16:34:a5:70:cf:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba67bff7bad1eb8384b585df7bef1206f7f19f7e
Validity
Not Before: Jan 2 09:50:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=66947946b64278e02345ff0199ca217b76027176
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c9:d7:5d:ab:c1:2b:0d:a9:56:3d:52:83:8f:
08:29:34:e1:39:8c:0d:f4:11:d7:c6:e1:ef:e2:ab:
db:fb:c2:f1:77:b2:a0:a0:49:f7:67:66:5f:43:ec:
39:6f:2a:26:2f:17:90:7e:e3:3b:58:51:36:9f:5b:
67:eb:f8:41:3b:d3:26:a2:fd:63:09:fc:1a:57:09:
22:89:43:94:9f:62:26:d2:ea:87:94:b9:20:23:3c:
0c:22:33:06:59:6f:29:a4:18:23:83:be:98:9c:d6:
70:cd:0e:fd:c0:3d:8b:5b:f9:50:77:0c:f4:e7:be:
7c:b7:95:7a:7d:e1:33:73:66:00:20:da:0c:fd:54:
10:66:34:36:08:29:d7:21:20:da:5a:5d:e5:6c:c4:
11:37:b3:6c:fa:19:8e:46:3d:8d:cf:ab:68:98:80:
18:a2:9a:44:e0:71:74:57:30:3c:e9:b9:89:f5:85:
b2:74:e9:ae:de:52:5d:d6:56:f3:5f:1c:57:14:dc:
f2:66:3b:57:a9:12:54:d8:bf:e1:29:c6:b9:aa:22:
46:67:c0:cd:07:dc:30:32:1e:ad:ac:b4:3a:44:f2:
45:86:50:0f:fc:65:ba:15:44:e7:c4:46:d0:67:53:
43:85:0d:ff:58:99:b3:21:65:c9:52:c2:79:4c:91:
43:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:94:79:46:B6:42:78:E0:23:45:FF:01:99:CA:21:7B:76:02:71:76
X509v3 Authority Key Identifier:
keyid:BA:67:BF:F7:BA:D1:EB:83:84:B5:85:DF:7B:EF:12:06:F7:F1:9F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ume_97rR64OEtYXfe-8SBvfxn34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/ZpR5RrZCeOAjRf8Bmcohe3YCcXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/ume_97rR64OEtYXfe-8SBvfxn34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:8ac0::/29
Signature Algorithm: sha256WithRSAEncryption
6a:a1:b1:cc:96:a9:ab:90:01:cc:33:53:8d:f6:00:da:b7:13:
54:01:f8:08:1a:8c:8e:bd:94:fb:d9:92:dd:83:62:bb:9e:37:
26:1c:ec:64:0a:e3:89:b1:7b:16:0a:7c:0f:62:59:38:23:85:
fe:fd:8d:9f:5b:47:66:d7:28:cf:49:e0:f6:e8:82:d1:f5:96:
d1:b6:88:a9:47:41:20:b2:a4:9e:90:00:8f:91:fc:ff:2b:88:
f2:5b:74:61:3f:3a:e2:33:43:c8:46:b6:f7:1f:b9:96:61:6e:
fe:ac:5b:60:18:d0:b8:87:ce:07:e7:9e:4a:93:6d:8f:29:23:
c3:d9:df:a2:d7:69:13:a6:ad:ed:97:b8:ab:96:70:1f:0a:66:
56:36:b2:d6:1f:28:88:3c:a7:23:a4:b0:de:c1:00:3e:41:b3:
d4:a1:83:c9:84:23:e0:56:bf:c4:8d:db:61:62:70:e7:6d:41:
0d:95:c3:43:de:27:57:28:2b:91:38:68:7e:e7:a0:3e:98:ba:
9f:29:89:cc:5a:35:0a:90:aa:9d:b3:60:46:5f:7f:7d:37:bd:
ea:4a:49:94:eb:f5:0c:42:db:2d:d5:85:13:43:51:6d:82:a1:
0d:f7:32:c1:5f:fe:ec:39:cd:6c:fb:25:ad:1d:a1:bd:69:6d:
aa:b9:e0:1d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQmbBgMRLKA9uimFjSlcM8pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNjdiZmY3YmFkMWViODM4NGI1ODVkZjdiZWYxMjA2Zjdm
MTlmN2UwHhcNMjUwMTAyMDk1MDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Njk0Nzk0NmI2NDI3OGUwMjM0NWZmMDE5OWNhMjE3Yjc2MDI3MTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsnXXavBKw2pVj1Sg48IKTThOYwN
9BHXxuHv4qvb+8Lxd7KgoEn3Z2ZfQ+w5byomLxeQfuM7WFE2n1tn6/hBO9Mmov1j
CfwaVwkiiUOUn2Im0uqHlLkgIzwMIjMGWW8ppBgjg76YnNZwzQ79wD2LW/lQdwz0
5758t5V6feEzc2YAINoM/VQQZjQ2CCnXISDaWl3lbMQRN7Ns+hmORj2Nz6tomIAY
oppE4HF0VzA86bmJ9YWydOmu3lJd1lbzXxxXFNzyZjtXqRJU2L/hKca5qiJGZ8DN
B9wwMh6trLQ6RPJFhlAP/GW6FUTnxEbQZ1NDhQ3/WJmzIWXJUsJ5TJFDnwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGaUeUa2QnjgI0X/AZnKIXt2AnF2MB8GA1UdIwQY
MBaAFLpnv/e60euDhLWF33vvEgb38Z9+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW1lXzk3clI2NE9FdFlYZmUtOFNCdmZ4bjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi80YTI0NGQtNTFkMS00MTQzLWI2YWYt
ZGE0NTM4MDIyYWM3LzEvWnBSNVJyWkNlT0FqUmY4Qm1jb2hlM1lDY1hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi80YTI0NGQtNTFkMS00MTQzLWI2YWYtZGE0NTM4MDIyYWM3
LzEvdW1lXzk3clI2NE9FdFlYZmUtOFNCdmZ4bjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhKKwDAN
BgkqhkiG9w0BAQsFAAOCAQEAaqGxzJapq5ABzDNTjfYA2rcTVAH4CBqMjr2U+9mS
3YNiu543JhzsZArjibF7Fgp8D2JZOCOF/v2Nn1tHZtcoz0ng9uiC0fWW0baIqUdB
ILKknpAAj5H8/yuI8lt0YT864jNDyEa29x+5lmFu/qxbYBjQuIfOB+eeSpNtjykj
w9nfotdpE6at7Ze4q5ZwHwpmVjay1h8oiDynI6Sw3sEAPkGz1KGDyYQj4Fa/xI3b
YWJw521BDZXDQ94nVygrkThofuegPpi6nymJzFo1CpCqnbNgRl9/fTe96kpJlOv1
DELbLdWFE0NRbYKhDfcywV/+7DnNbPslrR2hvWltqrngHQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:07 2025 by rpki-client on console.sobornost.net