Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/d3d105-f972-4c7c-bfea-3f25392de7f9/1/Z6E4tQnRvUpfPcdYuFNVxcJ0ync.roa
File: Z6E4tQnRvUpfPcdYuFNVxcJ0ync.roa (raw, json)
Hash identifier: xKAWINx5skT5zUOU5FUOicB7VLSOKSuOkc+JGT8/lwg=
Subject key identifier: 67:A1:38:B5:09:D1:BD:4A:5F:3D:C7:58:B8:53:55:C5:C2:74:CA:77
Certificate issuer: /CN=0d702c53cb803b14644e67587e5d6fd612b64bcc
Certificate serial: 019426D9E7D8F9147682FB061D6B6EAF31FC
Authority key identifier: 0D:70:2C:53:CB:80:3B:14:64:4E:67:58:7E:5D:6F:D6:12:B6:4B:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXAsU8uAOxRkTmdYfl1v1hK2S8w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/d3d105-f972-4c7c-bfea-3f25392de7f9/1/Z6E4tQnRvUpfPcdYuFNVxcJ0ync.roa
Signing time: Thu 02 Jan 2025 11:50:02 +0000
ROA not before: Thu 02 Jan 2025 11:50:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58247
IP address blocks: 2a0e:4540:cafe::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:e7:d8:f9:14:76:82:fb:06:1d:6b:6e:af:31:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d702c53cb803b14644e67587e5d6fd612b64bcc
Validity
Not Before: Jan 2 11:50:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67a138b509d1bd4a5f3dc758b85355c5c274ca77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:24:e0:3b:28:82:32:7c:d6:54:83:4d:21:8e:
c0:dd:80:5d:58:32:12:5c:00:25:1d:16:1c:76:2a:
72:b1:7b:64:44:0b:1e:9e:69:84:55:c4:97:54:04:
56:0a:94:33:0b:ff:4a:ef:7c:3c:a9:b7:cc:ba:d5:
1b:d9:7d:6e:b5:7d:b4:a5:cb:0c:74:77:c6:ec:36:
41:d3:17:fd:82:db:a4:1e:79:d7:11:f1:3e:83:04:
f0:96:90:ee:68:6d:6b:6d:18:c1:98:be:1d:65:d6:
ed:77:d2:09:38:ca:78:54:1f:f2:7f:8f:9f:4e:6d:
50:6e:a1:ff:0b:49:9a:a9:d7:d5:69:2d:dd:ce:49:
e8:75:e0:d1:5a:2c:1f:a0:d8:6c:98:2e:ec:46:02:
ba:d7:5b:b5:cf:81:6d:da:50:0a:60:80:95:af:0b:
41:35:59:33:7a:62:05:17:f2:36:21:bd:b0:11:a2:
78:a7:0f:7a:56:ff:16:94:0a:b3:b2:ce:a3:70:44:
21:ef:5c:87:3e:b1:f3:53:cd:c8:10:e9:a9:58:24:
c8:0c:dc:41:f9:73:4a:74:e6:04:ab:ae:00:dc:7b:
16:4a:0f:bf:c7:7c:fc:3c:81:50:15:f8:90:7b:fe:
9f:50:5c:ee:1c:42:dd:fc:ca:95:fa:83:61:4b:b5:
19:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:A1:38:B5:09:D1:BD:4A:5F:3D:C7:58:B8:53:55:C5:C2:74:CA:77
X509v3 Authority Key Identifier:
keyid:0D:70:2C:53:CB:80:3B:14:64:4E:67:58:7E:5D:6F:D6:12:B6:4B:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXAsU8uAOxRkTmdYfl1v1hK2S8w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d3d105-f972-4c7c-bfea-3f25392de7f9/1/Z6E4tQnRvUpfPcdYuFNVxcJ0ync.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d3d105-f972-4c7c-bfea-3f25392de7f9/1/DXAsU8uAOxRkTmdYfl1v1hK2S8w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:4540:cafe::/48
Signature Algorithm: sha256WithRSAEncryption
b7:03:d3:3a:f7:03:05:52:4f:07:01:f7:32:7b:68:61:53:18:
12:06:33:e2:49:2b:0a:0a:d8:cd:57:a7:a8:4e:1a:96:ce:7c:
40:d8:99:a8:ff:67:43:18:67:56:73:bb:3e:4c:bc:c4:c8:6e:
5a:f7:1d:24:2b:a0:80:b9:f5:6c:e5:4f:f5:04:cb:d8:5a:e2:
42:e1:b1:c8:f1:75:82:52:13:7c:a9:09:1d:67:9e:98:36:11:
c5:c8:00:15:4a:ca:97:99:95:a7:ef:ff:86:07:ec:c7:9a:24:
82:63:38:8b:cc:2b:2a:bc:9c:9f:f8:4e:dc:92:33:ed:cc:b5:
df:01:e1:ec:d2:20:7c:4e:89:1b:4c:e0:89:3b:12:62:60:59:
d2:27:f3:eb:1c:d6:6e:a8:31:e9:ad:26:2b:0b:0d:9c:72:65:
8f:23:f1:3f:9d:05:f0:e4:40:6e:8b:58:e0:d5:0a:de:1d:9b:
62:45:b6:40:b7:a1:95:46:cf:31:f6:aa:e4:2f:44:ef:f4:fc:
1b:1a:d1:7e:79:ea:7f:02:86:62:c8:0d:ad:20:aa:3f:b7:da:
f8:fe:cb:fa:b1:2a:c6:09:4d:fe:17:b4:ac:98:c2:d0:07:7a:
7e:23:f5:6d:00:40:d8:e8:73:89:d5:17:07:aa:4f:8e:29:e9:
be:28:53:7d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQm2efY+RR2gvsGHWturzH8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzAyYzUzY2I4MDNiMTQ2NDRlNjc1ODdlNWQ2ZmQ2MTJi
NjRiY2MwHhcNMjUwMTAyMTE1MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2ExMzhiNTA5ZDFiZDRhNWYzZGM3NThiODUzNTVjNWMyNzRjYTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSTgOyiCMnzWVINNIY7A3YBdWDIS
XAAlHRYcdipysXtkRAsenmmEVcSXVARWCpQzC/9K73w8qbfMutUb2X1utX20pcsM
dHfG7DZB0xf9gtukHnnXEfE+gwTwlpDuaG1rbRjBmL4dZdbtd9IJOMp4VB/yf4+f
Tm1QbqH/C0maqdfVaS3dzknodeDRWiwfoNhsmC7sRgK611u1z4Ft2lAKYICVrwtB
NVkzemIFF/I2Ib2wEaJ4pw96Vv8WlAqzss6jcEQh71yHPrHzU83IEOmpWCTIDNxB
+XNKdOYEq64A3HsWSg+/x3z8PIFQFfiQe/6fUFzuHELd/MqV+oNhS7UZywIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGehOLUJ0b1KXz3HWLhTVcXCdMp3MB8GA1UdIwQY
MBaAFA1wLFPLgDsUZE5nWH5db9YStkvMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhBc1U4dUFPeFJrVG1kWWZsMXYxaEsyUzh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9kM2QxMDUtZjk3Mi00YzdjLWJmZWEt
M2YyNTM5MmRlN2Y5LzEvWjZFNHRRblJ2VXBmUGNkWXVGTlZ4Y0oweW5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9kM2QxMDUtZjk3Mi00YzdjLWJmZWEtM2YyNTM5MmRlN2Y5
LzEvRFhBc1U4dUFPeFJrVG1kWWZsMXYxaEsyUzh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg5FQMr+
MA0GCSqGSIb3DQEBCwUAA4IBAQC3A9M69wMFUk8HAfcye2hhUxgSBjPiSSsKCtjN
V6eoThqWznxA2Jmo/2dDGGdWc7s+TLzEyG5a9x0kK6CAufVs5U/1BMvYWuJC4bHI
8XWCUhN8qQkdZ56YNhHFyAAVSsqXmZWn7/+GB+zHmiSCYziLzCsqvJyf+E7ckjPt
zLXfAeHs0iB8TokbTOCJOxJiYFnSJ/PrHNZuqDHprSYrCw2ccmWPI/E/nQXw5EBu
i1jg1QreHZtiRbZAt6GVRs8x9qrkL0Tv9PwbGtF+eep/AoZiyA2tIKo/t9r4/sv6
sSrGCU3+F7SsmMLQB3p+I/VtAEDY6HOJ1RcHqk+OKem+KFN9
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:56 2025 by rpki-client on console.sobornost.net