Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/CzOVrXq8s2rQFDCGaFJZ_xM7OZ0.roa
File: CzOVrXq8s2rQFDCGaFJZ_xM7OZ0.roa (raw, json)
Hash identifier: 5XAPorQnylekwHM79ynLgJVh80voKy6A8YYVF6d1gL0=
Subject key identifier: 0B:33:95:AD:7A:BC:B3:6A:D0:14:30:86:68:52:59:FF:13:3B:39:9D
Certificate issuer: /CN=b2e448b4a08f0e4c58a283d80735a8a803e10d4e
Certificate serial: 01942143E21F111CAC95B8BDD53F51D4AA95
Authority key identifier: B2:E4:48:B4:A0:8F:0E:4C:58:A2:83:D8:07:35:A8:A8:03:E1:0D:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/suRItKCPDkxYooPYBzWoqAPhDU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/CzOVrXq8s2rQFDCGaFJZ_xM7OZ0.roa
Signing time: Wed 01 Jan 2025 09:48:04 +0000
ROA not before: Wed 01 Jan 2025 09:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50475
IP address blocks: 2a00:1908:e965::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:e2:1f:11:1c:ac:95:b8:bd:d5:3f:51:d4:aa:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2e448b4a08f0e4c58a283d80735a8a803e10d4e
Validity
Not Before: Jan 1 09:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b3395ad7abcb36ad0143086685259ff133b399d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:b7:75:cf:8e:04:59:9e:df:21:2a:3d:7a:76:
93:ce:c9:ce:43:78:65:ad:87:58:90:8f:3a:7c:88:
41:34:6e:7e:a0:e2:fe:1b:b2:3d:98:c5:38:53:96:
63:79:cf:7f:6f:ab:86:96:f5:3c:14:38:65:99:23:
c9:b0:3e:e5:b7:ee:b0:c1:2f:64:69:39:28:1a:22:
c0:c0:2b:5c:42:5a:54:19:79:9b:10:05:65:bf:dd:
5a:8c:a1:d8:89:a5:05:3f:f9:e0:3b:6a:39:6e:2c:
64:5d:2e:09:fe:f3:4d:29:d4:f1:cf:3d:da:2b:d2:
00:95:a8:6d:db:c6:65:9f:46:55:e0:93:90:63:b7:
7d:98:e1:f5:bf:06:e4:a5:a4:42:18:12:1e:39:40:
0d:25:5c:03:dd:7d:c9:57:3e:83:57:c3:79:ba:5e:
a0:98:2b:26:1e:20:4a:3f:c3:72:ae:09:6d:87:a1:
ba:da:2b:df:39:29:a6:2e:26:fd:8c:c4:7d:a6:d6:
db:9d:b4:4a:8f:e9:de:c8:70:df:a9:7f:c1:5c:a9:
bb:97:b5:7b:69:1d:b2:dc:8a:13:20:12:44:6a:c7:
65:77:d4:e4:be:04:75:89:44:b6:0b:33:ba:8b:19:
8c:6e:69:98:09:50:14:21:20:ec:f3:90:01:e3:0d:
58:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:33:95:AD:7A:BC:B3:6A:D0:14:30:86:68:52:59:FF:13:3B:39:9D
X509v3 Authority Key Identifier:
keyid:B2:E4:48:B4:A0:8F:0E:4C:58:A2:83:D8:07:35:A8:A8:03:E1:0D:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/suRItKCPDkxYooPYBzWoqAPhDU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/CzOVrXq8s2rQFDCGaFJZ_xM7OZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/suRItKCPDkxYooPYBzWoqAPhDU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1908:e965::/48
Signature Algorithm: sha256WithRSAEncryption
0b:a5:a3:6b:14:7f:62:20:f7:7c:c7:71:ba:55:55:6d:85:0a:
57:5f:00:4a:f1:aa:18:20:cb:b4:7b:b8:10:61:e1:c3:52:1a:
9a:40:65:16:e3:f2:63:11:26:c5:45:0c:12:c1:89:a5:68:27:
81:77:0d:c9:23:d2:7e:fc:73:28:6f:7d:17:07:c6:b1:42:c9:
20:40:be:e3:05:d1:ab:f8:81:ba:3f:4c:46:68:45:3c:81:bd:
9f:f3:8b:cd:22:70:6d:71:3f:36:2b:c4:b9:4b:f5:8c:5b:93:
79:c8:21:6f:d9:db:19:d2:12:f6:82:34:eb:52:17:de:42:da:
73:42:c6:f7:31:c0:dd:ee:d7:76:c7:68:e1:15:98:1c:d4:b7:
69:5e:2f:fe:a0:ea:48:db:b8:fb:d3:42:72:ea:4c:5a:5e:90:
4a:4d:4d:98:1b:c9:58:3a:ed:89:2b:12:78:ad:c9:4c:16:77:
ef:06:43:96:72:34:c0:fd:91:7f:d1:06:30:89:11:0b:94:10:
26:1f:64:28:0b:28:a3:86:1c:a3:07:df:08:3d:78:f8:bd:82:
e9:fd:5a:e6:9c:84:19:cf:c0:77:c2:fb:89:10:a0:6e:a9:0a:
bc:01:8f:05:c1:64:94:bc:c2:f0:64:7f:8d:bb:8b:c6:61:9c:
d9:7d:f1:56
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQhQ+IfERyslbi91T9R1KqVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZTQ0OGI0YTA4ZjBlNGM1OGEyODNkODA3MzVhOGE4MDNl
MTBkNGUwHhcNMjUwMTAxMDk0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjMzOTVhZDdhYmNiMzZhZDAxNDMwODY2ODUyNTlmZjEzM2IzOTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrd1z44EWZ7fISo9enaTzsnOQ3hl
rYdYkI86fIhBNG5+oOL+G7I9mMU4U5Zjec9/b6uGlvU8FDhlmSPJsD7lt+6wwS9k
aTkoGiLAwCtcQlpUGXmbEAVlv91ajKHYiaUFP/ngO2o5bixkXS4J/vNNKdTxzz3a
K9IAlaht28Zln0ZV4JOQY7d9mOH1vwbkpaRCGBIeOUANJVwD3X3JVz6DV8N5ul6g
mCsmHiBKP8Nyrglth6G62ivfOSmmLib9jMR9ptbbnbRKj+neyHDfqX/BXKm7l7V7
aR2y3IoTIBJEasdld9TkvgR1iUS2CzO6ixmMbmmYCVAUISDs85AB4w1YWQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAszla16vLNq0BQwhmhSWf8TOzmdMB8GA1UdIwQY
MBaAFLLkSLSgjw5MWKKD2Ac1qKgD4Q1OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3VSSXRLQ1BEa3hZb29QWUJ6V29xQVBoRFU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9hNzA2OGEtOTJiYS00MmVhLTk5NjYt
MjA1NGQ0ZTkwM2JjLzEvQ3pPVnJYcThzMnJRRkRDR2FGSlpfeE03T1owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9hNzA2OGEtOTJiYS00MmVhLTk5NjYtMjA1NGQ0ZTkwM2Jj
LzEvc3VSSXRLQ1BEa3hZb29QWUJ6V29xQVBoRFU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgAZCOll
MA0GCSqGSIb3DQEBCwUAA4IBAQALpaNrFH9iIPd8x3G6VVVthQpXXwBK8aoYIMu0
e7gQYeHDUhqaQGUW4/JjESbFRQwSwYmlaCeBdw3JI9J+/HMob30XB8axQskgQL7j
BdGr+IG6P0xGaEU8gb2f84vNInBtcT82K8S5S/WMW5N5yCFv2dsZ0hL2gjTrUhfe
QtpzQsb3McDd7td2x2jhFZgc1LdpXi/+oOpI27j700Jy6kxaXpBKTU2YG8lYOu2J
KxJ4rclMFnfvBkOWcjTA/ZF/0QYwiRELlBAmH2QoCyijhhyjB98IPXj4vYLp/Vrm
nIQZz8B3wvuJEKBuqQq8AY8FwWSUvMLwZH+Nu4vGYZzZffFW
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:29 2025 by rpki-client on console.sobornost.net