Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/734f48-6755-4fee-bd46-3764beeaa1b2/1/ZLmwBOVrmQyaojtKUVVGQ3HzV7U.roa
File: ZLmwBOVrmQyaojtKUVVGQ3HzV7U.roa (raw, json)
Hash identifier: eFJ8tH3CVzqWKUWCVFvGbvkJnp6r7UJxyKwXULpeswY=
Subject key identifier: 64:B9:B0:04:E5:6B:99:0C:9A:A2:3B:4A:51:55:46:43:71:F3:57:B5
Certificate issuer: /CN=b3fddf701dd74ba99ac1f47b6767ef44f1a81077
Certificate serial: 019421B25716C1FD0BCBA979ECFA64618668
Authority key identifier: B3:FD:DF:70:1D:D7:4B:A9:9A:C1:F4:7B:67:67:EF:44:F1:A8:10:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s_3fcB3XS6mawfR7Z2fvRPGoEHc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/734f48-6755-4fee-bd46-3764beeaa1b2/1/ZLmwBOVrmQyaojtKUVVGQ3HzV7U.roa
Signing time: Wed 01 Jan 2025 11:48:43 +0000
ROA not before: Wed 01 Jan 2025 11:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212123
IP address blocks: 2001:678:c64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:57:16:c1:fd:0b:cb:a9:79:ec:fa:64:61:86:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3fddf701dd74ba99ac1f47b6767ef44f1a81077
Validity
Not Before: Jan 1 11:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=64b9b004e56b990c9aa23b4a5155464371f357b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:33:fc:aa:b0:da:91:71:1f:f0:4c:e5:06:ca:
68:14:9d:a3:0e:f1:d9:fa:f5:0b:6e:93:96:41:26:
c1:69:c1:2a:7e:5e:50:4d:59:1b:74:a8:47:da:4c:
01:58:c8:b0:fa:d0:76:6a:1c:5c:d8:b3:4e:10:cb:
74:be:9e:c4:34:f0:fe:07:93:fd:b6:f0:ee:35:57:
cb:43:ef:0a:27:5f:0f:7b:f6:8f:d7:a6:48:3e:69:
f3:04:2f:bf:01:32:73:e4:97:93:a1:6d:c1:89:93:
c7:ae:33:38:c8:3e:fc:2d:51:c0:8c:79:f5:33:38:
0d:56:bb:67:5c:73:ab:48:d6:14:5d:83:38:15:7f:
97:18:3a:5a:76:77:a9:a6:81:6f:84:87:b8:c1:58:
03:ed:3c:e6:ce:35:71:9c:eb:4b:71:fc:c2:8a:04:
d5:0b:30:02:93:9f:56:a6:7c:d1:67:15:b6:2f:1b:
af:02:4d:8d:3a:90:c3:64:f4:10:07:0e:3a:08:d0:
f4:4b:78:f1:7f:41:1c:8e:a0:87:24:fd:ac:7e:80:
35:03:f7:eb:fe:81:fa:29:cd:48:80:19:48:e5:b1:
0a:78:ad:fe:39:e8:df:76:83:78:d8:53:9d:8e:1b:
21:aa:72:a4:31:ae:e9:a8:ed:7b:d1:15:34:7f:16:
77:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:B9:B0:04:E5:6B:99:0C:9A:A2:3B:4A:51:55:46:43:71:F3:57:B5
X509v3 Authority Key Identifier:
keyid:B3:FD:DF:70:1D:D7:4B:A9:9A:C1:F4:7B:67:67:EF:44:F1:A8:10:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s_3fcB3XS6mawfR7Z2fvRPGoEHc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/734f48-6755-4fee-bd46-3764beeaa1b2/1/ZLmwBOVrmQyaojtKUVVGQ3HzV7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/734f48-6755-4fee-bd46-3764beeaa1b2/1/s_3fcB3XS6mawfR7Z2fvRPGoEHc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:c64::/48
Signature Algorithm: sha256WithRSAEncryption
30:05:5f:50:87:a9:56:25:b6:c1:05:15:20:1a:e3:e6:d9:a2:
cb:8d:37:7a:42:7a:3b:15:6e:62:12:3f:0b:72:41:ac:e0:19:
75:82:a2:9d:2b:7d:94:e0:a9:2f:b3:65:ed:c9:15:75:e4:a7:
47:53:89:85:de:25:8e:ae:09:b1:8f:11:07:7b:eb:8b:da:ff:
4b:88:59:96:d4:1d:d6:b9:35:ed:22:49:4c:c4:46:d5:8d:e3:
81:8c:e1:57:c9:97:ed:70:24:60:96:3f:cc:a7:2b:d3:ba:da:
e7:06:5c:8b:9a:d8:fc:f1:95:d3:d7:b4:6d:5e:0b:05:3c:31:
d8:b1:14:44:52:04:7e:52:b8:f9:fb:f7:e1:38:4f:b7:fb:f3:
8f:58:41:8e:99:96:34:c7:8a:12:3f:b3:41:89:6e:41:bc:c4:
0c:5f:ad:71:ee:32:24:35:0c:c5:5a:7b:fa:f1:69:1e:23:ee:
3d:03:46:19:ac:8c:e1:4f:94:ad:2f:02:ce:77:c4:16:7d:ab:
e5:17:9b:4e:74:9b:41:7e:8e:35:79:a6:e5:8c:d0:6f:1c:85:
df:00:36:e4:46:02:3f:1a:c8:17:e7:a4:35:4f:b4:5f:90:67:
6a:6f:3d:4c:92:07:67:a8:5c:bc:c5:1e:09:a5:00:39:69:48:
4d:2b:7f:f0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQhslcWwf0Ly6l57PpkYYZoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZmRkZjcwMWRkNzRiYTk5YWMxZjQ3YjY3NjdlZjQ0ZjFh
ODEwNzcwHhcNMjUwMTAxMTE0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGI5YjAwNGU1NmI5OTBjOWFhMjNiNGE1MTU1NDY0MzcxZjM1N2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjP8qrDakXEf8EzlBspoFJ2jDvHZ
+vULbpOWQSbBacEqfl5QTVkbdKhH2kwBWMiw+tB2ahxc2LNOEMt0vp7ENPD+B5P9
tvDuNVfLQ+8KJ18Pe/aP16ZIPmnzBC+/ATJz5JeToW3BiZPHrjM4yD78LVHAjHn1
MzgNVrtnXHOrSNYUXYM4FX+XGDpadneppoFvhIe4wVgD7TzmzjVxnOtLcfzCigTV
CzACk59WpnzRZxW2LxuvAk2NOpDDZPQQBw46CND0S3jxf0EcjqCHJP2sfoA1A/fr
/oH6Kc1IgBlI5bEKeK3+OejfdoN42FOdjhshqnKkMa7pqO170RU0fxZ3XwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGS5sATla5kMmqI7SlFVRkNx81e1MB8GA1UdIwQY
MBaAFLP933Ad10upmsH0e2dn70TxqBB3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc18zZmNCM1hTNm1hd2ZSN1oyZnZSUEdvRUhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83MzRmNDgtNjc1NS00ZmVlLWJkNDYt
Mzc2NGJlZWFhMWIyLzEvWkxtd0JPVnJtUXlhb2p0S1VWVkdRM0h6VjdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83MzRmNDgtNjc1NS00ZmVlLWJkNDYtMzc2NGJlZWFhMWIy
LzEvc18zZmNCM1hTNm1hd2ZSN1oyZnZSUEdvRUhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAxk
MA0GCSqGSIb3DQEBCwUAA4IBAQAwBV9Qh6lWJbbBBRUgGuPm2aLLjTd6Qno7FW5i
Ej8LckGs4Bl1gqKdK32U4Kkvs2XtyRV15KdHU4mF3iWOrgmxjxEHe+uL2v9LiFmW
1B3WuTXtIklMxEbVjeOBjOFXyZftcCRglj/MpyvTutrnBlyLmtj88ZXT17RtXgsF
PDHYsRREUgR+Urj5+/fhOE+3+/OPWEGOmZY0x4oSP7NBiW5BvMQMX61x7jIkNQzF
Wnv68WkeI+49A0YZrIzhT5StLwLOd8QWfavlF5tOdJtBfo41eabljNBvHIXfADbk
RgI/GsgX56Q1T7RfkGdqbz1MkgdnqFy8xR4JpQA5aUhNK3/w
-----END CERTIFICATE-----
Generated at Sat May 10 13:51:12 2025 by rpki-client