Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/6369e6-2304-4922-afdf-e93e2eba69b9/1/znWJMiIkbWYiZH5TnewK7kB2zlM.roa
File: znWJMiIkbWYiZH5TnewK7kB2zlM.roa (raw, json)
Hash identifier: RcLXWJX+JRUva9upa5qvKXN11LB1V2q/utprJ1zUPOo=
Subject key identifier: CE:75:89:32:22:24:6D:66:22:64:7E:53:9D:EC:0A:EE:40:76:CE:53
Certificate issuer: /CN=bb190d102ac9603b405b36374d429868604937af
Certificate serial: 01942143DE34822A5C83C20BDD11DE123F8E
Authority key identifier: BB:19:0D:10:2A:C9:60:3B:40:5B:36:37:4D:42:98:68:60:49:37:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uxkNECrJYDtAWzY3TUKYaGBJN68.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/6369e6-2304-4922-afdf-e93e2eba69b9/1/znWJMiIkbWYiZH5TnewK7kB2zlM.roa
Signing time: Wed 01 Jan 2025 09:48:03 +0000
ROA not before: Wed 01 Jan 2025 09:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202128
IP address blocks: 185.78.208.0/22 maxlen: 22
185.148.16.0/22 maxlen: 22
185.148.16.0/23 maxlen: 24
2a05:6d40::/29 maxlen: 29
2a07:5b80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:de:34:82:2a:5c:83:c2:0b:dd:11:de:12:3f:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb190d102ac9603b405b36374d429868604937af
Validity
Not Before: Jan 1 09:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ce75893222246d6622647e539dec0aee4076ce53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:cf:ff:58:ee:1a:93:38:f8:c6:a8:6d:71:3a:
62:ce:a3:a0:fd:14:18:1d:94:fc:e5:40:21:f5:76:
c7:58:77:16:50:2f:c4:4e:da:15:81:64:74:a1:9d:
04:67:1b:24:49:73:51:02:65:16:53:b5:75:4b:33:
ff:fb:a1:f5:45:a8:c5:54:38:af:c0:96:ae:db:01:
e1:e8:42:17:0c:e6:76:75:b0:50:3e:12:32:0f:4c:
70:a5:86:51:15:f0:f0:22:fd:8a:18:e9:b4:50:63:
e0:8b:f9:d9:ee:0e:d3:b2:dc:12:a7:0f:97:8e:ce:
2a:f1:1b:86:0a:a6:03:15:91:38:9f:17:0b:81:53:
ac:47:19:18:df:10:48:f3:0a:19:e7:aa:a4:cf:21:
41:54:46:71:2a:9d:3d:63:6e:0a:6d:5a:95:af:6d:
ac:00:23:9d:8f:1f:e2:9d:c1:1e:5a:e6:af:51:5d:
82:6a:d4:ff:be:85:2b:46:6c:70:2c:c2:5e:89:b9:
df:77:9a:11:c3:86:e3:2c:01:f2:66:d8:d9:3b:33:
c9:db:bc:00:c8:76:bf:6e:ac:b9:ef:9d:63:a9:f9:
80:b0:20:0f:a9:65:a4:c6:0f:0a:5d:b9:1d:aa:88:
2e:87:37:a8:f8:8f:f0:7a:1b:33:f0:42:0e:8f:89:
3c:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:75:89:32:22:24:6D:66:22:64:7E:53:9D:EC:0A:EE:40:76:CE:53
X509v3 Authority Key Identifier:
keyid:BB:19:0D:10:2A:C9:60:3B:40:5B:36:37:4D:42:98:68:60:49:37:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uxkNECrJYDtAWzY3TUKYaGBJN68.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/6369e6-2304-4922-afdf-e93e2eba69b9/1/znWJMiIkbWYiZH5TnewK7kB2zlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/6369e6-2304-4922-afdf-e93e2eba69b9/1/uxkNECrJYDtAWzY3TUKYaGBJN68.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.78.208.0/22
185.148.16.0/22
IPv6:
2a05:6d40::/29
2a07:5b80::/29
Signature Algorithm: sha256WithRSAEncryption
d2:c8:2b:f7:43:43:84:63:fb:f4:13:4c:93:0f:e1:91:3f:ac:
c5:8e:5e:cb:80:3b:81:99:02:5c:43:1a:45:42:ca:f0:0a:e2:
e6:d9:8a:dd:1e:b3:4e:f9:13:5d:a8:a4:3c:52:e1:b0:5c:fb:
31:ec:d7:33:21:d8:6d:b2:55:ed:7e:51:43:01:10:89:45:fe:
53:0e:b6:35:ae:f9:85:97:a6:24:ba:dd:20:28:14:91:cb:e7:
01:74:9f:5a:d5:5c:23:c2:d8:ef:f2:92:4b:c5:bc:f3:52:85:
3a:d6:91:87:86:d1:4c:99:72:35:9b:7f:d4:c0:ae:64:a3:b8:
6e:a6:c1:a6:95:26:e4:a7:de:a9:22:68:32:87:7c:6b:a6:29:
d6:a7:97:81:a2:f6:5c:2b:3f:7a:e5:c8:9d:18:77:cd:2a:75:
7b:e1:c2:b5:85:ae:d1:de:51:52:0c:3f:98:e3:cc:94:28:ea:
6b:a0:ce:ef:03:ec:b8:5b:66:0e:65:26:d5:5f:04:0e:61:7d:
26:cb:68:22:a7:84:fa:40:97:fb:21:02:67:a7:10:1a:74:fd:
41:fa:66:da:34:6b:cf:59:dc:26:a7:01:db:df:40:4e:6c:96:
02:b9:75:e7:f6:b4:ba:6b:8d:a1:22:ae:8b:f1:95:b1:b4:2d:
8c:ad:b0:9e
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQhQ940gipcg8IL3RHeEj+OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMTkwZDEwMmFjOTYwM2I0MDViMzYzNzRkNDI5ODY4NjA0
OTM3YWYwHhcNMjUwMTAxMDk0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTc1ODkzMjIyMjQ2ZDY2MjI2NDdlNTM5ZGVjMGFlZTQwNzZjZTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAts//WO4akzj4xqhtcTpizqOg/RQY
HZT85UAh9XbHWHcWUC/ETtoVgWR0oZ0EZxskSXNRAmUWU7V1SzP/+6H1RajFVDiv
wJau2wHh6EIXDOZ2dbBQPhIyD0xwpYZRFfDwIv2KGOm0UGPgi/nZ7g7TstwSpw+X
js4q8RuGCqYDFZE4nxcLgVOsRxkY3xBI8woZ56qkzyFBVEZxKp09Y24KbVqVr22s
ACOdjx/incEeWuavUV2CatT/voUrRmxwLMJeibnfd5oRw4bjLAHyZtjZOzPJ27wA
yHa/bqy5751jqfmAsCAPqWWkxg8KXbkdqoguhzeo+I/wehsz8EIOj4k8EQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFM51iTIiJG1mImR+U53sCu5Ads5TMB8GA1UdIwQY
MBaAFLsZDRAqyWA7QFs2N01CmGhgSTevMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXhrTkVDckpZRHRBV3pZM1RVS1lhR0JKTjY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS82MzY5ZTYtMjMwNC00OTIyLWFmZGYt
ZTkzZTJlYmE2OWI5LzEvem5XSk1pSWtiV1lpWkg1VG5ld0s3a0IyemxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS82MzY5ZTYtMjMwNC00OTIyLWFmZGYtZTkzZTJlYmE2OWI5
LzEvdXhrTkVDckpZRHRBV3pZM1RVS1lhR0JKTjY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuU7QAwQC
uZQQMBQEAgACMA4DBQMqBW1AAwUDKgdbgDANBgkqhkiG9w0BAQsFAAOCAQEA0sgr
90NDhGP79BNMkw/hkT+sxY5ey4A7gZkCXEMaRULK8Ari5tmK3R6zTvkTXaikPFLh
sFz7MezXMyHYbbJV7X5RQwEQiUX+Uw62Na75hZemJLrdICgUkcvnAXSfWtVcI8LY
7/KSS8W881KFOtaRh4bRTJlyNZt/1MCuZKO4bqbBppUm5KfeqSJoMod8a6Yp1qeX
gaL2XCs/euXInRh3zSp1e+HCtYWu0d5RUgw/mOPMlCjqa6DO7wPsuFtmDmUm1V8E
DmF9JstoIqeE+kCX+yECZ6cQGnT9Qfpm2jRrz1ncJqcB299ATmyWArl15/a0umuN
oSKui/GVsbQtjK2wng==
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:37:06 2025 by rpki-client