Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/bead7f-480d-4841-b77d-f0eb1310e7a7/1/zpnOf9kFG2Xz2U_yV2ggZbtDJtc.roa
File: zpnOf9kFG2Xz2U_yV2ggZbtDJtc.roa (raw, json)
Hash identifier: iw1XdbLWPraJP46xAmdMKYSNoE+Pua69gMhun7cgX1E=
Subject key identifier: CE:99:CE:7F:D9:05:1B:65:F3:D9:4F:F2:57:68:20:65:BB:43:26:D7
Certificate issuer: /CN=56b550550d564180b1df7deb5b58d3a6b112e7e3
Certificate serial: 019427B619D2105F72675A01EFEC3C03A189
Authority key identifier: 56:B5:50:55:0D:56:41:80:B1:DF:7D:EB:5B:58:D3:A6:B1:12:E7:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrVQVQ1WQYCx333rW1jTprES5-M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/bead7f-480d-4841-b77d-f0eb1310e7a7/1/zpnOf9kFG2Xz2U_yV2ggZbtDJtc.roa
Signing time: Thu 02 Jan 2025 15:50:33 +0000
ROA not before: Thu 02 Jan 2025 15:50:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205366
IP address blocks: 185.201.108.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:19:d2:10:5f:72:67:5a:01:ef:ec:3c:03:a1:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b550550d564180b1df7deb5b58d3a6b112e7e3
Validity
Not Before: Jan 2 15:50:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ce99ce7fd9051b65f3d94ff257682065bb4326d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:86:ae:89:ea:e3:90:74:31:fd:84:6f:fb:eb:
6b:90:bd:76:c1:7f:95:2e:0a:50:fc:f1:92:56:e7:
2d:d6:e8:14:0b:cf:4a:65:f1:25:bc:bc:78:24:43:
36:95:de:90:27:07:4d:71:49:fa:d6:e0:b6:f9:da:
0f:1a:b4:aa:5c:81:76:b2:5b:11:bb:52:fb:8f:0a:
19:6b:e5:1c:f8:cc:04:33:7b:a9:0d:51:58:bc:ab:
c8:2d:05:64:eb:fb:77:19:40:c6:4e:9b:2a:fb:d3:
55:6f:9d:4c:76:1d:5c:ad:9a:65:0f:a8:22:a5:40:
13:a1:01:f0:6e:9f:7c:cb:60:53:18:3a:14:49:2a:
23:64:b1:a5:29:f2:30:0c:fb:2d:2d:57:62:8b:84:
90:06:88:2a:1e:39:59:d4:cf:6b:9f:5c:a3:63:42:
30:d5:fd:81:56:72:4a:5a:63:62:98:42:97:99:6f:
33:0f:6b:8e:34:c7:d0:b6:b0:14:d9:83:6f:51:13:
cb:b0:bf:28:f4:76:1f:d9:30:25:36:c1:45:1d:46:
9a:2d:67:7c:e8:f6:12:c7:6e:ce:0f:7f:2b:28:70:
fb:f4:1a:34:07:77:d6:e5:a3:e0:61:7f:80:5b:da:
64:50:87:2d:f5:af:81:6e:af:a5:01:77:10:7f:a3:
21:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:99:CE:7F:D9:05:1B:65:F3:D9:4F:F2:57:68:20:65:BB:43:26:D7
X509v3 Authority Key Identifier:
keyid:56:B5:50:55:0D:56:41:80:B1:DF:7D:EB:5B:58:D3:A6:B1:12:E7:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrVQVQ1WQYCx333rW1jTprES5-M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/bead7f-480d-4841-b77d-f0eb1310e7a7/1/zpnOf9kFG2Xz2U_yV2ggZbtDJtc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/bead7f-480d-4841-b77d-f0eb1310e7a7/1/VrVQVQ1WQYCx333rW1jTprES5-M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.201.108.0/23
Signature Algorithm: sha256WithRSAEncryption
9c:85:fa:6f:8a:aa:de:42:23:52:35:ce:80:82:bf:1f:7c:bd:
d8:d4:0c:0f:0d:7b:90:3b:e7:0e:c7:5b:8f:59:f2:5c:31:67:
9c:f6:6b:cb:99:90:2c:78:7f:17:8a:6d:23:56:46:7d:6c:37:
11:87:98:a0:68:7f:00:59:6c:e5:34:27:a8:c6:35:af:f1:77:
44:d7:b5:cc:47:5f:70:a8:9a:a2:cc:ff:ec:cf:40:32:d5:09:
0d:a3:04:b2:10:fe:58:3a:8b:bd:cd:79:2c:99:02:c1:d6:c0:
e0:7d:25:18:7b:05:8b:b8:4d:b2:e9:d7:07:fa:9f:a4:3e:8f:
c2:06:46:98:17:69:5f:a8:3f:f8:91:66:ce:fa:66:25:85:89:
82:39:c6:de:d1:42:33:c2:b1:9b:16:f3:29:08:a3:0f:0d:90:
5c:98:62:f1:4c:a0:3c:4b:d0:07:21:d8:41:e1:ba:1a:62:5b:
94:33:2a:c6:cc:14:fd:f8:35:bd:4a:97:f8:63:fe:d7:52:ee:
63:57:5c:6d:49:9b:1b:ac:a0:f5:3c:d4:69:00:f3:d7:e9:1d:
7a:25:26:b3:6b:5a:47:02:79:a3:4b:74:ab:a8:25:39:17:53:
59:a3:f3:f4:e7:76:49:9b:ba:41:ca:37:c9:3d:e0:13:09:f6:
7e:6a:4b:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnthnSEF9yZ1oB7+w8A6GJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YjU1MDU1MGQ1NjQxODBiMWRmN2RlYjViNThkM2E2YjEx
MmU3ZTMwHhcNMjUwMTAyMTU1MDMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTk5Y2U3ZmQ5MDUxYjY1ZjNkOTRmZjI1NzY4MjA2NWJiNDMyNmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYauierjkHQx/YRv++trkL12wX+V
LgpQ/PGSVuct1ugUC89KZfElvLx4JEM2ld6QJwdNcUn61uC2+doPGrSqXIF2slsR
u1L7jwoZa+Uc+MwEM3upDVFYvKvILQVk6/t3GUDGTpsq+9NVb51Mdh1crZplD6gi
pUAToQHwbp98y2BTGDoUSSojZLGlKfIwDPstLVdii4SQBogqHjlZ1M9rn1yjY0Iw
1f2BVnJKWmNimEKXmW8zD2uONMfQtrAU2YNvURPLsL8o9HYf2TAlNsFFHUaaLWd8
6PYSx27OD38rKHD79Bo0B3fW5aPgYX+AW9pkUIct9a+Bbq+lAXcQf6MhAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM6Zzn/ZBRtl89lP8ldoIGW7QybXMB8GA1UdIwQY
MBaAFFa1UFUNVkGAsd9961tY06axEufjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJWUVZRMVdRWUN4MzMzclcxalRwckVTNS1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9iZWFkN2YtNDgwZC00ODQxLWI3N2Qt
ZjBlYjEzMTBlN2E3LzEvenBuT2Y5a0ZHMlh6MlVfeVYyZ2daYnRESnRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9iZWFkN2YtNDgwZC00ODQxLWI3N2QtZjBlYjEzMTBlN2E3
LzEvVnJWUVZRMVdRWUN4MzMzclcxalRwckVTNS1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuclsMA0G
CSqGSIb3DQEBCwUAA4IBAQCchfpviqreQiNSNc6Agr8ffL3Y1AwPDXuQO+cOx1uP
WfJcMWec9mvLmZAseH8Xim0jVkZ9bDcRh5igaH8AWWzlNCeoxjWv8XdE17XMR19w
qJqizP/sz0Ay1QkNowSyEP5YOou9zXksmQLB1sDgfSUYewWLuE2y6dcH+p+kPo/C
BkaYF2lfqD/4kWbO+mYlhYmCOcbe0UIzwrGbFvMpCKMPDZBcmGLxTKA8S9AHIdhB
4boaYluUMyrGzBT9+DW9Spf4Y/7XUu5jV1xtSZsbrKD1PNRpAPPX6R16JSaza1pH
AnmjS3SrqCU5F1NZo/P053ZJm7pByjfJPeATCfZ+akvf
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:19:55 2025 by rpki-client