Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/523c7d-3917-4137-9df3-abea625868a8/1/ZRv7bLa28b8tf6OWanURzCF5xRg.roa
File: ZRv7bLa28b8tf6OWanURzCF5xRg.roa (raw, json)
Hash identifier: oK8tGS8JdWtsRZmm08fTUJdRLOafRX6MArGF8Pv/FL0=
Subject key identifier: 65:1B:FB:6C:B6:B6:F1:BF:2D:7F:A3:96:6A:75:11:CC:21:79:C5:18
Certificate issuer: /CN=37c651736e243d5ea6cecca63afdb4a0312d7730
Certificate serial: 019427B6910E690AE243218162BA69BCD229
Authority key identifier: 37:C6:51:73:6E:24:3D:5E:A6:CE:CC:A6:3A:FD:B4:A0:31:2D:77:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N8ZRc24kPV6mzsymOv20oDEtdzA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/523c7d-3917-4137-9df3-abea625868a8/1/ZRv7bLa28b8tf6OWanURzCF5xRg.roa
Signing time: Thu 02 Jan 2025 15:51:03 +0000
ROA not before: Thu 02 Jan 2025 15:51:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198049
IP address blocks: 91.230.145.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:91:0e:69:0a:e2:43:21:81:62:ba:69:bc:d2:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37c651736e243d5ea6cecca63afdb4a0312d7730
Validity
Not Before: Jan 2 15:51:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=651bfb6cb6b6f1bf2d7fa3966a7511cc2179c518
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:18:47:d8:b6:4a:5f:de:30:cb:79:26:5f:e6:
0a:5c:9a:73:da:0e:81:6b:1b:fb:3d:7f:4a:8c:46:
b5:f8:87:60:44:27:f2:5a:20:80:f6:15:da:46:30:
f0:30:f4:ff:a0:57:65:4f:75:e7:70:34:70:7b:a2:
49:41:5a:3c:57:7e:56:26:e4:fe:92:24:a4:14:e7:
ad:60:6a:bc:d6:94:a0:cb:e3:0f:ad:cc:c3:65:99:
f5:33:12:35:f0:46:c3:f7:65:8b:e0:7d:f8:bb:56:
92:fd:99:35:15:6a:05:b9:b2:2c:3d:fd:18:d8:07:
f3:28:aa:67:9f:f3:1e:54:13:f4:3f:ea:95:78:1c:
85:ed:ce:c4:3f:73:e0:d9:4b:0d:5d:29:17:db:2d:
29:7d:51:ab:5f:ae:dd:3f:f6:fa:71:fe:a9:50:52:
39:65:f0:03:ed:83:c6:93:e2:52:3c:25:b5:64:cf:
40:1c:b8:36:58:d6:4d:9d:64:16:96:c9:69:d6:93:
47:96:68:94:ca:97:9f:86:54:46:ba:34:71:c6:be:
58:94:4c:e3:07:88:7d:9e:83:78:65:49:b6:05:4d:
b4:5b:44:4c:21:50:21:32:47:00:16:e6:00:4c:e3:
b3:0f:4a:22:ed:24:60:d8:b0:ea:63:c9:fd:5b:86:
d9:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:1B:FB:6C:B6:B6:F1:BF:2D:7F:A3:96:6A:75:11:CC:21:79:C5:18
X509v3 Authority Key Identifier:
keyid:37:C6:51:73:6E:24:3D:5E:A6:CE:CC:A6:3A:FD:B4:A0:31:2D:77:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N8ZRc24kPV6mzsymOv20oDEtdzA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/523c7d-3917-4137-9df3-abea625868a8/1/ZRv7bLa28b8tf6OWanURzCF5xRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/523c7d-3917-4137-9df3-abea625868a8/1/N8ZRc24kPV6mzsymOv20oDEtdzA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.145.0/24
Signature Algorithm: sha256WithRSAEncryption
53:3a:4d:11:c5:2f:39:40:1a:78:8d:e0:b3:c2:7b:41:ad:93:
ca:4d:22:28:54:32:da:51:8b:03:32:28:c6:9f:95:ba:88:6d:
e5:30:a8:dd:37:5e:fd:71:4e:f9:23:eb:4b:7e:01:ab:ae:4a:
0b:46:11:ae:0e:47:81:0b:36:9c:1d:ac:9a:48:fc:e6:56:de:
6e:a7:7b:e5:d6:c1:6c:be:68:b7:08:82:03:3e:b6:13:b8:87:
bf:fb:2b:15:fa:98:eb:0e:9e:d6:62:ea:5c:56:3e:e9:86:a6:
e4:89:74:74:32:67:9b:0c:15:f1:7a:69:e4:d4:86:94:58:43:
cc:de:52:ed:7d:b1:41:7f:6e:1d:7c:cb:9a:a7:eb:41:d5:88:
88:09:02:55:e1:c0:49:be:70:98:3d:76:f8:6a:38:5b:f4:2e:
ef:d6:64:a5:92:d4:07:63:9f:49:7d:50:af:b9:15:fa:46:13:
68:2b:22:d5:60:26:23:e9:cd:47:d6:85:15:55:92:e2:c2:4a:
48:fd:53:3e:27:7a:ca:65:e5:1d:a1:19:87:3f:18:dc:b1:bf:
e1:31:d3:5c:11:dc:b0:0e:cf:6b:2f:b3:a1:d7:54:1f:60:ba:
80:0e:89:ff:76:5d:9e:70:f9:d2:08:ea:1f:8d:b1:2b:04:58:
3c:ed:b1:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntpEOaQriQyGBYrppvNIpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3YzY1MTczNmUyNDNkNWVhNmNlY2NhNjNhZmRiNGEwMzEy
ZDc3MzAwHhcNMjUwMTAyMTU1MTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTFiZmI2Y2I2YjZmMWJmMmQ3ZmEzOTY2YTc1MTFjYzIxNzljNTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxhH2LZKX94wy3kmX+YKXJpz2g6B
axv7PX9KjEa1+IdgRCfyWiCA9hXaRjDwMPT/oFdlT3XncDRwe6JJQVo8V35WJuT+
kiSkFOetYGq81pSgy+MPrczDZZn1MxI18EbD92WL4H34u1aS/Zk1FWoFubIsPf0Y
2AfzKKpnn/MeVBP0P+qVeByF7c7EP3Pg2UsNXSkX2y0pfVGrX67dP/b6cf6pUFI5
ZfAD7YPGk+JSPCW1ZM9AHLg2WNZNnWQWlslp1pNHlmiUypefhlRGujRxxr5YlEzj
B4h9noN4ZUm2BU20W0RMIVAhMkcAFuYATOOzD0oi7SRg2LDqY8n9W4bZRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGUb+2y2tvG/LX+jlmp1EcwhecUYMB8GA1UdIwQY
MBaAFDfGUXNuJD1eps7Mpjr9tKAxLXcwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjhaUmMyNGtQVjZtenN5bU92MjBvREV0ZHpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi81MjNjN2QtMzkxNy00MTM3LTlkZjMt
YWJlYTYyNTg2OGE4LzEvWlJ2N2JMYTI4Yjh0ZjZPV2FuVVJ6Q0Y1eFJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi81MjNjN2QtMzkxNy00MTM3LTlkZjMtYWJlYTYyNTg2OGE4
LzEvTjhaUmMyNGtQVjZtenN5bU92MjBvREV0ZHpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+aRMA0G
CSqGSIb3DQEBCwUAA4IBAQBTOk0RxS85QBp4jeCzwntBrZPKTSIoVDLaUYsDMijG
n5W6iG3lMKjdN179cU75I+tLfgGrrkoLRhGuDkeBCzacHayaSPzmVt5up3vl1sFs
vmi3CIIDPrYTuIe/+ysV+pjrDp7WYupcVj7phqbkiXR0MmebDBXxemnk1IaUWEPM
3lLtfbFBf24dfMuap+tB1YiICQJV4cBJvnCYPXb4ajhb9C7v1mSlktQHY59JfVCv
uRX6RhNoKyLVYCYj6c1H1oUVVZLiwkpI/VM+J3rKZeUdoRmHPxjcsb/hMdNcEdyw
Ds9rL7Oh11QfYLqADon/dl2ecPnSCOofjbErBFg87bHw
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:13:11 2025 by rpki-client