Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/3fd6e9-17d3-4019-8669-9666d976285d/1/0Z-sHAnSl4bp7AfPwuyFGmDsZbs.roa
File: 0Z-sHAnSl4bp7AfPwuyFGmDsZbs.roa (raw, json)
Hash identifier: Qd7UsFgJxINuR8Lxz3kq3vgAmJnbsTZmvzg3tBE1gSg=
Subject key identifier: D1:9F:AC:1C:09:D2:97:86:E9:EC:07:CF:C2:EC:85:1A:60:EC:65:BB
Certificate issuer: /CN=b0a5699a08c7bfd707cfb06d3213f5cacbf28257
Certificate serial: 019428269BC5F610A99138C8440AA868DC54
Authority key identifier: B0:A5:69:9A:08:C7:BF:D7:07:CF:B0:6D:32:13:F5:CA:CB:F2:82:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sKVpmgjHv9cHz7BtMhP1ysvyglc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/3fd6e9-17d3-4019-8669-9666d976285d/1/0Z-sHAnSl4bp7AfPwuyFGmDsZbs.roa
Signing time: Thu 02 Jan 2025 17:53:26 +0000
ROA not before: Thu 02 Jan 2025 17:53:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216135
IP address blocks: 185.171.164.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:9b:c5:f6:10:a9:91:38:c8:44:0a:a8:68:dc:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0a5699a08c7bfd707cfb06d3213f5cacbf28257
Validity
Not Before: Jan 2 17:53:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d19fac1c09d29786e9ec07cfc2ec851a60ec65bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:dc:75:39:74:99:2b:43:88:b7:5c:42:1d:3e:
87:11:7a:27:a5:79:16:af:6d:92:0a:fb:1d:6b:22:
89:76:be:cc:b9:8a:40:22:4f:a0:69:55:a5:78:c1:
79:13:82:ba:4c:4e:6f:c2:7f:b1:4a:e7:79:c5:89:
3d:3d:7d:83:fb:c9:98:8d:b7:ed:c8:5f:d7:f6:3a:
b0:aa:24:f7:cf:70:ed:c1:b7:34:c1:e6:9b:8c:f8:
f3:cd:b3:9f:da:03:55:f5:c7:f6:6a:2a:3f:18:27:
e9:e3:9b:78:3a:57:e2:c6:be:3a:f6:2b:f3:d7:bc:
5d:b2:a7:97:a8:8a:3d:7a:38:f8:82:4f:95:ba:9c:
76:26:b8:59:d8:2f:d8:9d:41:ba:8f:d9:82:c6:f3:
b7:98:4b:9c:b1:94:1e:f5:f2:90:d2:90:cf:cf:35:
84:9b:06:4c:96:a1:aa:0e:65:fd:a7:ee:1c:05:85:
7f:7b:34:96:7e:5b:a3:f3:52:ee:73:37:e6:1c:e9:
cf:4a:79:d8:0b:f5:7f:cc:d9:ce:3a:17:56:f2:d8:
54:35:51:04:74:ba:b6:be:cb:72:cd:67:3c:9d:42:
00:11:56:5b:91:3a:c3:72:b3:a1:4e:41:2d:be:fa:
a1:3a:f5:29:c5:68:e6:f7:04:be:45:f8:00:e6:e4:
70:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:9F:AC:1C:09:D2:97:86:E9:EC:07:CF:C2:EC:85:1A:60:EC:65:BB
X509v3 Authority Key Identifier:
keyid:B0:A5:69:9A:08:C7:BF:D7:07:CF:B0:6D:32:13:F5:CA:CB:F2:82:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sKVpmgjHv9cHz7BtMhP1ysvyglc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/3fd6e9-17d3-4019-8669-9666d976285d/1/0Z-sHAnSl4bp7AfPwuyFGmDsZbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/3fd6e9-17d3-4019-8669-9666d976285d/1/sKVpmgjHv9cHz7BtMhP1ysvyglc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.164.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:11:cd:db:e0:ad:38:0f:5a:24:bc:24:73:47:3c:14:e9:f6:
0b:48:21:3a:59:ff:62:f4:70:ee:b0:00:06:22:2b:ca:b1:12:
7f:48:f2:88:44:e4:a0:5f:a3:0e:2b:94:98:2d:7d:74:d0:6b:
49:97:21:7f:30:b2:d1:bf:e7:98:01:4e:27:f3:83:da:b1:e6:
91:2e:0c:3b:26:2a:01:b2:75:03:9c:ee:4f:e4:3e:cc:df:19:
ce:96:0e:ef:77:d8:37:3d:1f:84:20:11:86:45:65:63:ab:f9:
81:6a:89:1d:df:fc:a5:17:65:92:c8:70:d3:18:c9:b3:ae:2a:
92:b1:f2:07:6c:67:da:3f:62:c3:33:11:5d:43:25:68:56:44:
73:ac:d2:e2:4e:78:37:15:b5:db:ff:1a:0d:e8:82:c1:fd:89:
e6:ac:32:0e:23:00:d7:e5:4f:cf:a2:9c:2a:5e:07:14:de:07:
7e:19:81:10:e3:ed:ac:0a:c0:39:03:1c:45:d9:15:84:00:07:
91:84:40:92:01:17:5b:8f:ec:5c:1a:5d:10:a9:fa:7a:5b:c2:
ed:6c:f6:75:86:4f:3d:2e:b6:90:22:89:e5:07:77:08:a5:ea:
34:6f:7c:30:60:b6:76:8a:64:52:ff:30:61:ea:54:5b:2f:19:
cc:e0:80:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJpvF9hCpkTjIRAqoaNxUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYTU2OTlhMDhjN2JmZDcwN2NmYjA2ZDMyMTNmNWNhY2Jm
MjgyNTcwHhcNMjUwMTAyMTc1MzI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTlmYWMxYzA5ZDI5Nzg2ZTllYzA3Y2ZjMmVjODUxYTYwZWM2NWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0dx1OXSZK0OIt1xCHT6HEXonpXkW
r22SCvsdayKJdr7MuYpAIk+gaVWleMF5E4K6TE5vwn+xSud5xYk9PX2D+8mYjbft
yF/X9jqwqiT3z3Dtwbc0weabjPjzzbOf2gNV9cf2aio/GCfp45t4Olfixr469ivz
17xdsqeXqIo9ejj4gk+Vupx2JrhZ2C/YnUG6j9mCxvO3mEucsZQe9fKQ0pDPzzWE
mwZMlqGqDmX9p+4cBYV/ezSWfluj81LuczfmHOnPSnnYC/V/zNnOOhdW8thUNVEE
dLq2vstyzWc8nUIAEVZbkTrDcrOhTkEtvvqhOvUpxWjm9wS+RfgA5uRwBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNGfrBwJ0peG6ewHz8LshRpg7GW7MB8GA1UdIwQY
MBaAFLClaZoIx7/XB8+wbTIT9crL8oJXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0tWcG1nakh2OWNIejdCdE1oUDF5c3Z5Z2xjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8zZmQ2ZTktMTdkMy00MDE5LTg2Njkt
OTY2NmQ5NzYyODVkLzEvMFotc0hBblNsNGJwN0FmUHd1eUZHbURzWmJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8zZmQ2ZTktMTdkMy00MDE5LTg2NjktOTY2NmQ5NzYyODVk
LzEvc0tWcG1nakh2OWNIejdCdE1oUDF5c3Z5Z2xjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaukMA0G
CSqGSIb3DQEBCwUAA4IBAQAtEc3b4K04D1okvCRzRzwU6fYLSCE6Wf9i9HDusAAG
IivKsRJ/SPKIROSgX6MOK5SYLX100GtJlyF/MLLRv+eYAU4n84PaseaRLgw7JioB
snUDnO5P5D7M3xnOlg7vd9g3PR+EIBGGRWVjq/mBaokd3/ylF2WSyHDTGMmzriqS
sfIHbGfaP2LDMxFdQyVoVkRzrNLiTng3FbXb/xoN6ILB/YnmrDIOIwDX5U/Popwq
XgcU3gd+GYEQ4+2sCsA5AxxF2RWEAAeRhECSARdbj+xcGl0Qqfp6W8LtbPZ1hk89
LraQIonlB3cIpeo0b3wwYLZ2imRS/zBh6lRbLxnM4IBK
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:30:03 2025 by rpki-client