Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/f615b0-4d98-4a3d-8bd2-4c93bee27d54/1/zTErCzfeAqe_qlccgZ6Xz2BpNCc.roa
File: zTErCzfeAqe_qlccgZ6Xz2BpNCc.roa (raw, json)
Hash identifier: 9mx99kal+/jXSa14TzN46OzBllqi4wkCOsaAScYXF7g=
Subject key identifier: CD:31:2B:0B:37:DE:02:A7:BF:AA:57:1C:81:9E:97:CF:60:69:34:27
Certificate issuer: /CN=8405c07192a8106fedb0760b8945032ca1d3054b
Certificate serial: 019425215A59BAC981FE998BC556C124A80A
Authority key identifier: 84:05:C0:71:92:A8:10:6F:ED:B0:76:0B:89:45:03:2C:A1:D3:05:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hAXAcZKoEG_tsHYLiUUDLKHTBUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/f615b0-4d98-4a3d-8bd2-4c93bee27d54/1/zTErCzfeAqe_qlccgZ6Xz2BpNCc.roa
Signing time: Thu 02 Jan 2025 03:48:50 +0000
ROA not before: Thu 02 Jan 2025 03:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35325
IP address blocks: 185.208.228.0/22 maxlen: 22
185.208.228.0/23 maxlen: 23
185.208.230.0/23 maxlen: 23
193.239.234.0/23 maxlen: 23
193.239.234.0/24 maxlen: 24
193.239.235.0/24 maxlen: 24
194.187.152.0/22 maxlen: 22
194.187.152.0/23 maxlen: 23
194.187.154.0/23 maxlen: 23
2a0c:3a80::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:5a:59:ba:c9:81:fe:99:8b:c5:56:c1:24:a8:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8405c07192a8106fedb0760b8945032ca1d3054b
Validity
Not Before: Jan 2 03:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd312b0b37de02a7bfaa571c819e97cf60693427
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:b2:a7:ca:5e:9d:60:d9:80:4b:29:97:18:e9:
19:29:9d:9d:84:ff:c2:bd:88:38:ac:78:9a:2a:b9:
f0:30:f1:bc:9e:2e:f6:ef:20:df:4c:31:01:51:62:
5a:aa:1a:62:33:39:68:25:b4:73:25:00:6d:26:d7:
0a:22:8c:6a:88:5b:50:54:35:31:0f:b1:8f:27:4c:
19:48:c6:87:29:8a:2b:85:6c:f8:df:1a:ef:43:76:
93:3b:4f:a2:c6:73:53:57:db:a7:91:e2:d4:8b:e5:
21:e5:4c:75:69:51:17:14:1a:cc:92:49:f4:b3:b1:
9f:84:7a:6c:27:9c:bc:00:6f:71:39:75:a3:bc:76:
49:5f:9f:bd:be:15:98:d4:c8:ef:a3:67:93:e7:4b:
8a:58:26:e7:43:d5:93:41:e4:30:ab:db:c9:67:e3:
ed:16:d7:96:4c:17:56:2c:fe:de:ec:10:d1:8d:e0:
01:63:5d:f2:3f:eb:63:a9:19:09:bf:6c:4c:0e:c1:
72:b0:e9:c7:92:7c:4c:98:05:35:b7:22:bc:30:19:
ee:d6:83:a8:ae:48:3c:94:5f:e6:69:72:2d:b3:5e:
d8:1f:a2:be:85:cc:dd:86:fe:59:a4:95:73:2b:13:
f2:50:d8:d8:b3:8b:57:ab:72:60:15:91:1e:07:f6:
fb:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:31:2B:0B:37:DE:02:A7:BF:AA:57:1C:81:9E:97:CF:60:69:34:27
X509v3 Authority Key Identifier:
keyid:84:05:C0:71:92:A8:10:6F:ED:B0:76:0B:89:45:03:2C:A1:D3:05:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hAXAcZKoEG_tsHYLiUUDLKHTBUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f615b0-4d98-4a3d-8bd2-4c93bee27d54/1/zTErCzfeAqe_qlccgZ6Xz2BpNCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f615b0-4d98-4a3d-8bd2-4c93bee27d54/1/hAXAcZKoEG_tsHYLiUUDLKHTBUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.228.0/22
193.239.234.0/23
194.187.152.0/22
IPv6:
2a0c:3a80::/40
Signature Algorithm: sha256WithRSAEncryption
70:55:6c:cd:d8:64:2b:31:6f:4c:e1:94:3d:cf:2e:bb:7a:7c:
40:8f:5d:c7:94:d3:dd:a2:e0:b1:c4:55:90:09:48:c7:b4:38:
59:23:fb:23:e0:fa:07:21:bb:97:10:d5:fd:a2:ad:6c:af:8f:
1c:05:34:24:8c:22:1c:38:07:9f:ce:a5:cc:88:c4:c2:16:06:
88:59:11:69:b2:12:da:05:58:05:08:5c:8c:ef:4b:69:94:be:
50:f8:58:94:c1:41:2b:7d:aa:02:56:cd:ad:04:a1:a0:10:84:
dc:a8:9a:09:7d:78:df:5d:52:2e:35:af:9e:43:60:21:28:eb:
2c:24:dd:6a:9a:2f:e3:ec:be:7b:3e:57:71:11:fb:4f:59:51:
32:0a:96:09:9a:b6:6c:2c:c8:64:b8:2f:31:98:cc:1e:4c:84:
db:df:cc:b7:43:c8:af:c6:88:79:ad:2c:61:c3:d9:e3:a5:0f:
f8:d3:0a:2c:fe:7f:b8:82:52:44:08:e4:d4:1a:86:a9:bd:11:
e1:fd:90:f0:8f:74:44:b7:1b:43:79:06:45:be:96:29:82:a8:
16:0c:69:26:a0:58:39:98:53:7a:be:88:7b:46:27:b7:28:e3:
31:ef:fd:6b:08:9d:88:a7:29:14:c9:d2:60:8e:47:f2:9e:77:
20:69:08:91
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQlIVpZusmB/pmLxVbBJKgKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MDVjMDcxOTJhODEwNmZlZGIwNzYwYjg5NDUwMzJjYTFk
MzA1NGIwHhcNMjUwMTAyMDM0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDMxMmIwYjM3ZGUwMmE3YmZhYTU3MWM4MTllOTdjZjYwNjkzNDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrKnyl6dYNmASymXGOkZKZ2dhP/C
vYg4rHiaKrnwMPG8ni727yDfTDEBUWJaqhpiMzloJbRzJQBtJtcKIoxqiFtQVDUx
D7GPJ0wZSMaHKYorhWz43xrvQ3aTO0+ixnNTV9unkeLUi+Uh5Ux1aVEXFBrMkkn0
s7GfhHpsJ5y8AG9xOXWjvHZJX5+9vhWY1Mjvo2eT50uKWCbnQ9WTQeQwq9vJZ+Pt
FteWTBdWLP7e7BDRjeABY13yP+tjqRkJv2xMDsFysOnHknxMmAU1tyK8MBnu1oOo
rkg8lF/maXIts17YH6K+hczdhv5ZpJVzKxPyUNjYs4tXq3JgFZEeB/b7pwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFM0xKws33gKnv6pXHIGel89gaTQnMB8GA1UdIwQY
MBaAFIQFwHGSqBBv7bB2C4lFAyyh0wVLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEFYQWNaS29FR190c0hZTGlVVURMS0hUQlVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9mNjE1YjAtNGQ5OC00YTNkLThiZDIt
NGM5M2JlZTI3ZDU0LzEvelRFckN6ZmVBcWVfcWxjY2daNlh6MkJwTkNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9mNjE1YjAtNGQ5OC00YTNkLThiZDItNGM5M2JlZTI3ZDU0
LzEvaEFYQWNaS29FR190c0hZTGlVVURMS0hUQlVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQCudDkAwQB
we/qAwQCwruYMA4EAgACMAgDBgAqDDqAADANBgkqhkiG9w0BAQsFAAOCAQEAcFVs
zdhkKzFvTOGUPc8uu3p8QI9dx5TT3aLgscRVkAlIx7Q4WSP7I+D6ByG7lxDV/aKt
bK+PHAU0JIwiHDgHn86lzIjEwhYGiFkRabIS2gVYBQhcjO9LaZS+UPhYlMFBK32q
AlbNrQShoBCE3KiaCX14311SLjWvnkNgISjrLCTdapov4+y+ez5XcRH7T1lRMgqW
CZq2bCzIZLgvMZjMHkyE29/Mt0PIr8aIea0sYcPZ46UP+NMKLP5/uIJSRAjk1BqG
qb0R4f2Q8I90RLcbQ3kGRb6WKYKoFgxpJqBYOZhTer6Ie0YntyjjMe/9awidiKcp
FMnSYI5H8p53IGkIkQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:09:50 2025 by rpki-client