Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/73e504-b7bb-4ff8-bad8-b79552e700c5/1/zx2sQUv3rsJGXAZABCst4_xZkOQ.roa
File: zx2sQUv3rsJGXAZABCst4_xZkOQ.roa (raw, json)
Hash identifier: FBqifBeUX2hPnOiisT6KsJiWdU/gan88BUTxXJkwpMg=
Subject key identifier: CF:1D:AC:41:4B:F7:AE:C2:46:5C:06:40:04:2B:2D:E3:FC:59:90:E4
Certificate issuer: /CN=67b3b58b452239001eac2e221ba56c3afed7a790
Certificate serial: 0194221F6FF0C3FAD409C320C23461A97932
Authority key identifier: 67:B3:B5:8B:45:22:39:00:1E:AC:2E:22:1B:A5:6C:3A:FE:D7:A7:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7O1i0UiOQAerC4iG6VsOv7Xp5A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/73e504-b7bb-4ff8-bad8-b79552e700c5/1/zx2sQUv3rsJGXAZABCst4_xZkOQ.roa
Signing time: Wed 01 Jan 2025 13:47:53 +0000
ROA not before: Wed 01 Jan 2025 13:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44211
IP address blocks: 195.93.136.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:6f:f0:c3:fa:d4:09:c3:20:c2:34:61:a9:79:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b3b58b452239001eac2e221ba56c3afed7a790
Validity
Not Before: Jan 1 13:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf1dac414bf7aec2465c0640042b2de3fc5990e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:2d:58:7e:13:01:0e:12:54:c2:ce:cc:fe:71:
a5:ef:4a:3b:2b:80:79:02:77:eb:9a:ce:57:19:3c:
05:49:5c:3b:2e:0b:e5:7a:b2:93:d4:0d:a5:00:ac:
41:52:a4:21:72:e5:00:cd:d2:11:27:7d:77:66:72:
78:12:26:d6:3e:aa:a0:4a:25:cd:6a:46:58:6c:23:
1e:62:b5:36:ca:0f:c2:f4:0a:72:dc:f1:46:60:ed:
95:43:b1:18:26:7b:80:46:a2:0c:cb:54:de:d3:c9:
bb:94:d1:93:d7:31:11:24:71:36:26:a4:a5:45:c2:
4d:a8:a8:f5:72:12:ae:5a:15:38:ca:24:8d:7d:03:
4e:1c:45:ad:6e:12:0e:0e:41:ce:7a:26:01:8d:c9:
6d:80:3d:69:65:32:1d:54:8c:51:a8:4c:a3:33:6c:
aa:f1:84:78:a7:a1:86:b0:be:7f:b3:da:a7:f1:db:
62:05:5d:66:0f:e0:c6:4a:08:66:07:5b:d6:2a:7a:
97:cd:90:47:6b:70:c6:8f:ad:63:15:98:c4:43:b8:
6c:7f:2f:81:55:50:2f:3f:57:f0:31:52:0a:d7:01:
3c:97:90:e4:2f:91:44:5f:0d:8f:56:bd:5a:0f:c5:
52:76:a6:91:c1:c8:ab:b7:14:4f:db:10:03:af:26:
b1:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:1D:AC:41:4B:F7:AE:C2:46:5C:06:40:04:2B:2D:E3:FC:59:90:E4
X509v3 Authority Key Identifier:
keyid:67:B3:B5:8B:45:22:39:00:1E:AC:2E:22:1B:A5:6C:3A:FE:D7:A7:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7O1i0UiOQAerC4iG6VsOv7Xp5A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/73e504-b7bb-4ff8-bad8-b79552e700c5/1/zx2sQUv3rsJGXAZABCst4_xZkOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/73e504-b7bb-4ff8-bad8-b79552e700c5/1/Z7O1i0UiOQAerC4iG6VsOv7Xp5A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.93.136.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:56:eb:51:7c:8f:e2:5e:a1:04:c8:1f:db:9f:ab:4e:0d:0f:
a6:9f:02:95:fc:a6:42:11:9e:2c:1e:aa:0f:b5:dd:ea:3e:84:
6f:83:97:c6:fb:23:22:31:36:83:90:96:4d:50:96:9d:db:34:
db:f9:0b:c5:dc:f9:c8:4e:5b:59:f3:97:96:35:ab:a2:a0:80:
30:84:c1:be:1c:1e:4f:7c:04:a8:2d:30:f2:1d:8c:63:9b:fb:
2c:26:ce:c1:3a:63:ee:b4:81:1d:1a:ff:a7:a4:80:75:93:a0:
c6:b5:12:e3:db:93:0c:53:eb:ae:2b:1c:1a:a2:ea:b8:47:2e:
70:4f:ac:d7:cf:70:cb:6b:7d:e3:3a:71:a8:ee:2a:63:eb:db:
62:a7:29:2c:ee:21:5a:5e:7a:ff:9d:9d:2d:36:ca:ef:d5:a1:
bc:6a:83:6c:f0:d4:cb:9d:0d:fd:dd:1a:d9:52:00:25:f4:e4:
64:e1:a7:f3:1a:98:f0:f2:a3:82:57:96:9c:42:8d:c7:9a:10:
8d:11:14:f3:1b:47:d4:60:8a:35:50:72:59:8a:50:ab:bb:1b:
65:3f:bb:24:c9:6d:30:9d:c6:9f:89:93:38:29:f3:3b:07:38:
d8:88:7e:e4:34:08:35:0d:25:c0:95:80:f5:f1:eb:55:a1:80:
40:43:80:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH2/ww/rUCcMgwjRhqXkyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjNiNThiNDUyMjM5MDAxZWFjMmUyMjFiYTU2YzNhZmVk
N2E3OTAwHhcNMjUwMTAxMTM0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjFkYWM0MTRiZjdhZWMyNDY1YzA2NDAwNDJiMmRlM2ZjNTk5MGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0y1YfhMBDhJUws7M/nGl70o7K4B5
Anfrms5XGTwFSVw7LgvlerKT1A2lAKxBUqQhcuUAzdIRJ313ZnJ4EibWPqqgSiXN
akZYbCMeYrU2yg/C9Apy3PFGYO2VQ7EYJnuARqIMy1Te08m7lNGT1zERJHE2JqSl
RcJNqKj1chKuWhU4yiSNfQNOHEWtbhIODkHOeiYBjcltgD1pZTIdVIxRqEyjM2yq
8YR4p6GGsL5/s9qn8dtiBV1mD+DGSghmB1vWKnqXzZBHa3DGj61jFZjEQ7hsfy+B
VVAvP1fwMVIK1wE8l5DkL5FEXw2PVr1aD8VSdqaRwcirtxRP2xADryaxpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM8drEFL967CRlwGQAQrLeP8WZDkMB8GA1UdIwQY
MBaAFGeztYtFIjkAHqwuIhulbDr+16eQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdPMWkwVWlPUUFlckM0aUc2VnNPdjdYcDVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy83M2U1MDQtYjdiYi00ZmY4LWJhZDgt
Yjc5NTUyZTcwMGM1LzEvengyc1FVdjNyc0pHWEFaQUJDc3Q0X3haa09RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy83M2U1MDQtYjdiYi00ZmY4LWJhZDgtYjc5NTUyZTcwMGM1
LzEvWjdPMWkwVWlPUUFlckM0aUc2VnNPdjdYcDVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw12IMA0G
CSqGSIb3DQEBCwUAA4IBAQA9VutRfI/iXqEEyB/bn6tODQ+mnwKV/KZCEZ4sHqoP
td3qPoRvg5fG+yMiMTaDkJZNUJad2zTb+QvF3PnITltZ85eWNauioIAwhMG+HB5P
fASoLTDyHYxjm/ssJs7BOmPutIEdGv+npIB1k6DGtRLj25MMU+uuKxwaouq4Ry5w
T6zXz3DLa33jOnGo7ipj69tipyks7iFaXnr/nZ0tNsrv1aG8aoNs8NTLnQ393RrZ
UgAl9ORk4afzGpjw8qOCV5acQo3HmhCNERTzG0fUYIo1UHJZilCruxtlP7skyW0w
ncafiZM4KfM7BzjYiH7kNAg1DSXAlYD18etVoYBAQ4Bt
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:14:57 2025 by rpki-client