Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/b3961c-3f68-45c1-a04e-95469bf09340/1/Z5QHoKQNr7K3ZZ1_pXiHs3_16g8.roa
File: Z5QHoKQNr7K3ZZ1_pXiHs3_16g8.roa (raw, json)
Hash identifier: /CZOibzm07xlRo0dBVlbyqc4APuq7TkYKFvaBHtU91A=
Subject key identifier: 67:94:07:A0:A4:0D:AF:B2:B7:65:9D:7F:A5:78:87:B3:7F:F5:EA:0F
Certificate issuer: /CN=4e8db964389446cabcaf7941cd198342c2336dd0
Certificate serial: 0194266B54BDB3E31E360D9B3079AB06FE42
Authority key identifier: 4E:8D:B9:64:38:94:46:CA:BC:AF:79:41:CD:19:83:42:C2:33:6D:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/To25ZDiURsq8r3lBzRmDQsIzbdA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/b3961c-3f68-45c1-a04e-95469bf09340/1/Z5QHoKQNr7K3ZZ1_pXiHs3_16g8.roa
Signing time: Thu 02 Jan 2025 09:49:15 +0000
ROA not before: Thu 02 Jan 2025 09:49:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200565
IP address blocks: 185.11.64.0/22 maxlen: 22
185.99.136.0/22 maxlen: 22
212.78.242.0/23 maxlen: 23
2a12:4540::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:54:bd:b3:e3:1e:36:0d:9b:30:79:ab:06:fe:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e8db964389446cabcaf7941cd198342c2336dd0
Validity
Not Before: Jan 2 09:49:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=679407a0a40dafb2b7659d7fa57887b37ff5ea0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:dc:96:07:6f:ef:01:a3:55:52:06:48:88:83:
e6:c1:2a:af:ff:05:c4:e8:26:8a:6b:45:28:e6:43:
38:5a:3b:96:d4:00:88:a2:94:82:92:62:6a:e3:bd:
c8:ce:39:c6:34:8d:32:ad:20:54:0c:be:cc:e8:59:
82:76:19:61:57:28:51:41:9a:8b:ea:2d:77:91:ae:
19:77:8d:1e:8f:cc:08:ee:9c:3e:a4:64:4b:0f:39:
4d:18:fb:1b:8b:54:9b:4b:2a:d8:a6:3d:83:55:15:
99:8b:79:69:57:b2:c9:81:24:aa:e2:1b:04:a2:1e:
4d:82:b8:08:a5:69:b1:2d:fc:22:30:77:a8:b4:1f:
4c:5c:5f:35:f9:d6:f5:a6:8c:6d:bb:e4:18:c9:8c:
df:1e:f8:22:9c:22:df:cd:26:78:6f:7a:7d:4c:7a:
39:ff:a1:27:f6:65:88:60:f9:43:1a:c4:8a:d5:68:
ef:f0:72:52:26:a0:63:98:03:4c:cf:ef:f3:21:c4:
6e:69:31:c0:55:dc:ae:41:e6:54:c8:e6:56:dd:a6:
38:52:2f:8d:f2:2a:00:0d:61:6f:f6:3a:34:70:29:
08:c8:61:d5:d5:08:49:e0:70:26:5e:7b:4d:04:44:
b9:d4:b2:3e:13:7a:df:09:b9:99:34:c0:da:e8:23:
00:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:94:07:A0:A4:0D:AF:B2:B7:65:9D:7F:A5:78:87:B3:7F:F5:EA:0F
X509v3 Authority Key Identifier:
keyid:4E:8D:B9:64:38:94:46:CA:BC:AF:79:41:CD:19:83:42:C2:33:6D:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/To25ZDiURsq8r3lBzRmDQsIzbdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/b3961c-3f68-45c1-a04e-95469bf09340/1/Z5QHoKQNr7K3ZZ1_pXiHs3_16g8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/b3961c-3f68-45c1-a04e-95469bf09340/1/To25ZDiURsq8r3lBzRmDQsIzbdA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.11.64.0/22
185.99.136.0/22
212.78.242.0/23
IPv6:
2a12:4540::/29
Signature Algorithm: sha256WithRSAEncryption
15:01:24:6a:eb:e7:cb:39:ea:db:bd:f5:69:a9:4c:03:1b:29:
14:0f:f6:67:30:bc:24:0f:92:5f:db:1a:52:a6:0a:72:77:6b:
4b:4a:0c:16:32:d5:94:63:ef:68:2d:b4:af:75:4c:60:58:44:
bc:bf:a6:b3:ff:7b:82:cf:ed:0f:73:3a:3a:6a:50:8c:79:fe:
4e:04:25:b6:ed:7d:7a:b7:1b:95:cb:b2:19:b0:87:62:78:ab:
53:58:af:86:a5:e4:a9:d8:d0:66:de:c7:61:a4:43:41:9b:d9:
8a:de:74:01:73:71:7d:70:7d:22:c0:2c:25:43:dc:35:f3:ce:
99:80:fc:67:bd:2f:8c:48:4b:1b:5a:24:f1:1a:88:ac:2c:18:
99:65:bc:cc:e9:87:9d:d2:07:12:a4:0e:44:bd:56:9d:fa:38:
10:e3:2d:18:70:19:d2:9c:73:ce:33:c7:35:63:70:1d:65:62:
9a:63:82:27:3f:cb:dd:3b:3a:8d:54:fc:54:63:c6:e8:25:ab:
12:f2:56:f9:5e:8e:1e:65:0d:91:c6:bf:d4:fb:ed:9b:07:99:
2c:c4:8a:33:12:a4:95:c8:5b:f5:6a:c5:a2:80:81:4b:c2:ba:
b3:5d:b5:77:2a:1c:8d:3b:72:89:97:4b:9c:07:bd:c1:a8:48:
3b:2f:ed:1d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQma1S9s+MeNg2bMHmrBv5CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlOGRiOTY0Mzg5NDQ2Y2FiY2FmNzk0MWNkMTk4MzQyYzIz
MzZkZDAwHhcNMjUwMTAyMDk0OTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Nzk0MDdhMGE0MGRhZmIyYjc2NTlkN2ZhNTc4ODdiMzdmZjVlYTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNyWB2/vAaNVUgZIiIPmwSqv/wXE
6CaKa0Uo5kM4WjuW1ACIopSCkmJq473IzjnGNI0yrSBUDL7M6FmCdhlhVyhRQZqL
6i13ka4Zd40ej8wI7pw+pGRLDzlNGPsbi1SbSyrYpj2DVRWZi3lpV7LJgSSq4hsE
oh5NgrgIpWmxLfwiMHeotB9MXF81+db1poxtu+QYyYzfHvginCLfzSZ4b3p9THo5
/6En9mWIYPlDGsSK1Wjv8HJSJqBjmANMz+/zIcRuaTHAVdyuQeZUyOZW3aY4Ui+N
8ioADWFv9jo0cCkIyGHV1QhJ4HAmXntNBES51LI+E3rfCbmZNMDa6CMAYwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGeUB6CkDa+yt2Wdf6V4h7N/9eoPMB8GA1UdIwQY
MBaAFE6NuWQ4lEbKvK95Qc0Zg0LCM23QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVG8yNVpEaVVSc3E4cjNsQnpSbURRc0l6YmRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9iMzk2MWMtM2Y2OC00NWMxLWEwNGUt
OTU0NjliZjA5MzQwLzEvWjVRSG9LUU5yN0szWloxX3BYaUhzM18xNmc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9iMzk2MWMtM2Y2OC00NWMxLWEwNGUtOTU0NjliZjA5MzQw
LzEvVG8yNVpEaVVSc3E4cjNsQnpSbURRc0l6YmRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuQtAAwQC
uWOIAwQB1E7yMA0EAgACMAcDBQMqEkVAMA0GCSqGSIb3DQEBCwUAA4IBAQAVASRq
6+fLOerbvfVpqUwDGykUD/ZnMLwkD5Jf2xpSpgpyd2tLSgwWMtWUY+9oLbSvdUxg
WES8v6az/3uCz+0Pczo6alCMef5OBCW27X16txuVy7IZsIdieKtTWK+GpeSp2NBm
3sdhpENBm9mK3nQBc3F9cH0iwCwlQ9w1886ZgPxnvS+MSEsbWiTxGoisLBiZZbzM
6Yed0gcSpA5EvVad+jgQ4y0YcBnSnHPOM8c1Y3AdZWKaY4InP8vdOzqNVPxUY8bo
JasS8lb5Xo4eZQ2Rxr/U++2bB5ksxIozEqSVyFv1asWigIFLwrqzXbV3KhyNO3KJ
l0ucB73BqEg7L+0d
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:36:19 2025 by rpki-client