Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/Z8F8LaVAH1X1z0GrFD9zjtYBUHM.roa
File: Z8F8LaVAH1X1z0GrFD9zjtYBUHM.roa (raw, json)
Hash identifier: PjaS7pkJHF8AkVCk3qTrzlLnBSIPCF/w4lam5MBO7+M=
Subject key identifier: 67:C1:7C:2D:A5:40:1F:55:F5:CF:41:AB:14:3F:73:8E:D6:01:50:73
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 019427B61B9A9194228AA00F47BFD8890952
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/Z8F8LaVAH1X1z0GrFD9zjtYBUHM.roa
Signing time: Thu 02 Jan 2025 15:50:33 +0000
ROA not before: Thu 02 Jan 2025 15:50:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205577
IP address blocks: 147.234.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:1b:9a:91:94:22:8a:a0:0f:47:bf:d8:89:09:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Jan 2 15:50:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67c17c2da5401f55f5cf41ab143f738ed6015073
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:75:5f:ef:ae:95:25:6a:4b:5c:c5:92:1c:30:
da:1a:82:f9:57:25:e6:12:77:b9:3a:00:3c:02:77:
9a:d0:af:50:fd:b0:57:68:f2:a9:0f:6f:a4:3e:62:
ca:49:7b:9e:80:2b:b9:91:7e:bf:fb:e6:35:cf:18:
dc:03:dd:96:6a:31:51:70:36:eb:3c:7f:ba:fd:53:
ed:80:5b:e3:79:0c:3b:14:ec:40:62:21:17:0f:11:
0c:9b:e6:88:ba:5a:ec:ff:3f:f5:e0:29:d1:d9:44:
ec:c0:96:72:4b:7d:5a:3d:ef:bf:b5:30:aa:44:f0:
85:93:81:6e:73:c1:75:1a:b5:81:9a:6d:52:a1:e8:
12:ec:54:b8:3c:75:b6:36:17:a5:34:b1:59:92:c1:
7e:31:78:ca:db:37:f4:41:b0:8c:90:53:b9:fd:50:
09:fd:fd:ea:8e:2e:7c:8a:d6:fb:36:c2:11:57:83:
e8:ce:66:18:94:3c:b0:c1:43:22:a5:98:24:aa:8c:
dc:86:15:ac:bd:e2:b5:81:84:d1:4f:3b:c3:c2:9b:
94:5c:86:0b:83:2e:c5:b9:c0:09:2a:ee:0f:67:eb:
bb:53:e7:71:72:3b:59:bf:82:5b:84:72:2b:a7:d6:
84:f8:3d:2b:c8:d7:40:b9:f3:3f:73:72:29:8f:e3:
6a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:C1:7C:2D:A5:40:1F:55:F5:CF:41:AB:14:3F:73:8E:D6:01:50:73
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/Z8F8LaVAH1X1z0GrFD9zjtYBUHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.234.20.0/24
Signature Algorithm: sha256WithRSAEncryption
74:76:d8:9c:16:aa:d4:60:3a:74:59:aa:8b:36:fc:65:c2:25:
ad:34:45:9b:4b:21:a9:39:a9:f1:cb:69:98:22:c5:fa:97:53:
92:eb:1c:70:d8:8a:3b:2e:bb:a5:2f:a1:66:3c:04:7e:5e:f7:
28:8c:09:37:17:6c:80:2f:42:da:c3:6d:ea:04:ec:29:1f:d9:
34:47:63:a5:0b:32:97:fa:5f:2b:df:40:84:14:e7:46:11:ff:
e8:3b:2a:af:75:7c:61:5e:f5:97:8a:6f:6a:ea:19:68:7c:3c:
84:f4:83:e8:34:19:17:ff:80:8e:f6:7e:9d:a1:34:0e:4d:95:
09:fe:6b:96:31:a3:48:cc:41:8b:f7:9d:72:f5:94:09:87:da:
62:f1:c2:20:10:ac:d9:8d:d3:20:f1:ac:52:47:60:7a:d3:6c:
ba:5b:6e:8b:84:ac:f7:68:93:1d:71:d9:7a:f3:50:ae:99:42:
e3:96:0d:f2:d3:56:c6:40:48:08:d8:4b:b9:36:06:df:71:4f:
33:1a:8b:36:ab:41:73:bd:8b:30:8d:13:68:45:21:13:41:60:
e3:cf:79:de:84:80:7c:0c:fe:43:a2:36:89:be:fd:13:93:0f:
58:6d:3b:f6:0f:f6:87:c5:87:7d:df:ad:5f:90:eb:47:a5:1b:
55:0c:b3:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnthuakZQiiqAPR7/YiQlSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjUwMTAyMTU1MDMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2MxN2MyZGE1NDAxZjU1ZjVjZjQxYWIxNDNmNzM4ZWQ2MDE1MDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXVf766VJWpLXMWSHDDaGoL5VyXm
Ene5OgA8Anea0K9Q/bBXaPKpD2+kPmLKSXuegCu5kX6/++Y1zxjcA92WajFRcDbr
PH+6/VPtgFvjeQw7FOxAYiEXDxEMm+aIulrs/z/14CnR2UTswJZyS31aPe+/tTCq
RPCFk4Fuc8F1GrWBmm1SoegS7FS4PHW2NhelNLFZksF+MXjK2zf0QbCMkFO5/VAJ
/f3qji58itb7NsIRV4PozmYYlDywwUMipZgkqozchhWsveK1gYTRTzvDwpuUXIYL
gy7FucAJKu4PZ+u7U+dxcjtZv4JbhHIrp9aE+D0ryNdAufM/c3Ipj+Nq5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGfBfC2lQB9V9c9BqxQ/c47WAVBzMB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvWjhGOExhVkFIMVgxejBHckZEOXpqdFlCVUhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk+oUMA0G
CSqGSIb3DQEBCwUAA4IBAQB0dticFqrUYDp0WaqLNvxlwiWtNEWbSyGpOanxy2mY
IsX6l1OS6xxw2Io7LrulL6FmPAR+XvcojAk3F2yAL0Law23qBOwpH9k0R2OlCzKX
+l8r30CEFOdGEf/oOyqvdXxhXvWXim9q6hlofDyE9IPoNBkX/4CO9n6doTQOTZUJ
/muWMaNIzEGL951y9ZQJh9pi8cIgEKzZjdMg8axSR2B602y6W26LhKz3aJMdcdl6
81CumULjlg3y01bGQEgI2Eu5NgbfcU8zGos2q0FzvYswjRNoRSETQWDjz3nehIB8
DP5DojaJvv0Tkw9YbTv2D/aHxYd9361fkOtHpRtVDLMo
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:51:02 2025 by rpki-client