Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/62584a-47ce-4aa8-8992-5ba756e78869/1/zxcUujcSrD8SI1LnYGJEIzlJLRs.roa
File: zxcUujcSrD8SI1LnYGJEIzlJLRs.roa (raw, json)
Hash identifier: 9DpZ6fCwMNxgzvUI8W4qG2/5GfqMuaNy171SPmB26NM=
Subject key identifier: CF:17:14:BA:37:12:AC:3F:12:23:52:E7:60:62:44:23:39:49:2D:1B
Certificate issuer: /CN=7367c490447f5045c02367db8d21b4e08749fa76
Certificate serial: 0194221F772EA310C2AAB1553D868987C392
Authority key identifier: 73:67:C4:90:44:7F:50:45:C0:23:67:DB:8D:21:B4:E0:87:49:FA:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c2fEkER_UEXAI2fbjSG04IdJ-nY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/62584a-47ce-4aa8-8992-5ba756e78869/1/zxcUujcSrD8SI1LnYGJEIzlJLRs.roa
Signing time: Wed 01 Jan 2025 13:47:54 +0000
ROA not before: Wed 01 Jan 2025 13:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57827
IP address blocks: 176.108.176.0/23 maxlen: 24
176.108.178.0/23 maxlen: 24
176.108.180.0/23 maxlen: 24
176.108.182.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:77:2e:a3:10:c2:aa:b1:55:3d:86:89:87:c3:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7367c490447f5045c02367db8d21b4e08749fa76
Validity
Not Before: Jan 1 13:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf1714ba3712ac3f122352e76062442339492d1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:91:24:9d:04:b9:6d:ae:ea:e6:5c:a7:ec:a6:
7b:1d:88:b0:43:7b:0d:6a:7b:eb:af:64:66:36:a7:
15:51:9e:95:59:ce:f3:f7:b5:a9:a1:17:9c:f1:f1:
89:32:65:6e:fc:34:2a:23:cf:19:d0:00:e9:53:58:
7c:c7:f9:50:0d:31:3c:99:ab:70:40:b7:39:0d:27:
8a:cc:d4:8f:00:4f:5b:35:53:82:68:a2:01:8c:0b:
60:86:eb:37:c3:13:7d:22:f7:54:36:89:2c:9b:9c:
cc:97:83:f4:d8:e1:f7:87:85:78:d5:ef:cc:71:10:
5d:f2:35:8b:40:0c:54:d3:58:d6:b7:69:b8:6c:09:
ed:ce:d9:c4:47:3a:a7:1d:70:f9:77:7c:fb:88:05:
e3:88:33:2c:2b:ab:2f:aa:14:a0:4f:fc:ed:c1:62:
65:12:b6:51:f6:e3:32:da:44:14:50:80:5a:6e:dc:
0f:d0:a3:74:e7:c4:16:34:ff:d4:f3:ba:19:49:5b:
79:81:82:89:f6:c4:78:78:a4:18:3f:1d:64:54:fc:
22:21:72:22:6f:d1:8a:c4:57:89:27:9d:d4:bb:97:
d8:96:58:34:2d:97:a8:4c:e0:2e:8e:a8:90:20:28:
bb:d3:a6:26:5c:b6:b7:97:59:35:78:e9:d2:7e:f0:
1d:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:17:14:BA:37:12:AC:3F:12:23:52:E7:60:62:44:23:39:49:2D:1B
X509v3 Authority Key Identifier:
keyid:73:67:C4:90:44:7F:50:45:C0:23:67:DB:8D:21:B4:E0:87:49:FA:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2fEkER_UEXAI2fbjSG04IdJ-nY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/62584a-47ce-4aa8-8992-5ba756e78869/1/zxcUujcSrD8SI1LnYGJEIzlJLRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/62584a-47ce-4aa8-8992-5ba756e78869/1/c2fEkER_UEXAI2fbjSG04IdJ-nY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.108.176.0/21
Signature Algorithm: sha256WithRSAEncryption
7f:3c:d6:87:98:75:05:71:7e:e0:f7:b0:7f:6d:b6:30:d8:29:
51:f9:9e:4e:49:72:2f:1b:d5:7c:8c:ff:5b:25:90:85:ad:8c:
bb:bf:8d:a7:00:32:7d:ad:0a:15:99:45:3b:c5:b5:5d:5e:8c:
9b:52:d2:0a:7e:3c:84:52:6e:aa:9d:95:4d:f1:ea:e2:1e:69:
33:54:2b:b4:76:19:11:e5:de:05:f3:b4:f2:69:c5:28:f2:4d:
cf:4a:d4:a1:1d:c8:ed:e4:a7:c9:b2:62:e6:5f:30:9b:64:6f:
31:4f:4d:37:59:e7:97:34:7f:c4:96:5e:aa:b9:60:d3:1f:36:
e9:50:c3:10:e4:ea:3f:ae:91:75:d1:09:8b:c6:68:9f:8d:9f:
75:59:d6:1b:2c:42:7d:94:ff:e4:ea:ff:e2:a5:ca:cb:08:4e:
09:88:cc:24:7c:85:ab:b6:f2:ba:e5:75:15:48:d6:0f:91:0c:
3c:4e:09:ee:cc:07:18:7c:5c:3f:23:5d:c6:e9:7a:4e:98:0f:
82:7d:72:d1:d4:2b:a9:47:9d:4c:1c:79:6e:0c:e9:62:5c:c7:
ea:4a:15:5e:c5:27:56:6d:0d:fe:15:e1:28:67:1d:54:03:a4:
72:b5:6c:c6:ba:58:b3:df:ac:4a:5b:d8:d3:8c:25:14:2a:b5:
a0:60:5e:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH3cuoxDCqrFVPYaJh8OSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczNjdjNDkwNDQ3ZjUwNDVjMDIzNjdkYjhkMjFiNGUwODc0
OWZhNzYwHhcNMjUwMTAxMTM0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjE3MTRiYTM3MTJhYzNmMTIyMzUyZTc2MDYyNDQyMzM5NDkyZDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJEknQS5ba7q5lyn7KZ7HYiwQ3sN
anvrr2RmNqcVUZ6VWc7z97WpoRec8fGJMmVu/DQqI88Z0ADpU1h8x/lQDTE8matw
QLc5DSeKzNSPAE9bNVOCaKIBjAtghus3wxN9IvdUNoksm5zMl4P02OH3h4V41e/M
cRBd8jWLQAxU01jWt2m4bAntztnERzqnHXD5d3z7iAXjiDMsK6svqhSgT/ztwWJl
ErZR9uMy2kQUUIBabtwP0KN058QWNP/U87oZSVt5gYKJ9sR4eKQYPx1kVPwiIXIi
b9GKxFeJJ53Uu5fYllg0LZeoTOAujqiQICi706YmXLa3l1k1eOnSfvAdfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM8XFLo3Eqw/EiNS52BiRCM5SS0bMB8GA1UdIwQY
MBaAFHNnxJBEf1BFwCNn240htOCHSfp2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzJmRWtFUl9VRVhBSTJmYmpTRzA0SWRKLW5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS82MjU4NGEtNDdjZS00YWE4LTg5OTIt
NWJhNzU2ZTc4ODY5LzEvenhjVXVqY1NyRDhTSTFMbllHSkVJemxKTFJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS82MjU4NGEtNDdjZS00YWE4LTg5OTItNWJhNzU2ZTc4ODY5
LzEvYzJmRWtFUl9VRVhBSTJmYmpTRzA0SWRKLW5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsGywMA0G
CSqGSIb3DQEBCwUAA4IBAQB/PNaHmHUFcX7g97B/bbYw2ClR+Z5OSXIvG9V8jP9b
JZCFrYy7v42nADJ9rQoVmUU7xbVdXoybUtIKfjyEUm6qnZVN8eriHmkzVCu0dhkR
5d4F87TyacUo8k3PStShHcjt5KfJsmLmXzCbZG8xT003WeeXNH/Ell6quWDTHzbp
UMMQ5Oo/rpF10QmLxmifjZ91WdYbLEJ9lP/k6v/ipcrLCE4JiMwkfIWrtvK65XUV
SNYPkQw8TgnuzAcYfFw/I13G6XpOmA+CfXLR1CupR51MHHluDOliXMfqShVexSdW
bQ3+FeEoZx1UA6RytWzGuliz36xKW9jTjCUUKrWgYF5b
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:31:28 2025 by rpki-client