Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/b3ce1b-f1f7-40cb-b3d0-6d20f5c197f6/1/zyLhO2pA8EoiaCGmhzCvFXO3PZQ.roa
File: zyLhO2pA8EoiaCGmhzCvFXO3PZQ.roa (raw, json)
Hash identifier: zOCqTwjJOxNebqI94cAaf6aPymCO5NPJ+zXjaPobnkw=
Subject key identifier: CF:22:E1:3B:6A:40:F0:4A:22:68:21:A6:87:30:AF:15:73:B7:3D:94
Certificate issuer: /CN=09b0110ae4b81794a508831fcb5edcc8d5fd2f1b
Certificate serial: 019426D969E1F406C76FE39771AE490E920A
Authority key identifier: 09:B0:11:0A:E4:B8:17:94:A5:08:83:1F:CB:5E:DC:C8:D5:FD:2F:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CbARCuS4F5SlCIMfy17cyNX9Lxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/b3ce1b-f1f7-40cb-b3d0-6d20f5c197f6/1/zyLhO2pA8EoiaCGmhzCvFXO3PZQ.roa
Signing time: Thu 02 Jan 2025 11:49:29 +0000
ROA not before: Thu 02 Jan 2025 11:49:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212807
IP address blocks: 194.15.40.0/24 maxlen: 24
194.15.41.0/24 maxlen: 24
194.15.42.0/24 maxlen: 24
2a0f:7480::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:69:e1:f4:06:c7:6f:e3:97:71:ae:49:0e:92:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09b0110ae4b81794a508831fcb5edcc8d5fd2f1b
Validity
Not Before: Jan 2 11:49:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf22e13b6a40f04a226821a68730af1573b73d94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:60:7e:7d:1d:d0:ed:44:57:a7:c9:5d:5e:f8:
0b:09:05:3f:bb:95:8d:2a:bf:6a:3d:56:f5:18:c9:
3f:10:fe:cb:d8:1c:ed:c2:79:69:1b:10:d4:88:4a:
83:15:e3:ef:32:0f:ff:85:fa:f5:08:d1:8f:9d:ae:
bd:41:0e:83:e0:0a:2a:9a:1d:ca:e8:1e:e6:4b:20:
07:f0:54:04:64:00:02:34:17:65:bb:4a:41:3f:32:
bb:c0:89:5d:36:aa:4c:d3:76:08:cf:2b:ac:03:5a:
fc:3a:8a:64:cd:0e:1b:0a:b1:52:69:09:51:ce:4d:
f2:ba:c0:04:3d:d4:e8:14:5d:58:ff:62:2e:01:0c:
ac:11:52:08:a5:b3:a6:e8:7a:25:f8:aa:43:3d:d4:
58:7b:0f:bf:64:61:9e:33:24:7c:5b:6a:e9:00:c0:
c3:3a:34:6f:ee:ec:18:c1:13:d6:03:bc:61:c1:46:
f3:0f:fc:56:1d:14:5c:c6:21:ab:60:9f:68:f0:90:
52:a0:86:71:6e:27:53:c4:67:52:fd:43:df:a1:6a:
63:7c:57:b7:20:e5:0a:02:95:22:66:0b:48:6a:51:
f1:11:a9:10:57:32:f5:29:38:27:84:88:36:cd:c0:
82:11:1d:fd:ec:f2:d6:6a:e4:0f:b4:2f:42:be:de:
39:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:22:E1:3B:6A:40:F0:4A:22:68:21:A6:87:30:AF:15:73:B7:3D:94
X509v3 Authority Key Identifier:
keyid:09:B0:11:0A:E4:B8:17:94:A5:08:83:1F:CB:5E:DC:C8:D5:FD:2F:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CbARCuS4F5SlCIMfy17cyNX9Lxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b3ce1b-f1f7-40cb-b3d0-6d20f5c197f6/1/zyLhO2pA8EoiaCGmhzCvFXO3PZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b3ce1b-f1f7-40cb-b3d0-6d20f5c197f6/1/CbARCuS4F5SlCIMfy17cyNX9Lxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.15.40.0-194.15.42.255
IPv6:
2a0f:7480::/29
Signature Algorithm: sha256WithRSAEncryption
43:c5:5a:57:a0:51:89:e2:2e:3c:18:8c:b5:0f:6a:c6:7a:4d:
e9:c5:e3:a9:4f:f4:7e:66:fd:3c:73:65:85:1d:70:b6:a1:35:
a8:60:80:7e:01:8a:f3:7d:4c:cc:f9:ce:7d:b1:ac:aa:c1:8f:
6a:07:60:59:6a:31:a8:be:0d:0c:bf:61:31:78:75:9e:85:09:
12:ab:69:ea:a8:c8:29:04:71:9f:de:6a:17:2a:6e:ee:9b:fc:
08:fc:92:2c:4c:b1:41:8a:49:dd:cb:cc:45:90:24:14:1b:cf:
7d:d9:8d:9c:7f:aa:82:77:e7:41:0f:ef:17:dc:4c:7e:f5:e7:
1a:21:b5:ff:af:31:51:3b:d2:3c:62:60:6e:c9:f7:cd:fb:1d:
eb:73:ce:19:93:ab:dd:03:65:82:a3:9d:60:79:55:df:a9:48:
82:0d:5d:c5:79:9d:7c:c2:fc:c9:55:b7:4d:9b:73:92:ea:29:
a6:d3:e5:2d:2b:69:e7:46:98:bc:fb:42:82:0d:4e:cb:3e:ed:
bc:a2:69:f0:d7:d4:25:bd:5e:e9:30:34:d4:6c:ba:03:88:f6:
6b:29:bd:ee:92:b1:06:92:30:06:58:d8:13:9c:df:8d:c2:34:
13:ee:f6:91:70:d5:2c:be:37:a5:02:ea:7c:80:7f:7f:15:19:
fb:dd:64:d9
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQm2Wnh9AbHb+OXca5JDpIKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5YjAxMTBhZTRiODE3OTRhNTA4ODMxZmNiNWVkY2M4ZDVm
ZDJmMWIwHhcNMjUwMTAyMTE0OTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjIyZTEzYjZhNDBmMDRhMjI2ODIxYTY4NzMwYWYxNTczYjczZDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2B+fR3Q7URXp8ldXvgLCQU/u5WN
Kr9qPVb1GMk/EP7L2BztwnlpGxDUiEqDFePvMg//hfr1CNGPna69QQ6D4Aoqmh3K
6B7mSyAH8FQEZAACNBdlu0pBPzK7wIldNqpM03YIzyusA1r8OopkzQ4bCrFSaQlR
zk3yusAEPdToFF1Y/2IuAQysEVIIpbOm6Hol+KpDPdRYew+/ZGGeMyR8W2rpAMDD
OjRv7uwYwRPWA7xhwUbzD/xWHRRcxiGrYJ9o8JBSoIZxbidTxGdS/UPfoWpjfFe3
IOUKApUiZgtIalHxEakQVzL1KTgnhIg2zcCCER397PLWauQPtC9Cvt458wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFM8i4TtqQPBKImghpocwrxVztz2UMB8GA1UdIwQY
MBaAFAmwEQrkuBeUpQiDH8te3MjV/S8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2JBUkN1UzRGNVNsQ0lNZnkxN2N5Tlg5THhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9iM2NlMWItZjFmNy00MGNiLWIzZDAt
NmQyMGY1YzE5N2Y2LzEvenlMaE8ycEE4RW9pYUNHbWh6Q3ZGWE8zUFpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9iM2NlMWItZjFmNy00MGNiLWIzZDAtNmQyMGY1YzE5N2Y2
LzEvQ2JBUkN1UzRGNVNsQ0lNZnkxN2N5Tlg5THhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAPCDygD
BADCDyowDQQCAAIwBwMFAyoPdIAwDQYJKoZIhvcNAQELBQADggEBAEPFWlegUYni
LjwYjLUPasZ6TenF46lP9H5m/TxzZYUdcLahNahggH4BivN9TMz5zn2xrKrBj2oH
YFlqMai+DQy/YTF4dZ6FCRKraeqoyCkEcZ/eahcqbu6b/Aj8kixMsUGKSd3LzEWQ
JBQbz33ZjZx/qoJ350EP7xfcTH715xohtf+vMVE70jxiYG7J9837HetzzhmTq90D
ZYKjnWB5Vd+pSIINXcV5nXzC/MlVt02bc5LqKabT5S0raedGmLz7QoINTss+7byi
afDX1CW9XukwNNRsugOI9mspve6SsQaSMAZY2BOc343CNBPu9pFw1Sy+N6UC6nyA
f38VGfvdZNk=
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:01:43 2025 by rpki-client