Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/3aec71-ca17-4ec5-87a7-ee7a20569b83/1/6LczYu9ryKjTocWYecYUFUv673o.roa
File: 6LczYu9ryKjTocWYecYUFUv673o.roa (raw, json)
Hash identifier: tjb/z4zkMDQBH6/Vrji53BKdyb6GsDIQMh6du73aM0A=
Subject key identifier: E8:B7:33:62:EF:6B:C8:A8:D3:A1:C5:98:79:C6:14:15:4B:FA:EF:7A
Certificate issuer: /CN=65415a1763fe005b0139b014c6e575d5f9b2a504
Certificate serial: 0194214423E4FFBA7585DD74BBFF2267BC82
Authority key identifier: 65:41:5A:17:63:FE:00:5B:01:39:B0:14:C6:E5:75:D5:F9:B2:A5:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZUFaF2P-AFsBObAUxuV11fmypQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/3aec71-ca17-4ec5-87a7-ee7a20569b83/1/6LczYu9ryKjTocWYecYUFUv673o.roa
Signing time: Wed 01 Jan 2025 09:48:21 +0000
ROA not before: Wed 01 Jan 2025 09:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24577
IP address blocks: 176.120.120.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:23:e4:ff:ba:75:85:dd:74:bb:ff:22:67:bc:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65415a1763fe005b0139b014c6e575d5f9b2a504
Validity
Not Before: Jan 1 09:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e8b73362ef6bc8a8d3a1c59879c614154bfaef7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:dc:c9:95:89:2d:60:8b:28:06:4e:8c:6c:ce:
e3:10:be:a1:e5:cc:70:d5:27:4f:fe:03:4d:5e:23:
80:94:69:c3:53:81:29:2f:ea:b9:75:10:57:1b:46:
8a:66:57:c1:f0:5a:be:e2:ed:57:58:b8:67:f1:85:
da:a3:3f:92:8c:42:d2:af:1b:fc:5d:28:8a:92:a0:
66:76:bc:26:08:19:28:0e:60:12:fd:e0:c6:15:1d:
18:fd:fc:3d:c9:50:4f:a7:e0:7c:ec:24:8b:35:bf:
49:b7:6b:2e:f0:c7:34:fb:3e:9b:ad:9f:d7:1e:2e:
aa:c7:d2:e5:72:9b:68:d0:69:b9:32:5d:14:22:17:
60:91:f3:09:97:c7:27:cd:c7:36:e5:69:59:1b:04:
75:c3:79:ac:e8:47:df:3d:dc:a6:fc:dd:cd:3f:56:
cf:07:df:8a:e0:d8:d2:bc:97:1c:75:83:ce:49:c9:
f3:a3:c5:bc:5e:8d:b6:e2:77:37:29:f6:09:77:ed:
d4:09:19:06:6e:2c:54:6b:16:1d:cf:a5:08:1f:83:
e8:04:f7:70:a9:8d:6e:1e:ce:c3:71:ad:8b:33:cf:
2c:04:7d:ad:cd:63:12:63:42:df:12:30:12:d8:df:
06:37:d1:3b:6f:7f:b2:33:1e:0c:d5:e2:38:e5:66:
02:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:B7:33:62:EF:6B:C8:A8:D3:A1:C5:98:79:C6:14:15:4B:FA:EF:7A
X509v3 Authority Key Identifier:
keyid:65:41:5A:17:63:FE:00:5B:01:39:B0:14:C6:E5:75:D5:F9:B2:A5:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZUFaF2P-AFsBObAUxuV11fmypQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/3aec71-ca17-4ec5-87a7-ee7a20569b83/1/6LczYu9ryKjTocWYecYUFUv673o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/3aec71-ca17-4ec5-87a7-ee7a20569b83/1/ZUFaF2P-AFsBObAUxuV11fmypQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.120.120.0/21
Signature Algorithm: sha256WithRSAEncryption
9d:81:91:26:dd:64:a3:56:4b:d4:90:e8:e9:1c:ed:22:35:81:
a4:f3:85:6a:8d:20:4d:65:55:28:36:a9:61:25:b2:3f:5c:18:
8a:9f:66:61:2c:7e:13:63:d9:7c:df:25:b3:56:e3:b3:af:5a:
28:2b:80:2e:e9:d0:ce:e0:a5:ed:95:fe:db:5d:a7:35:73:78:
07:2c:f9:2e:d2:17:14:5f:db:3d:93:26:92:13:f3:95:03:a0:
e0:ba:72:8b:21:22:fe:58:65:bf:c4:0b:66:29:9d:d0:74:58:
ac:7a:3b:4f:a9:19:d7:c9:4a:90:b7:3c:e2:c5:7e:df:6d:05:
fd:6b:5d:c4:25:61:6f:ee:a5:64:fd:01:0d:79:6c:ce:5d:99:
04:9b:04:74:56:30:44:b5:93:22:b9:45:a9:b0:58:ab:8e:40:
1a:6a:f3:69:66:3f:70:1e:e3:3a:9c:87:d3:7b:1a:0a:f9:96:
b6:1c:f8:3f:cb:42:95:fd:99:4a:d5:74:13:b5:2c:76:3a:85:
8b:c2:47:f2:aa:c4:d8:52:b8:a6:09:fc:9c:0d:da:de:3d:c1:
9f:3b:df:ea:81:9a:16:f3:4d:60:0c:c1:b8:50:9c:ec:ae:42:
10:06:2e:51:15:e8:0b:f8:f9:1e:16:8f:c6:f3:b0:0a:1a:08:
fe:cb:63:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRCPk/7p1hd10u/8iZ7yCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NDE1YTE3NjNmZTAwNWIwMTM5YjAxNGM2ZTU3NWQ1Zjli
MmE1MDQwHhcNMjUwMTAxMDk0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGI3MzM2MmVmNmJjOGE4ZDNhMWM1OTg3OWM2MTQxNTRiZmFlZjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NzJlYktYIsoBk6MbM7jEL6h5cxw
1SdP/gNNXiOAlGnDU4EpL+q5dRBXG0aKZlfB8Fq+4u1XWLhn8YXaoz+SjELSrxv8
XSiKkqBmdrwmCBkoDmAS/eDGFR0Y/fw9yVBPp+B87CSLNb9Jt2su8Mc0+z6brZ/X
Hi6qx9Llcpto0Gm5Ml0UIhdgkfMJl8cnzcc25WlZGwR1w3ms6EffPdym/N3NP1bP
B9+K4NjSvJccdYPOScnzo8W8Xo224nc3KfYJd+3UCRkGbixUaxYdz6UIH4PoBPdw
qY1uHs7Dca2LM88sBH2tzWMSY0LfEjAS2N8GN9E7b3+yMx4M1eI45WYCdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOi3M2Lva8io06HFmHnGFBVL+u96MB8GA1UdIwQY
MBaAFGVBWhdj/gBbATmwFMblddX5sqUEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlVGYUYyUC1BRnNCT2JBVXh1VjExZm15cFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8zYWVjNzEtY2ExNy00ZWM1LTg3YTct
ZWU3YTIwNTY5YjgzLzEvNkxjell1OXJ5S2pUb2NXWWVjWVVGVXY2NzNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8zYWVjNzEtY2ExNy00ZWM1LTg3YTctZWU3YTIwNTY5Yjgz
LzEvWlVGYUYyUC1BRnNCT2JBVXh1VjExZm15cFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsHh4MA0G
CSqGSIb3DQEBCwUAA4IBAQCdgZEm3WSjVkvUkOjpHO0iNYGk84VqjSBNZVUoNqlh
JbI/XBiKn2ZhLH4TY9l83yWzVuOzr1ooK4Au6dDO4KXtlf7bXac1c3gHLPku0hcU
X9s9kyaSE/OVA6DgunKLISL+WGW/xAtmKZ3QdFisejtPqRnXyUqQtzzixX7fbQX9
a13EJWFv7qVk/QENeWzOXZkEmwR0VjBEtZMiuUWpsFirjkAaavNpZj9wHuM6nIfT
exoK+Za2HPg/y0KV/ZlK1XQTtSx2OoWLwkfyqsTYUrimCfycDdrePcGfO9/qgZoW
801gDMG4UJzsrkIQBi5RFegL+PkeFo/G87AKGgj+y2O7
-----END CERTIFICATE-----
Generated at Sat Apr 26 02:09:28 2025 by rpki-client