Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/ZFFTSBF1NQ53TJQyiivhv4BruEg.roa
File: ZFFTSBF1NQ53TJQyiivhv4BruEg.roa (raw, json)
Hash identifier: esbw11uLHSDej7o2u5hst3yF9WrjTIkF3AwgO1jVCEY=
Subject key identifier: 64:51:53:48:11:75:35:0E:77:4C:94:32:8A:2B:E1:BF:80:6B:B8:48
Certificate issuer: /CN=af734108705a95796e8577125dd300c751dfd9a8
Certificate serial: 0194206810AA462B135DE499CD385D6B8F8A
Authority key identifier: AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/ZFFTSBF1NQ53TJQyiivhv4BruEg.roa
Signing time: Wed 01 Jan 2025 05:47:58 +0000
ROA not before: Wed 01 Jan 2025 05:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34871
IP address blocks: 185.240.148.0/23 maxlen: 23
185.240.148.0/24 maxlen: 24
185.240.151.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:10:aa:46:2b:13:5d:e4:99:cd:38:5d:6b:8f:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af734108705a95796e8577125dd300c751dfd9a8
Validity
Not Before: Jan 1 05:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=645153481175350e774c94328a2be1bf806bb848
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:41:5a:39:16:12:6d:10:4f:7a:f4:29:5e:8f:
b6:f7:db:b3:b4:a8:f8:9a:1b:6b:ac:d2:f3:a4:37:
b5:3c:6e:f1:77:50:dc:fc:f5:dd:e0:99:57:0f:b1:
7d:5e:f2:c6:3f:0f:f6:93:f9:66:5d:da:b8:a9:6d:
f9:e9:07:68:ba:ae:dd:b5:40:af:cd:c2:e8:65:2e:
34:cd:80:e6:9d:2d:5a:f6:a1:49:90:5d:77:45:8b:
b5:f3:83:fb:eb:2d:6a:7f:f0:e8:1c:36:fd:33:7a:
61:50:04:f4:25:7f:8f:35:19:f0:76:07:2b:d8:96:
24:6e:b2:85:94:4f:dd:30:50:09:c0:4f:f1:26:77:
59:bc:12:55:85:a0:7c:ad:56:a2:d0:d8:cd:f2:cf:
b0:00:ac:db:bc:42:9e:36:15:0d:a1:62:3e:68:3a:
73:ca:e6:58:56:4a:6f:34:9d:b9:cc:61:3d:18:80:
92:3a:69:99:83:43:d1:81:7e:e0:14:c6:cf:32:59:
d6:a3:08:93:0e:dc:c9:ae:48:d0:85:76:b0:fc:04:
f6:1d:ea:75:15:7d:62:08:74:3f:a0:36:af:a5:b7:
69:71:ee:80:07:aa:c4:b0:fb:f7:77:34:d6:87:fe:
d5:17:0c:2a:7f:60:3e:f2:9a:75:f9:0b:8e:8d:dc:
9e:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:51:53:48:11:75:35:0E:77:4C:94:32:8A:2B:E1:BF:80:6B:B8:48
X509v3 Authority Key Identifier:
keyid:AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/ZFFTSBF1NQ53TJQyiivhv4BruEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/r3NBCHBalXluhXcSXdMAx1Hf2ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.148.0/23
185.240.151.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:f8:04:3b:b7:8c:2e:68:3c:7a:aa:6b:07:b7:34:d2:4f:f0:
76:8c:bf:ac:30:48:ab:91:54:71:dc:a5:a5:37:72:1c:c6:b1:
01:f9:12:99:31:93:81:f8:fa:cf:8b:43:d2:08:9c:62:62:36:
bd:79:ff:56:ed:4c:e5:17:ff:de:62:53:d1:2b:53:0d:2d:20:
ae:6f:e7:17:5d:38:85:d3:be:80:73:26:3d:55:60:55:68:ff:
09:9e:3c:f8:44:a1:9f:67:ef:e1:33:63:65:97:92:4b:5d:f7:
f8:da:65:39:58:fa:5b:c2:36:0b:e4:6f:ac:90:86:e8:4c:4a:
13:64:77:26:9b:76:70:48:44:2f:bf:80:e6:97:1b:cd:81:6b:
cf:ea:e0:6b:3e:60:b3:a1:63:ff:72:70:ae:ff:c7:5d:d0:0c:
04:e0:ad:c3:1c:51:d8:49:6d:4d:1e:72:c8:61:d8:3b:ad:ef:
31:fb:6c:39:87:c3:81:19:7c:a4:ae:6d:f7:21:77:0a:9e:de:
b9:85:10:05:5f:46:e6:52:f4:f4:21:46:dc:cf:f0:4f:24:6e:
98:4b:93:29:54:b1:d6:29:44:2c:37:e0:a7:fc:82:28:02:fa:
2e:82:b7:1b:5e:79:6e:e6:3b:9a:db:fd:93:34:ad:2d:51:ad:
7b:fe:14:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQgaBCqRisTXeSZzThda4+KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzM0MTA4NzA1YTk1Nzk2ZTg1NzcxMjVkZDMwMGM3NTFk
ZmQ5YTgwHhcNMjUwMTAxMDU0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDUxNTM0ODExNzUzNTBlNzc0Yzk0MzI4YTJiZTFiZjgwNmJiODQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3EFaORYSbRBPevQpXo+299uztKj4
mhtrrNLzpDe1PG7xd1Dc/PXd4JlXD7F9XvLGPw/2k/lmXdq4qW356Qdouq7dtUCv
zcLoZS40zYDmnS1a9qFJkF13RYu184P76y1qf/DoHDb9M3phUAT0JX+PNRnwdgcr
2JYkbrKFlE/dMFAJwE/xJndZvBJVhaB8rVai0NjN8s+wAKzbvEKeNhUNoWI+aDpz
yuZYVkpvNJ25zGE9GICSOmmZg0PRgX7gFMbPMlnWowiTDtzJrkjQhXaw/AT2Hep1
FX1iCHQ/oDavpbdpce6AB6rEsPv3dzTWh/7VFwwqf2A+8pp1+QuOjdye9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGRRU0gRdTUOd0yUMoor4b+Aa7hIMB8GA1UdIwQY
MBaAFK9zQQhwWpV5boV3El3TAMdR39moMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUt
MThkMWE0MDZhYWVkLzEvWkZGVFNCRjFOUTUzVEpReWlpdmh2NEJydUVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUtMThkMWE0MDZhYWVk
LzEvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBufCUAwQA
ufCXMA0GCSqGSIb3DQEBCwUAA4IBAQAb+AQ7t4wuaDx6qmsHtzTST/B2jL+sMEir
kVRx3KWlN3IcxrEB+RKZMZOB+PrPi0PSCJxiYja9ef9W7UzlF//eYlPRK1MNLSCu
b+cXXTiF076AcyY9VWBVaP8Jnjz4RKGfZ+/hM2Nll5JLXff42mU5WPpbwjYL5G+s
kIboTEoTZHcmm3ZwSEQvv4DmlxvNgWvP6uBrPmCzoWP/cnCu/8dd0AwE4K3DHFHY
SW1NHnLIYdg7re8x+2w5h8OBGXykrm33IXcKnt65hRAFX0bmUvT0IUbcz/BPJG6Y
S5MpVLHWKUQsN+Cn/IIoAvougrcbXnlu5jua2/2TNK0tUa17/hQb
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:32:51 2025 by rpki-client