Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/dzbLc6uYe7Gww1_m-N9lw3x5D_Y.roa
File: dzbLc6uYe7Gww1_m-N9lw3x5D_Y.roa (raw, json)
Hash identifier: 3aH1q2OfKdDdgWCJ01ecVfmxWYXk1M0YRttiGmeQ/EA=
Subject key identifier: 77:36:CB:73:AB:98:7B:B1:B0:C3:5F:E6:F8:DF:65:C3:7C:79:0F:F6
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 01942747EF0BBB934CC332345253217916F0
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/dzbLc6uYe7Gww1_m-N9lw3x5D_Y.roa
Signing time: Thu 02 Jan 2025 13:50:13 +0000
ROA not before: Thu 02 Jan 2025 13:50:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44718
IP address blocks: 83.228.86.0/24 maxlen: 24
83.228.87.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:ef:0b:bb:93:4c:c3:32:34:52:53:21:79:16:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 2 13:50:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7736cb73ab987bb1b0c35fe6f8df65c37c790ff6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c9:ec:27:a1:ba:36:fd:a1:9a:7f:a8:fe:57:
aa:8a:2f:d8:42:94:cd:63:ee:81:bf:ed:eb:2b:f5:
8a:95:9a:81:11:15:2e:03:4d:49:16:a3:ed:2e:10:
4a:f1:b8:b1:c4:95:8a:1e:46:a4:ac:2c:03:a7:97:
a8:60:4a:98:e9:54:c7:08:a5:6b:28:4f:bf:e4:91:
ee:02:4b:0d:76:c7:f8:85:20:88:c5:5b:af:ba:64:
44:ad:38:f0:c9:6f:67:bf:86:66:29:d3:f1:1f:81:
db:8b:fd:0e:d5:fa:88:28:8b:70:fa:c1:dd:8f:c3:
cd:c1:9e:dc:b3:21:0c:af:58:79:6d:33:55:69:5a:
8b:37:76:68:74:56:8a:f0:88:fa:44:d2:56:b5:42:
a1:a8:b3:fc:b2:8c:cd:02:0d:80:33:88:e3:5d:a8:
6e:ac:fc:98:4b:6c:e1:0e:eb:b8:aa:4d:0d:3b:b0:
b3:99:f9:c1:5c:94:14:b7:d2:f9:85:ae:84:83:4f:
21:c9:ef:f0:6d:3a:61:8e:1c:da:78:a8:13:fe:65:
d3:a6:39:a7:f2:0a:1c:0f:67:76:6b:f2:6f:1f:f4:
27:89:ac:af:45:07:40:31:8b:79:42:3b:aa:82:f7:
68:e6:23:d3:bc:12:ba:51:02:87:3e:42:a4:94:fd:
fa:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:36:CB:73:AB:98:7B:B1:B0:C3:5F:E6:F8:DF:65:C3:7C:79:0F:F6
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/dzbLc6uYe7Gww1_m-N9lw3x5D_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.228.86.0/23
Signature Algorithm: sha256WithRSAEncryption
46:96:ea:99:15:1b:48:9d:fd:74:6b:d0:7d:47:71:ed:42:25:
e9:05:d6:a1:ac:87:6a:41:ba:2d:91:ba:1a:d5:23:d7:29:8d:
80:cc:3c:6b:ee:30:b6:7a:2f:b3:27:68:43:e4:6f:48:63:bd:
65:8b:f6:a1:d6:43:53:1c:6d:ef:65:d5:04:47:ac:98:e7:e9:
20:a0:95:cd:6e:47:b8:8b:09:df:d0:d4:17:b9:c5:d8:32:0c:
d6:89:cf:b4:b1:fc:57:d7:74:37:76:14:2d:71:ff:48:d5:da:
43:7e:7c:f0:c2:a6:98:b8:2a:69:71:6e:3f:31:15:5b:b9:2e:
c1:a6:cf:5e:4f:e9:db:95:42:2b:10:c2:9d:b1:d7:1a:70:37:
49:8a:ff:af:71:c3:ed:52:9c:b0:ab:9a:e1:d6:39:3a:b8:c6:
ca:01:d8:2d:9d:96:cc:cc:e3:7a:d3:e8:2d:19:0a:47:0a:91:
ea:78:7d:57:09:5e:fc:d0:fa:df:15:ae:0b:d6:af:18:6a:13:
7f:14:5a:88:2e:3b:64:97:f4:00:7d:f6:38:26:8c:2a:c1:05:
a1:50:7c:15:e7:cc:f1:90:1f:89:e0:bb:0d:3a:53:11:df:ba:
03:e7:47:33:59:6e:d1:45:25:47:2e:57:d0:63:f9:a0:a6:0d:
ad:8d:56:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR+8Lu5NMwzI0UlMheRbwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjUwMTAyMTM1MDEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzM2Y2I3M2FiOTg3YmIxYjBjMzVmZTZmOGRmNjVjMzdjNzkwZmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxcnsJ6G6Nv2hmn+o/leqii/YQpTN
Y+6Bv+3rK/WKlZqBERUuA01JFqPtLhBK8bixxJWKHkakrCwDp5eoYEqY6VTHCKVr
KE+/5JHuAksNdsf4hSCIxVuvumRErTjwyW9nv4ZmKdPxH4Hbi/0O1fqIKItw+sHd
j8PNwZ7csyEMr1h5bTNVaVqLN3ZodFaK8Ij6RNJWtUKhqLP8sozNAg2AM4jjXahu
rPyYS2zhDuu4qk0NO7CzmfnBXJQUt9L5ha6Eg08hye/wbTphjhzaeKgT/mXTpjmn
8gocD2d2a/JvH/QniayvRQdAMYt5Qjuqgvdo5iPTvBK6UQKHPkKklP36/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHc2y3OrmHuxsMNf5vjfZcN8eQ/2MB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvZHpiTGM2dVllN0d3dzFfbS1OOWx3M3g1RF9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBU+RWMA0G
CSqGSIb3DQEBCwUAA4IBAQBGluqZFRtInf10a9B9R3HtQiXpBdahrIdqQbotkboa
1SPXKY2AzDxr7jC2ei+zJ2hD5G9IY71li/ah1kNTHG3vZdUER6yY5+kgoJXNbke4
iwnf0NQXucXYMgzWic+0sfxX13Q3dhQtcf9I1dpDfnzwwqaYuCppcW4/MRVbuS7B
ps9eT+nblUIrEMKdsdcacDdJiv+vccPtUpywq5rh1jk6uMbKAdgtnZbMzON60+gt
GQpHCpHqeH1XCV780PrfFa4L1q8YahN/FFqILjtkl/QAffY4JowqwQWhUHwV58zx
kB+J4LsNOlMR37oD50czWW7RRSVHLlfQY/mgpg2tjVYr
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:42:27 2025 by rpki-client