Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4c8eac-bdcb-4f0d-b2d8-ea41832ad172/1/zysotr6Zh0JowEPpxerhuN8FsPI.roa
File: zysotr6Zh0JowEPpxerhuN8FsPI.roa (raw, json)
Hash identifier: m7vcKgaxDGAMU/aHqkxYhIsxn/ZRzduC29i2UI0iCuM=
Subject key identifier: CF:2B:28:B6:BE:99:87:42:68:C0:43:E9:C5:EA:E1:B8:DF:05:B0:F2
Certificate issuer: /CN=656b53255e6c8fb76fac1ccb848fee45600b55f7
Certificate serial: 0194228E10EDF7022409565F0C841101E33D
Authority key identifier: 65:6B:53:25:5E:6C:8F:B7:6F:AC:1C:CB:84:8F:EE:45:60:0B:55:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZWtTJV5sj7dvrBzLhI_uRWALVfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4c8eac-bdcb-4f0d-b2d8-ea41832ad172/1/zysotr6Zh0JowEPpxerhuN8FsPI.roa
Signing time: Wed 01 Jan 2025 15:48:43 +0000
ROA not before: Wed 01 Jan 2025 15:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205718
IP address blocks: 185.229.196.0/22 maxlen: 22
2a09:c5c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:10:ed:f7:02:24:09:56:5f:0c:84:11:01:e3:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=656b53255e6c8fb76fac1ccb848fee45600b55f7
Validity
Not Before: Jan 1 15:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf2b28b6be99874268c043e9c5eae1b8df05b0f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:09:26:3f:67:cc:d1:bd:29:05:b2:72:17:2e:
75:39:28:e9:5e:4d:33:3a:6d:5c:b5:fd:92:9c:45:
5f:6f:17:ef:8d:fd:07:f3:ef:16:f1:13:f9:d8:89:
bb:38:33:70:7a:80:c0:54:3b:af:26:1b:b2:45:1c:
2e:c3:da:3d:1a:f1:e6:d3:99:ac:9d:1d:1e:d3:1b:
73:a3:d5:8c:5a:8e:61:53:b0:b1:d2:eb:00:57:77:
3b:0c:88:2e:d1:02:27:5e:9d:34:27:cd:10:73:da:
d7:6b:e9:6e:f0:f7:b2:c2:16:47:cd:96:42:ec:9e:
f7:ac:73:31:36:3b:cd:ef:74:99:c6:98:c2:f8:da:
da:9f:13:54:3b:96:7a:e3:76:ef:b1:1e:f9:46:84:
fa:06:23:f5:f4:31:7c:b0:94:3e:2d:a7:37:9c:11:
34:aa:dd:e6:e4:b5:12:4d:bd:e3:6c:f1:a2:01:22:
56:f7:bf:28:7f:bf:77:5e:36:6c:b8:e0:2c:cc:96:
3c:f6:75:39:22:32:46:7f:9a:f3:82:47:c3:c6:f2:
9d:80:f2:6d:c3:14:c9:4b:06:37:db:21:a1:62:b7:
af:f6:63:0c:4e:0e:59:87:22:ab:be:6d:ad:ae:dd:
1b:b1:08:b7:ac:1a:1a:2f:a3:07:6e:a8:02:ca:8a:
5b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:2B:28:B6:BE:99:87:42:68:C0:43:E9:C5:EA:E1:B8:DF:05:B0:F2
X509v3 Authority Key Identifier:
keyid:65:6B:53:25:5E:6C:8F:B7:6F:AC:1C:CB:84:8F:EE:45:60:0B:55:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZWtTJV5sj7dvrBzLhI_uRWALVfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4c8eac-bdcb-4f0d-b2d8-ea41832ad172/1/zysotr6Zh0JowEPpxerhuN8FsPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4c8eac-bdcb-4f0d-b2d8-ea41832ad172/1/ZWtTJV5sj7dvrBzLhI_uRWALVfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.196.0/22
IPv6:
2a09:c5c0::/32
Signature Algorithm: sha256WithRSAEncryption
29:f3:29:79:9d:d3:3f:ac:30:c7:2b:f5:5e:bb:d1:75:ec:51:
1b:c7:11:a5:0b:5f:ac:b8:e7:75:64:21:3f:93:09:d9:94:be:
f5:8b:fb:a9:ff:e0:cc:0a:fd:8f:9f:dd:ce:6b:a2:28:62:bd:
fa:83:08:87:ff:70:52:4b:2e:65:c7:bd:cb:60:ef:21:52:db:
09:48:fe:d9:95:5c:59:75:82:5f:7b:bd:2a:4b:72:0d:f1:2c:
99:66:6e:8a:da:b6:01:ae:5f:24:b9:93:97:3f:3a:89:31:1d:
60:7f:a1:2a:d2:80:e4:21:db:c1:b3:74:a9:73:b6:31:54:b8:
9a:63:7e:d6:64:3e:d0:67:da:74:ae:37:98:6f:71:36:8b:1d:
30:a4:d7:84:77:91:cd:74:fe:a7:38:98:bf:e2:6a:ba:a7:50:
bf:a4:8e:a6:2f:ee:10:2e:39:fc:8f:79:f7:df:5e:c1:d5:81:
29:0c:f7:1f:50:4a:af:cd:cb:a5:45:f3:be:40:44:ba:fd:24:
40:cc:17:10:2a:d1:f3:8c:71:5b:47:9a:8c:b3:fa:4e:fb:d4:
58:39:43:17:07:08:34:31:8e:4d:3d:a6:c7:4d:69:3b:5f:33:
82:4d:8a:a4:19:1e:2d:41:22:0b:e3:ba:90:e3:99:1a:ed:5e:
a6:b4:8e:b2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQijhDt9wIkCVZfDIQRAeM9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NmI1MzI1NWU2YzhmYjc2ZmFjMWNjYjg0OGZlZTQ1NjAw
YjU1ZjcwHhcNMjUwMTAxMTU0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjJiMjhiNmJlOTk4NzQyNjhjMDQzZTljNWVhZTFiOGRmMDViMGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwkmP2fM0b0pBbJyFy51OSjpXk0z
Om1ctf2SnEVfbxfvjf0H8+8W8RP52Im7ODNweoDAVDuvJhuyRRwuw9o9GvHm05ms
nR0e0xtzo9WMWo5hU7Cx0usAV3c7DIgu0QInXp00J80Qc9rXa+lu8PeywhZHzZZC
7J73rHMxNjvN73SZxpjC+NranxNUO5Z643bvsR75RoT6BiP19DF8sJQ+Lac3nBE0
qt3m5LUSTb3jbPGiASJW978of793XjZsuOAszJY89nU5IjJGf5rzgkfDxvKdgPJt
wxTJSwY32yGhYrev9mMMTg5ZhyKrvm2trt0bsQi3rBoaL6MHbqgCyopb2wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFM8rKLa+mYdCaMBD6cXq4bjfBbDyMB8GA1UdIwQY
MBaAFGVrUyVebI+3b6wcy4SP7kVgC1X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWld0VEpWNXNqN2R2ckJ6TGhJX3VSV0FMVmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YzhlYWMtYmRjYi00ZjBkLWIyZDgt
ZWE0MTgzMmFkMTcyLzEvenlzb3RyNlpoMEpvd0VQcHhlcmh1TjhGc1BJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YzhlYWMtYmRjYi00ZjBkLWIyZDgtZWE0MTgzMmFkMTcy
LzEvWld0VEpWNXNqN2R2ckJ6TGhJX3VSV0FMVmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCueXEMA0E
AgACMAcDBQAqCcXAMA0GCSqGSIb3DQEBCwUAA4IBAQAp8yl5ndM/rDDHK/Veu9F1
7FEbxxGlC1+suOd1ZCE/kwnZlL71i/up/+DMCv2Pn93Oa6IoYr36gwiH/3BSSy5l
x73LYO8hUtsJSP7ZlVxZdYJfe70qS3IN8SyZZm6K2rYBrl8kuZOXPzqJMR1gf6Eq
0oDkIdvBs3Spc7YxVLiaY37WZD7QZ9p0rjeYb3E2ix0wpNeEd5HNdP6nOJi/4mq6
p1C/pI6mL+4QLjn8j3n3317B1YEpDPcfUEqvzculRfO+QES6/SRAzBcQKtHzjHFb
R5qMs/pO+9RYOUMXBwg0MY5NPabHTWk7XzOCTYqkGR4tQSIL47qQ45ka7V6mtI6y
-----END CERTIFICATE-----
Generated at Fri Apr 25 15:13:25 2025 by rpki-client