Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/d0cc41-c8f1-4a44-91f0-d1a4599cb0e5/1/ZhvVa7SGL0ihaaWqEDQl81ffNSw.roa
File: ZhvVa7SGL0ihaaWqEDQl81ffNSw.roa (raw, json)
Hash identifier: ytKQDKvlQVK8AL0ByiBKUDRRuwN5/717YGo/cNpO++k=
Subject key identifier: 66:1B:D5:6B:B4:86:2F:48:A1:69:A5:AA:10:34:25:F3:57:DF:35:2C
Certificate issuer: /CN=f7d32e75294187d46e8eae0f8fe72b5fd7abf886
Certificate serial: 01942444E4D9635A7D1DCC73F02096BAB7DC
Authority key identifier: F7:D3:2E:75:29:41:87:D4:6E:8E:AE:0F:8F:E7:2B:5F:D7:AB:F8:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/99MudSlBh9Rujq4Pj-crX9er-IY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/d0cc41-c8f1-4a44-91f0-d1a4599cb0e5/1/ZhvVa7SGL0ihaaWqEDQl81ffNSw.roa
Signing time: Wed 01 Jan 2025 23:48:02 +0000
ROA not before: Wed 01 Jan 2025 23:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6895
IP address blocks: 185.79.172.0/22 maxlen: 24
193.149.0.0/23 maxlen: 24
2001:7f8:f::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:e4:d9:63:5a:7d:1d:cc:73:f0:20:96:ba:b7:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7d32e75294187d46e8eae0f8fe72b5fd7abf886
Validity
Not Before: Jan 1 23:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=661bd56bb4862f48a169a5aa103425f357df352c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:48:a7:11:87:92:fb:da:f9:f1:ee:93:6e:53:
f4:62:d8:d6:20:85:97:e1:5b:32:d4:3e:ea:2f:7b:
96:d2:06:aa:29:b7:e7:e2:fd:4f:4d:31:d0:5a:09:
43:93:98:88:07:70:bc:ce:74:37:25:22:13:49:3e:
8b:1b:bd:fa:0c:04:45:af:46:f9:b7:4d:e3:f0:60:
bf:e7:22:67:6f:4f:7e:b0:ed:53:7f:b0:d4:30:f1:
f2:07:6c:dc:4f:45:fb:65:7f:88:4a:1b:2c:9b:3d:
61:bd:41:6c:57:57:05:dc:51:2c:9f:ba:ef:5f:95:
32:8f:5b:04:92:e6:3f:c3:a2:6f:6b:86:44:34:ff:
1a:c8:8a:fb:46:7e:50:e2:66:81:0f:3b:dd:c4:ff:
d7:00:2f:30:b0:e3:5f:4a:ff:ed:2b:af:af:65:f9:
06:4e:a3:e9:f9:6e:bc:24:7b:f3:4d:94:c5:28:01:
18:da:9e:32:d5:45:b1:72:c3:1f:2e:92:a4:8a:46:
52:71:bf:d6:47:44:d7:18:41:de:e0:36:97:0d:e7:
74:4c:d1:3c:49:66:69:68:7e:b4:a5:51:20:b1:7c:
b0:e6:ea:a2:b4:07:97:b7:7e:35:0f:ff:11:ca:88:
a9:cd:73:a2:57:a2:1e:fd:df:77:c5:cb:3b:c2:7b:
fc:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:1B:D5:6B:B4:86:2F:48:A1:69:A5:AA:10:34:25:F3:57:DF:35:2C
X509v3 Authority Key Identifier:
keyid:F7:D3:2E:75:29:41:87:D4:6E:8E:AE:0F:8F:E7:2B:5F:D7:AB:F8:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/99MudSlBh9Rujq4Pj-crX9er-IY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d0cc41-c8f1-4a44-91f0-d1a4599cb0e5/1/ZhvVa7SGL0ihaaWqEDQl81ffNSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d0cc41-c8f1-4a44-91f0-d1a4599cb0e5/1/99MudSlBh9Rujq4Pj-crX9er-IY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.79.172.0/22
193.149.0.0/23
IPv6:
2001:7f8:f::/48
Signature Algorithm: sha256WithRSAEncryption
75:5d:d5:bb:f6:0f:4e:f8:8c:ed:78:4a:b5:3a:36:a7:23:b6:
70:41:50:de:37:a4:c7:a8:a1:7f:04:06:05:3d:4f:2a:48:8e:
31:6b:df:23:01:6b:ba:ff:42:8b:b8:dd:3a:76:cf:d4:e0:a4:
a5:ef:e2:bb:52:08:d0:a4:86:2f:4e:2d:fe:41:8f:81:6c:91:
6f:1e:9e:cd:45:2e:fd:e8:d8:f7:18:f1:56:e4:fd:15:7f:65:
08:23:27:1c:5b:27:6f:aa:76:38:d4:69:3a:b3:bd:cc:79:10:
b1:49:ec:db:9c:99:c2:4b:9d:3f:48:f6:3f:5e:c5:5d:cf:01:
62:3c:1d:e3:f7:22:a4:81:e4:56:2f:41:e3:9a:73:a6:d8:03:
88:58:7f:ed:06:67:b7:69:0e:35:b9:91:e9:f4:e0:7c:18:cc:
e4:43:06:9c:a2:09:85:45:7b:9d:bd:8c:5c:d6:c1:1b:89:15:
dc:68:be:ef:b8:ff:b1:9b:94:f5:30:3c:c7:6b:91:c9:bd:9d:
b9:60:8a:3c:ac:70:c5:72:d0:fe:26:81:f8:f1:05:23:cb:d4:
c2:ae:51:0a:6f:d7:b8:f7:ba:d9:e7:cd:b8:f0:43:d2:d2:b6:
7b:eb:2d:b2:27:50:a3:b7:e3:8b:f5:ce:84:fc:30:b3:4c:fe:
df:96:3d:35
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQkROTZY1p9Hcxz8CCWurfcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3ZDMyZTc1Mjk0MTg3ZDQ2ZThlYWUwZjhmZTcyYjVmZDdh
YmY4ODYwHhcNMjUwMTAxMjM0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjFiZDU2YmI0ODYyZjQ4YTE2OWE1YWExMDM0MjVmMzU3ZGYzNTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7EinEYeS+9r58e6TblP0YtjWIIWX
4Vsy1D7qL3uW0gaqKbfn4v1PTTHQWglDk5iIB3C8znQ3JSITST6LG736DARFr0b5
t03j8GC/5yJnb09+sO1Tf7DUMPHyB2zcT0X7ZX+IShssmz1hvUFsV1cF3FEsn7rv
X5Uyj1sEkuY/w6Jva4ZENP8ayIr7Rn5Q4maBDzvdxP/XAC8wsONfSv/tK6+vZfkG
TqPp+W68JHvzTZTFKAEY2p4y1UWxcsMfLpKkikZScb/WR0TXGEHe4DaXDed0TNE8
SWZpaH60pVEgsXyw5uqitAeXt341D/8RyoipzXOiV6Ie/d93xcs7wnv8nwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGYb1Wu0hi9IoWmlqhA0JfNX3zUsMB8GA1UdIwQY
MBaAFPfTLnUpQYfUbo6uD4/nK1/Xq/iGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTlNdWRTbEJoOVJ1anE0UGotY3JYOWVyLUlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9kMGNjNDEtYzhmMS00YTQ0LTkxZjAt
ZDFhNDU5OWNiMGU1LzEvWmh2VmE3U0dMMGloYWFXcUVEUWw4MWZmTlN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9kMGNjNDEtYzhmMS00YTQ0LTkxZjAtZDFhNDU5OWNiMGU1
LzEvOTlNdWRTbEJoOVJ1anE0UGotY3JYOWVyLUlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCuU+sAwQB
wZUAMA8EAgACMAkDBwAgAQf4AA8wDQYJKoZIhvcNAQELBQADggEBAHVd1bv2D074
jO14SrU6NqcjtnBBUN43pMeooX8EBgU9TypIjjFr3yMBa7r/Qou43Tp2z9TgpKXv
4rtSCNCkhi9OLf5Bj4FskW8ens1FLv3o2PcY8Vbk/RV/ZQgjJxxbJ2+qdjjUaTqz
vcx5ELFJ7NucmcJLnT9I9j9exV3PAWI8HeP3IqSB5FYvQeOac6bYA4hYf+0GZ7dp
DjW5ken04HwYzORDBpyiCYVFe529jFzWwRuJFdxovu+4/7GblPUwPMdrkcm9nblg
ijyscMVy0P4mgfjxBSPL1MKuUQpv17j3utnnzbjwQ9LStnvrLbInUKO344v1zoT8
MLNM/t+WPTU=
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:21:16 2025 by rpki-client