Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/ad0116-7558-4656-9fb3-5199a711684d/1/Z00tzDptb3jFHIL69XvH8_giNRA.roa
File: Z00tzDptb3jFHIL69XvH8_giNRA.roa (raw, json)
Hash identifier: X1cnjA0aHCCUUGs++tB5SEQQf9ajzL2uJiiXmI5qvlg=
Subject key identifier: 67:4D:2D:CC:3A:6D:6F:78:C5:1C:82:FA:F5:7B:C7:F3:F8:22:35:10
Certificate issuer: /CN=7069a025a84f42ef3ef0b6052de3fd65e8c08692
Certificate serial: 019420684F7081DCAAB79A678C15AED7D389
Authority key identifier: 70:69:A0:25:A8:4F:42:EF:3E:F0:B6:05:2D:E3:FD:65:E8:C0:86:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cGmgJahPQu8-8LYFLeP9ZejAhpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/ad0116-7558-4656-9fb3-5199a711684d/1/Z00tzDptb3jFHIL69XvH8_giNRA.roa
Signing time: Wed 01 Jan 2025 05:48:14 +0000
ROA not before: Wed 01 Jan 2025 05:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209911
IP address blocks: 188.0.40.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:4f:70:81:dc:aa:b7:9a:67:8c:15:ae:d7:d3:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7069a025a84f42ef3ef0b6052de3fd65e8c08692
Validity
Not Before: Jan 1 05:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=674d2dcc3a6d6f78c51c82faf57bc7f3f8223510
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:0f:83:c3:ad:05:c0:21:41:b4:4d:fa:c4:af:
a6:47:b9:cc:e6:94:8d:56:40:95:0f:6d:ec:55:c5:
24:50:72:85:91:1f:c2:fa:2c:03:9b:33:d9:9b:56:
30:86:fa:1d:e1:16:ba:6f:2a:9b:e3:9e:12:f4:59:
d2:6f:b3:65:46:4e:a9:74:37:88:34:30:a4:aa:32:
a2:c6:d5:2a:28:15:51:e4:30:20:8c:95:0e:68:a6:
7b:82:42:15:a1:9f:cc:d2:d1:3d:22:90:3a:62:95:
3a:7d:38:a3:cc:1e:71:fe:f7:01:e4:f4:27:2c:25:
2c:2b:ba:50:c9:08:b0:b3:45:01:d7:a4:68:49:c1:
89:ec:d3:97:c4:03:f8:41:13:2b:04:23:98:95:af:
5b:8f:1d:5b:17:1a:3a:de:f4:36:0d:1c:23:0c:2d:
79:80:59:04:74:79:ae:0a:9f:68:d6:6c:c7:fd:ea:
5e:dc:38:a5:9a:34:f4:7b:9a:ea:77:69:98:6e:ca:
0b:f1:dd:26:3c:54:d8:76:f0:9e:6d:e1:e3:00:10:
88:18:48:cf:82:2d:1b:9f:a1:aa:e6:ae:91:1e:ca:
50:f3:1c:ac:ee:f7:21:00:fc:12:3d:4c:c5:01:0b:
ce:f0:98:e5:3a:8b:5a:51:cb:ad:35:3d:9d:18:37:
56:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:4D:2D:CC:3A:6D:6F:78:C5:1C:82:FA:F5:7B:C7:F3:F8:22:35:10
X509v3 Authority Key Identifier:
keyid:70:69:A0:25:A8:4F:42:EF:3E:F0:B6:05:2D:E3:FD:65:E8:C0:86:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cGmgJahPQu8-8LYFLeP9ZejAhpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ad0116-7558-4656-9fb3-5199a711684d/1/Z00tzDptb3jFHIL69XvH8_giNRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ad0116-7558-4656-9fb3-5199a711684d/1/cGmgJahPQu8-8LYFLeP9ZejAhpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.0.40.0/21
Signature Algorithm: sha256WithRSAEncryption
49:8f:ec:69:43:65:2c:2c:2d:e0:d2:9b:f0:03:d0:9e:f2:68:
58:14:d5:69:b0:74:4c:07:a1:6e:a2:c0:fc:a2:1c:de:06:75:
2d:f5:73:5c:67:59:b3:b4:93:02:d9:e8:ec:48:af:3f:9f:16:
49:0d:b6:7e:87:b8:7d:22:64:34:dd:db:ba:84:b4:32:63:e9:
0b:9d:ee:29:b4:15:94:cd:e5:c4:82:77:3b:5a:cf:7d:0d:94:
98:2c:94:cc:b5:d0:39:68:8a:2a:f2:57:38:33:69:16:6c:2b:
d2:09:f0:71:84:a7:b9:0a:5f:79:da:5b:f5:02:28:e6:cc:44:
70:9b:39:a1:ad:b3:13:5d:eb:c3:74:79:1b:aa:a5:2b:69:3d:
8e:92:75:0e:5c:f5:5f:e4:4f:41:36:86:69:34:91:ab:18:cd:
ef:c6:79:fe:7f:88:bf:2d:b5:1a:74:84:91:09:4e:3d:99:cb:
c7:03:45:db:82:53:13:68:6a:13:2e:5b:03:d0:cb:76:d9:36:
60:5e:8d:20:17:c0:75:db:af:aa:4d:c3:a4:ce:d5:d4:70:e0:
e5:a5:13:ae:41:a8:32:91:66:58:32:cb:32:8c:30:14:58:52:
d4:d3:eb:68:36:61:a0:df:7e:96:b9:44:db:fd:2b:82:75:b7:
e3:b5:f0:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaE9wgdyqt5pnjBWu19OJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNjlhMDI1YTg0ZjQyZWYzZWYwYjYwNTJkZTNmZDY1ZThj
MDg2OTIwHhcNMjUwMTAxMDU0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzRkMmRjYzNhNmQ2Zjc4YzUxYzgyZmFmNTdiYzdmM2Y4MjIzNTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsg+Dw60FwCFBtE36xK+mR7nM5pSN
VkCVD23sVcUkUHKFkR/C+iwDmzPZm1Ywhvod4Ra6byqb454S9FnSb7NlRk6pdDeI
NDCkqjKixtUqKBVR5DAgjJUOaKZ7gkIVoZ/M0tE9IpA6YpU6fTijzB5x/vcB5PQn
LCUsK7pQyQiws0UB16RoScGJ7NOXxAP4QRMrBCOYla9bjx1bFxo63vQ2DRwjDC15
gFkEdHmuCp9o1mzH/epe3DilmjT0e5rqd2mYbsoL8d0mPFTYdvCebeHjABCIGEjP
gi0bn6Gq5q6RHspQ8xys7vchAPwSPUzFAQvO8JjlOotaUcutNT2dGDdW1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGdNLcw6bW94xRyC+vV7x/P4IjUQMB8GA1UdIwQY
MBaAFHBpoCWoT0LvPvC2BS3j/WXowIaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0dtZ0phaFBRdTgtOExZRkxlUDlaZWpBaHBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9hZDAxMTYtNzU1OC00NjU2LTlmYjMt
NTE5OWE3MTE2ODRkLzEvWjAwdHpEcHRiM2pGSElMNjlYdkg4X2dpTlJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9hZDAxMTYtNzU1OC00NjU2LTlmYjMtNTE5OWE3MTE2ODRk
LzEvY0dtZ0phaFBRdTgtOExZRkxlUDlaZWpBaHBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDvAAoMA0G
CSqGSIb3DQEBCwUAA4IBAQBJj+xpQ2UsLC3g0pvwA9Ce8mhYFNVpsHRMB6FuosD8
ohzeBnUt9XNcZ1mztJMC2ejsSK8/nxZJDbZ+h7h9ImQ03du6hLQyY+kLne4ptBWU
zeXEgnc7Ws99DZSYLJTMtdA5aIoq8lc4M2kWbCvSCfBxhKe5Cl952lv1AijmzERw
mzmhrbMTXevDdHkbqqUraT2OknUOXPVf5E9BNoZpNJGrGM3vxnn+f4i/LbUadISR
CU49mcvHA0XbglMTaGoTLlsD0Mt22TZgXo0gF8B126+qTcOkztXUcODlpROuQagy
kWZYMssyjDAUWFLU0+toNmGg336WuUTb/SuCdbfjtfAG
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:03:38 2025 by rpki-client