Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Z3kt2cxB-R8IfgSn6stjMF7sRxM.roa
File: Z3kt2cxB-R8IfgSn6stjMF7sRxM.roa (raw, json)
Hash identifier: +hh2j33WAy8N34MWloeknPephoqyvdbluq34Uf3pcO4=
Subject key identifier: 67:79:2D:D9:CC:41:F9:1F:08:7E:04:A7:EA:CB:63:30:5E:EC:47:13
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0194222034CCDC62B5B796DC3CE61D01526D
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Z3kt2cxB-R8IfgSn6stjMF7sRxM.roa
Signing time: Wed 01 Jan 2025 13:48:43 +0000
ROA not before: Wed 01 Jan 2025 13:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 152911
IP address blocks: 185.227.144.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:34:cc:dc:62:b5:b7:96:dc:3c:e6:1d:01:52:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 13:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67792dd9cc41f91f087e04a7eacb63305eec4713
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f7:a4:52:b8:93:f6:1a:23:68:a8:5b:71:40:
38:be:cc:1f:bb:c8:e9:bc:f8:88:4c:f6:94:60:9a:
73:f0:61:41:57:9b:9e:76:14:ce:df:75:f8:ac:f3:
2b:24:e2:63:c6:81:98:9d:81:0d:34:6d:b1:4a:44:
e0:3c:e4:38:7b:79:61:83:1f:2a:4b:5e:05:37:ee:
c5:82:c5:ac:63:92:31:eb:3b:0f:80:77:f9:9d:45:
27:3d:0b:b6:8f:07:88:a4:16:55:d5:8f:c8:18:55:
e3:6e:f1:82:1b:08:b6:c5:01:92:ca:94:61:90:47:
c0:bc:e8:fe:06:41:34:9c:17:de:f7:9c:4e:69:67:
f5:10:43:c6:c6:4d:bd:43:5e:e9:8e:da:52:5e:e5:
38:d2:60:7c:15:dc:f6:f2:26:02:8c:04:23:fa:02:
6d:b9:20:4e:64:9f:fd:7a:b6:e6:e0:7e:0a:23:2a:
a2:83:3f:78:5c:9e:27:b0:0b:0d:63:4c:fa:ea:9c:
54:78:73:64:e5:e4:5b:2e:64:a6:eb:13:18:2b:a5:
9c:b4:e4:e2:d6:99:59:28:d1:f2:ca:2a:f6:d7:b3:
86:30:76:53:f6:d1:cc:a9:63:eb:39:7c:21:68:f3:
b2:73:c5:7b:ba:90:84:66:7d:75:c2:5b:ad:1c:b6:
ce:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:79:2D:D9:CC:41:F9:1F:08:7E:04:A7:EA:CB:63:30:5E:EC:47:13
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Z3kt2cxB-R8IfgSn6stjMF7sRxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.227.144.0/24
Signature Algorithm: sha256WithRSAEncryption
98:83:84:b1:ca:79:e3:d5:c4:92:a8:d7:fa:c1:44:9d:a7:01:
ac:78:fe:88:64:37:3e:8a:43:b7:99:3c:2a:eb:2f:54:72:85:
04:3b:fd:c6:51:25:e5:c3:ba:1b:ad:e1:5a:d1:c2:8e:9d:79:
fd:a0:99:3c:16:93:48:17:ad:f7:ec:fb:b0:48:1a:44:94:6b:
1d:c8:d9:56:a6:e9:05:6c:1f:f6:0f:83:0e:d5:97:0b:e7:98:
02:0f:00:29:fa:d5:00:e5:fd:8e:a2:e3:05:d3:80:5f:a8:02:
cd:d7:37:91:e4:22:66:45:f2:53:dc:7b:ca:33:58:cf:9a:ef:
72:49:1f:d8:dc:9b:92:6f:86:cd:8a:a5:c6:4b:34:5e:f4:a8:
38:43:38:b4:a7:c4:22:af:db:4e:2e:20:32:3d:62:52:46:69:
b1:6f:2d:bf:6c:9f:76:23:66:72:8e:69:25:b1:a4:0d:fc:56:
9d:24:0a:40:25:a0:6b:75:0e:e8:3c:3c:e3:11:b2:ce:13:63:
b4:d6:e6:c6:20:96:52:36:d3:fa:38:f6:53:ba:7c:39:87:cb:
8d:5c:18:23:43:3d:8d:02:6b:bb:ac:44:52:16:22:3c:76:af:
73:32:0b:b2:6f:ec:13:c6:6e:7a:d0:52:2d:ac:5b:b8:c0:c7:
40:71:76:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIDTM3GK1t5bcPOYdAVJtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTAxMTM0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Nzc5MmRkOWNjNDFmOTFmMDg3ZTA0YTdlYWNiNjMzMDVlZWM0NzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/ekUriT9hojaKhbcUA4vswfu8jp
vPiITPaUYJpz8GFBV5uedhTO33X4rPMrJOJjxoGYnYENNG2xSkTgPOQ4e3lhgx8q
S14FN+7FgsWsY5Ix6zsPgHf5nUUnPQu2jweIpBZV1Y/IGFXjbvGCGwi2xQGSypRh
kEfAvOj+BkE0nBfe95xOaWf1EEPGxk29Q17pjtpSXuU40mB8Fdz28iYCjAQj+gJt
uSBOZJ/9erbm4H4KIyqigz94XJ4nsAsNY0z66pxUeHNk5eRbLmSm6xMYK6WctOTi
1plZKNHyyir217OGMHZT9tHMqWPrOXwhaPOyc8V7upCEZn11wlutHLbO8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGd5LdnMQfkfCH4Ep+rLYzBe7EcTMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvWjNrdDJjeEItUjhJZmdTbjZzdGpNRjdzUnhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueOQMA0G
CSqGSIb3DQEBCwUAA4IBAQCYg4Sxynnj1cSSqNf6wUSdpwGseP6IZDc+ikO3mTwq
6y9UcoUEO/3GUSXlw7obreFa0cKOnXn9oJk8FpNIF6337PuwSBpElGsdyNlWpukF
bB/2D4MO1ZcL55gCDwAp+tUA5f2OouMF04BfqALN1zeR5CJmRfJT3HvKM1jPmu9y
SR/Y3JuSb4bNiqXGSzRe9Kg4Qzi0p8Qir9tOLiAyPWJSRmmxby2/bJ92I2Zyjmkl
saQN/FadJApAJaBrdQ7oPDzjEbLOE2O01ubGIJZSNtP6OPZTunw5h8uNXBgjQz2N
Amu7rERSFiI8dq9zMguyb+wTxm560FItrFu4wMdAcXYv
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:16:55 2025 by rpki-client