Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/2922cf-1861-419d-9eea-0a79d54965a9/1/Za1vvPAEMQLX9tFDLmhPbJ3BBlk.roa
File: Za1vvPAEMQLX9tFDLmhPbJ3BBlk.roa (raw, json)
Hash identifier: ny9mwL29fdAvRnLi4zBGCZuIouNHHSaZbEkA3+/PrUQ=
Subject key identifier: 65:AD:6F:BC:F0:04:31:02:D7:F6:D1:43:2E:68:4F:6C:9D:C1:06:59
Certificate issuer: /CN=84184ce919023640bb9256c2d8d1a049fa102520
Certificate serial: 0194228E2E8DD54009875D1864FED89F2F8D
Authority key identifier: 84:18:4C:E9:19:02:36:40:BB:92:56:C2:D8:D1:A0:49:FA:10:25:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hBhM6RkCNkC7klbC2NGgSfoQJSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/2922cf-1861-419d-9eea-0a79d54965a9/1/Za1vvPAEMQLX9tFDLmhPbJ3BBlk.roa
Signing time: Wed 01 Jan 2025 15:48:50 +0000
ROA not before: Wed 01 Jan 2025 15:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57357
IP address blocks: 185.11.68.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:2e:8d:d5:40:09:87:5d:18:64:fe:d8:9f:2f:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84184ce919023640bb9256c2d8d1a049fa102520
Validity
Not Before: Jan 1 15:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=65ad6fbcf0043102d7f6d1432e684f6c9dc10659
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:00:e9:fb:30:0d:fa:ba:fa:e8:5f:71:81:0c:
b9:df:07:64:75:aa:ee:dc:c6:4c:46:a9:c1:bd:03:
ae:70:76:18:5a:8b:84:aa:c5:40:88:25:a1:75:71:
a1:c9:42:43:65:c2:d2:86:f6:d1:b1:80:88:ad:b9:
77:9c:cb:6f:f6:87:90:74:15:07:38:93:b2:a6:9d:
71:15:b7:e9:4e:61:d6:84:41:d0:05:cd:48:06:4c:
fc:ad:07:b4:b3:8e:76:04:01:c0:41:7d:31:bc:bb:
ab:3e:15:6c:e2:6e:ac:96:db:43:b5:38:1a:62:4f:
a6:88:69:9e:6e:d8:45:1c:ba:83:6d:c2:7c:8e:ea:
0d:5b:5d:0c:b3:53:08:b4:b0:d0:23:55:98:c4:fd:
01:40:b0:2a:d1:33:d9:4e:75:e6:e4:81:b1:de:3e:
5a:d9:07:dc:96:05:4c:5a:6d:0b:35:1f:22:65:db:
d3:7e:01:d0:f6:13:25:13:68:d4:d5:90:2a:60:c0:
fe:53:16:15:b0:e2:66:84:0d:5f:74:60:c6:28:99:
6d:da:60:00:65:5e:54:5a:ba:74:76:88:fb:a3:b8:
e5:de:f0:bf:51:54:fd:cf:80:3f:29:d2:ec:81:ec:
64:6c:c0:4c:a7:fc:c0:d2:6d:60:50:cf:e4:8b:d1:
2e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:AD:6F:BC:F0:04:31:02:D7:F6:D1:43:2E:68:4F:6C:9D:C1:06:59
X509v3 Authority Key Identifier:
keyid:84:18:4C:E9:19:02:36:40:BB:92:56:C2:D8:D1:A0:49:FA:10:25:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hBhM6RkCNkC7klbC2NGgSfoQJSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/2922cf-1861-419d-9eea-0a79d54965a9/1/Za1vvPAEMQLX9tFDLmhPbJ3BBlk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/2922cf-1861-419d-9eea-0a79d54965a9/1/hBhM6RkCNkC7klbC2NGgSfoQJSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.11.68.0/22
Signature Algorithm: sha256WithRSAEncryption
63:06:54:e4:d2:0c:28:1a:58:69:c0:24:8f:19:d5:e3:da:39:
3b:da:72:84:07:1a:01:83:eb:e0:f7:51:b3:c6:c7:00:fb:38:
a3:3f:e8:8e:77:ed:44:b5:e5:dc:f2:b4:18:c9:00:3e:e9:f2:
aa:d9:77:fc:a5:e6:e5:b0:24:70:41:88:81:fe:4b:10:c0:8e:
15:18:f7:e1:a6:37:45:07:a9:d9:72:2e:01:57:93:44:7d:9e:
53:05:2a:59:47:8a:26:14:90:6f:f2:07:92:a4:7f:cb:c7:5f:
6a:f8:2e:08:c2:f0:d1:90:89:6c:5d:e3:d0:bf:70:e2:7a:41:
ef:f3:23:cf:3c:96:2a:9b:a0:ef:eb:49:ba:c6:c0:be:91:c2:
47:db:23:4c:28:7e:72:03:40:d4:a9:d4:a7:22:7c:3f:43:59:
9a:43:db:d8:60:c8:08:5a:4c:ed:58:ab:54:fe:30:01:ce:c1:
5a:3e:6e:ae:e9:6f:18:4f:02:6e:27:d8:36:f4:8e:6e:90:86:
05:38:ac:a5:56:07:50:9d:d5:0a:3b:ab:f6:5a:fa:e7:14:2f:
cb:7b:75:1e:9b:74:26:12:ca:ab:01:62:80:16:40:e0:0f:36:
21:12:04:27:06:8c:21:dd:34:c2:b0:13:36:53:d6:3e:2e:8c:
86:1c:95:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiji6N1UAJh10YZP7Yny+NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MTg0Y2U5MTkwMjM2NDBiYjkyNTZjMmQ4ZDFhMDQ5ZmEx
MDI1MjAwHhcNMjUwMTAxMTU0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWFkNmZiY2YwMDQzMTAyZDdmNmQxNDMyZTY4NGY2YzlkYzEwNjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwDp+zAN+rr66F9xgQy53wdkdaru
3MZMRqnBvQOucHYYWouEqsVAiCWhdXGhyUJDZcLShvbRsYCIrbl3nMtv9oeQdBUH
OJOypp1xFbfpTmHWhEHQBc1IBkz8rQe0s452BAHAQX0xvLurPhVs4m6slttDtTga
Yk+miGmebthFHLqDbcJ8juoNW10Ms1MItLDQI1WYxP0BQLAq0TPZTnXm5IGx3j5a
2QfclgVMWm0LNR8iZdvTfgHQ9hMlE2jU1ZAqYMD+UxYVsOJmhA1fdGDGKJlt2mAA
ZV5UWrp0doj7o7jl3vC/UVT9z4A/KdLsgexkbMBMp/zA0m1gUM/ki9EuDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGWtb7zwBDEC1/bRQy5oT2ydwQZZMB8GA1UdIwQY
MBaAFIQYTOkZAjZAu5JWwtjRoEn6ECUgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEJoTTZSa0NOa0M3a2xiQzJOR2dTZm9RSlNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8yOTIyY2YtMTg2MS00MTlkLTllZWEt
MGE3OWQ1NDk2NWE5LzEvWmExdnZQQUVNUUxYOXRGRExtaFBiSjNCQmxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8yOTIyY2YtMTg2MS00MTlkLTllZWEtMGE3OWQ1NDk2NWE5
LzEvaEJoTTZSa0NOa0M3a2xiQzJOR2dTZm9RSlNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQtEMA0G
CSqGSIb3DQEBCwUAA4IBAQBjBlTk0gwoGlhpwCSPGdXj2jk72nKEBxoBg+vg91Gz
xscA+zijP+iOd+1EteXc8rQYyQA+6fKq2Xf8peblsCRwQYiB/ksQwI4VGPfhpjdF
B6nZci4BV5NEfZ5TBSpZR4omFJBv8geSpH/Lx19q+C4IwvDRkIlsXePQv3DiekHv
8yPPPJYqm6Dv60m6xsC+kcJH2yNMKH5yA0DUqdSnInw/Q1maQ9vYYMgIWkztWKtU
/jABzsFaPm6u6W8YTwJuJ9g29I5ukIYFOKylVgdQndUKO6v2WvrnFC/Le3Uem3Qm
EsqrAWKAFkDgDzYhEgQnBowh3TTCsBM2U9Y+LoyGHJWD
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:38:20 2025 by rpki-client