Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/_zvMq41wn6J-S0GprMQ2nhutdmw.roa
File: _zvMq41wn6J-S0GprMQ2nhutdmw.roa (raw, json)
Hash identifier: ZLsl7myOQrcYuRTASwHfao+y7OQ94fpFyU5x+nCtjaY=
Subject key identifier: FF:3B:CC:AB:8D:70:9F:A2:7E:4B:41:A9:AC:C4:36:9E:1B:AD:76:6C
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 018BD7814D2A4F49E71EA20DFD47F8174AF2
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/_zvMq41wn6J-S0GprMQ2nhutdmw.roa
Signing time: Thu 16 Nov 2023 09:40:57 +0000
ROA not before: Thu 16 Nov 2023 09:40:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41989
IP address blocks: 178.239.112.0/20 maxlen: 20
85.239.152.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d7:81:4d:2a:4f:49:e7:1e:a2:0d:fd:47:f8:17:4a:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Nov 16 09:40:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff3bccab8d709fa27e4b41a9acc4369e1bad766c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:4d:8e:f3:aa:d5:2c:e8:2a:b3:81:f8:06:4f:
fa:a5:1f:53:2f:c3:10:11:15:b6:9b:4c:f8:5f:54:
b1:ba:b7:ef:1b:89:ee:e3:85:28:13:5e:c8:ec:9b:
1c:35:e5:26:be:db:c5:25:ff:38:41:6d:85:01:6f:
af:6f:c0:56:9a:37:75:d8:aa:a4:19:ec:a6:48:3f:
4e:6b:e0:80:b1:1d:f8:a1:78:ba:3b:56:d6:09:7b:
61:3f:07:91:46:64:c0:f2:87:05:a0:b6:30:63:70:
67:4b:7b:59:1c:e9:ad:a3:08:4a:f0:54:30:fb:9c:
b3:29:d2:f2:e4:92:ed:50:d1:b7:dc:de:8a:a3:2c:
68:77:29:ef:5c:d3:36:a4:a3:4d:ed:37:6d:56:10:
13:74:7f:d6:8d:53:30:85:cf:b2:f3:01:ba:ff:40:
c3:93:c5:dc:07:43:e9:13:05:c9:a9:62:a8:28:e5:
d1:34:61:03:21:70:61:47:ff:c1:c1:f0:cf:64:84:
d1:41:e7:5d:47:8a:ae:78:ff:55:0b:57:87:f1:1e:
f4:21:cf:c9:b2:3a:07:15:df:a7:fb:28:77:bf:88:
15:0a:e9:34:7b:42:27:e8:1f:57:a3:9b:fa:1b:24:
4d:0e:26:75:3c:b2:78:66:24:38:80:df:5a:84:59:
d1:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:3B:CC:AB:8D:70:9F:A2:7E:4B:41:A9:AC:C4:36:9E:1B:AD:76:6C
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/_zvMq41wn6J-S0GprMQ2nhutdmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.152.0/22
178.239.112.0/20
Signature Algorithm: sha256WithRSAEncryption
5b:bf:00:9a:4e:e1:1c:b3:b8:38:4e:68:50:2c:39:c8:97:51:
3e:d6:ad:03:c5:70:7c:c9:4a:de:11:ee:58:d2:cf:33:a1:ab:
06:92:62:8d:52:e7:1f:9b:64:5b:2f:9a:a6:6b:17:a6:e8:d9:
f8:8c:4d:0b:fa:c1:15:9d:a5:e5:4b:1c:d4:b7:25:ea:4e:7c:
97:a9:97:12:35:af:11:b5:20:1d:22:4f:db:d8:d4:83:7d:70:
dd:44:32:db:e6:46:39:f7:58:d7:7a:a1:f9:0c:fa:af:c0:63:
8c:9b:0b:b3:38:b5:af:e1:6a:f8:8d:c0:fd:07:20:d8:be:85:
20:96:d5:96:4b:db:a5:1f:62:fe:6a:5c:e6:48:c1:b6:f9:fa:
a9:46:72:c2:26:11:7e:43:91:2a:c9:51:07:93:43:e8:df:8c:
21:5e:1c:db:4d:b7:c6:3f:cc:40:a0:7f:a4:7b:cd:73:62:83:
e5:f3:db:dd:c3:2d:2c:98:2e:a2:4c:06:40:01:42:0b:a3:76:
44:d4:7b:4a:be:0b:16:3a:f3:b9:96:d8:02:60:da:61:89:b9:
4e:b4:90:b1:95:23:ef:52:40:85:a9:44:a2:86:cb:b4:94:ad:
ce:45:72:36:2d:9e:d4:36:da:3e:47:ed:71:84:ce:4b:0a:73:
06:3b:e0:7c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvXgU0qT0nnHqIN/Uf4F0ryMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjMxMTE2MDk0MDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjNiY2NhYjhkNzA5ZmEyN2U0YjQxYTlhY2M0MzY5ZTFiYWQ3NjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu02O86rVLOgqs4H4Bk/6pR9TL8MQ
ERW2m0z4X1SxurfvG4nu44UoE17I7JscNeUmvtvFJf84QW2FAW+vb8BWmjd12Kqk
GeymSD9Oa+CAsR34oXi6O1bWCXthPweRRmTA8ocFoLYwY3BnS3tZHOmtowhK8FQw
+5yzKdLy5JLtUNG33N6KoyxodynvXNM2pKNN7TdtVhATdH/WjVMwhc+y8wG6/0DD
k8XcB0PpEwXJqWKoKOXRNGEDIXBhR//BwfDPZITRQeddR4queP9VC1eH8R70Ic/J
sjoHFd+n+yh3v4gVCuk0e0In6B9Xo5v6GyRNDiZ1PLJ4ZiQ4gN9ahFnR2QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP87zKuNcJ+ifktBqazENp4brXZsMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvX3p2TXE0MXduNkotUzBHcHJNUTJuaHV0ZG13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVe+YAwQE
su9wMA0GCSqGSIb3DQEBCwUAA4IBAQBbvwCaTuEcs7g4TmhQLDnIl1E+1q0DxXB8
yUreEe5Y0s8zoasGkmKNUucfm2RbL5qmaxem6Nn4jE0L+sEVnaXlSxzUtyXqTnyX
qZcSNa8RtSAdIk/b2NSDfXDdRDLb5kY591jXeqH5DPqvwGOMmwuzOLWv4Wr4jcD9
ByDYvoUgltWWS9ulH2L+alzmSMG2+fqpRnLCJhF+Q5EqyVEHk0Po34whXhzbTbfG
P8xAoH+ke81zYoPl89vdwy0smC6iTAZAAUILo3ZE1HtKvgsWOvO5ltgCYNphiblO
tJCxlSPvUkCFqUSihsu0lK3ORXI2LZ7UNto+R+1xhM5LCnMGO+B8
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:50 2025 by rpki-client