Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/zDn6BG65-N44C0uDlJe3RzkiUTs.roa
File: zDn6BG65-N44C0uDlJe3RzkiUTs.roa (raw, json)
Hash identifier: EM6Uwy/Us+r0AtgVlMQcbmCbt0K/tS3jHqszI1mZVYQ=
Subject key identifier: CC:39:FA:04:6E:B9:F8:DE:38:0B:4B:83:94:97:B7:47:39:22:51:3B
Certificate issuer: /CN=0232a4bfb7796405a556b759f1d193e4c4d37129
Certificate serial: 019427B53BB4A1C89D2F11F6E7BB185D7653
Authority key identifier: 02:32:A4:BF:B7:79:64:05:A5:56:B7:59:F1:D1:93:E4:C4:D3:71:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/zDn6BG65-N44C0uDlJe3RzkiUTs.roa
Signing time: Thu 02 Jan 2025 15:49:36 +0000
ROA not before: Thu 02 Jan 2025 15:49:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21734
IP address blocks: 195.122.186.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:3b:b4:a1:c8:9d:2f:11:f6:e7:bb:18:5d:76:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0232a4bfb7796405a556b759f1d193e4c4d37129
Validity
Not Before: Jan 2 15:49:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc39fa046eb9f8de380b4b839497b7473922513b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:0f:87:91:4d:41:65:58:a0:40:1c:0f:7d:b5:
cd:24:3b:e9:45:f5:11:24:10:4e:57:b9:b3:cc:a3:
2d:2b:c1:74:e5:98:a8:1f:16:b5:07:fd:43:e6:79:
b4:a6:9f:01:10:73:a8:be:7e:93:00:89:aa:83:f3:
dc:cc:c3:f5:d2:b4:50:6b:91:40:d7:fc:cd:e7:ff:
2b:1b:cc:1c:57:dc:df:71:7c:09:a3:9f:9d:88:0b:
3b:3a:c2:f1:6c:fa:d2:b1:12:55:5c:e5:a0:a7:83:
ce:b3:ef:c4:8c:c7:5a:e0:e0:46:44:81:bb:9a:69:
98:f3:6f:0f:da:ab:14:5e:a8:ac:c0:f5:63:c8:0c:
e8:9a:37:78:07:fd:45:b6:cf:99:d4:ec:e9:02:b6:
b2:f0:ec:52:16:72:a9:bd:4e:dc:04:4a:ff:4e:ca:
85:48:8f:a2:98:57:e9:10:d7:13:b0:7a:45:b7:97:
a3:aa:d3:7a:f9:cf:6c:0a:2f:26:da:11:80:0c:1b:
09:ba:46:ae:8e:c9:7b:78:91:11:aa:c4:02:62:f0:
83:ff:0c:af:21:29:68:26:3d:0f:1f:d8:58:1d:ae:
d0:18:69:ae:a2:be:f6:02:9c:25:e0:0c:8a:da:fd:
ec:21:b0:47:6a:55:9b:7b:a8:ba:85:08:9e:4a:cd:
68:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:39:FA:04:6E:B9:F8:DE:38:0B:4B:83:94:97:B7:47:39:22:51:3B
X509v3 Authority Key Identifier:
keyid:02:32:A4:BF:B7:79:64:05:A5:56:B7:59:F1:D1:93:E4:C4:D3:71:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/zDn6BG65-N44C0uDlJe3RzkiUTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.122.186.0/24
Signature Algorithm: sha256WithRSAEncryption
86:28:51:6c:9d:d6:65:58:d1:7b:a7:ba:d2:5d:9c:32:31:e5:
aa:d5:70:cc:91:af:01:69:4f:76:a9:d6:45:e6:a4:39:14:7a:
42:1a:ce:c2:bb:18:83:2a:87:65:9b:5f:3f:18:e4:c3:1a:fa:
cf:63:43:49:03:2b:80:b3:71:d8:21:85:eb:e9:db:ef:93:ad:
ba:72:cf:ac:4f:29:3e:6c:85:22:6c:84:d1:03:fe:f1:cd:e3:
89:4a:7b:9a:0f:24:87:33:ba:67:d0:b5:07:a5:a5:5c:2f:e4:
6d:be:b0:e1:ad:08:53:19:75:1e:0d:71:27:7c:fd:a6:b7:6b:
9e:ca:8f:2c:e4:c0:fc:2e:c1:86:42:a6:a9:cc:67:fb:ea:fd:
f6:f9:8c:1f:14:52:11:9e:81:c4:27:0d:aa:ef:10:3a:cc:90:
f4:de:17:b6:d3:ce:af:ab:95:21:8c:76:a2:b8:21:bb:91:44:
88:70:ec:40:93:08:df:2a:05:c8:cf:59:f8:a3:09:45:2c:4f:
54:c3:0e:d4:b0:63:0c:2d:fe:14:97:95:80:f2:d4:ae:d5:a6:
98:c9:cf:47:b0:54:83:df:76:d6:8a:ee:6e:9b:3c:e5:c6:13:
65:ac:79:b7:ea:a0:de:b0:f3:62:95:2b:58:5b:b7:a3:f5:22:
f4:e3:a1:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntTu0ocidLxH257sYXXZTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMzJhNGJmYjc3OTY0MDVhNTU2Yjc1OWYxZDE5M2U0YzRk
MzcxMjkwHhcNMjUwMTAyMTU0OTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzM5ZmEwNDZlYjlmOGRlMzgwYjRiODM5NDk3Yjc0NzM5MjI1MTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQ+HkU1BZVigQBwPfbXNJDvpRfUR
JBBOV7mzzKMtK8F05ZioHxa1B/1D5nm0pp8BEHOovn6TAImqg/PczMP10rRQa5FA
1/zN5/8rG8wcV9zfcXwJo5+diAs7OsLxbPrSsRJVXOWgp4POs+/EjMda4OBGRIG7
mmmY828P2qsUXqiswPVjyAzomjd4B/1Fts+Z1OzpAray8OxSFnKpvU7cBEr/TsqF
SI+imFfpENcTsHpFt5ejqtN6+c9sCi8m2hGADBsJukaujsl7eJERqsQCYvCD/wyv
ISloJj0PH9hYHa7QGGmuor72Apwl4AyK2v3sIbBHalWbe6i6hQieSs1omQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMw5+gRuufjeOAtLg5SXt0c5IlE7MB8GA1UdIwQY
MBaAFAIypL+3eWQFpVa3WfHRk+TE03EpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWpLa3Y3ZDVaQVdsVnJkWjhkR1Q1TVRUY1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9hN2NlN2EtODQ0My00NmViLThjYmEt
M2JiNGQ2MjAwNTE4LzEvekRuNkJHNjUtTjQ0QzB1RGxKZTNSemtpVVRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9hN2NlN2EtODQ0My00NmViLThjYmEtM2JiNGQ2MjAwNTE4
LzEvQWpLa3Y3ZDVaQVdsVnJkWjhkR1Q1TVRUY1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw3q6MA0G
CSqGSIb3DQEBCwUAA4IBAQCGKFFsndZlWNF7p7rSXZwyMeWq1XDMka8BaU92qdZF
5qQ5FHpCGs7CuxiDKodlm18/GOTDGvrPY0NJAyuAs3HYIYXr6dvvk626cs+sTyk+
bIUibITRA/7xzeOJSnuaDySHM7pn0LUHpaVcL+RtvrDhrQhTGXUeDXEnfP2mt2ue
yo8s5MD8LsGGQqapzGf76v32+YwfFFIRnoHEJw2q7xA6zJD03he2086vq5UhjHai
uCG7kUSIcOxAkwjfKgXIz1n4owlFLE9Uww7UsGMMLf4Ul5WA8tSu1aaYyc9HsFSD
33bWiu5umzzlxhNlrHm36qDesPNilStYW7ej9SL046EJ
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:48:29 2025 by rpki-client