Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/c94c65-ea02-405a-bba7-ca0474adf373/1/zHyi0zO0aepoCj3YfwkO2CsuHDk.roa
File: zHyi0zO0aepoCj3YfwkO2CsuHDk.roa (raw, json)
Hash identifier: 64jkIZP0sVFKnl22gW7SzeQyLPkea22pOG/lfDbS5eU=
Subject key identifier: CC:7C:A2:D3:33:B4:69:EA:68:0A:3D:D8:7F:09:0E:D8:2B:2E:1C:39
Certificate issuer: /CN=7826b604f6f8c03fe9df6c98e61f39eaed7555a5
Certificate serial: 019427479171B0187089612DB2972FABCD18
Authority key identifier: 78:26:B6:04:F6:F8:C0:3F:E9:DF:6C:98:E6:1F:39:EA:ED:75:55:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eCa2BPb4wD_p32yY5h856u11VaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/c94c65-ea02-405a-bba7-ca0474adf373/1/zHyi0zO0aepoCj3YfwkO2CsuHDk.roa
Signing time: Thu 02 Jan 2025 13:49:49 +0000
ROA not before: Thu 02 Jan 2025 13:49:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203735
IP address blocks: 185.89.98.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:91:71:b0:18:70:89:61:2d:b2:97:2f:ab:cd:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7826b604f6f8c03fe9df6c98e61f39eaed7555a5
Validity
Not Before: Jan 2 13:49:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc7ca2d333b469ea680a3dd87f090ed82b2e1c39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d7:55:25:4e:bd:dc:0c:fe:68:88:fb:2e:dc:
82:17:2b:1c:ec:5b:de:52:bf:dd:a2:ae:76:c0:4d:
3f:3f:32:8a:07:22:e5:70:07:d5:4f:b8:4e:ed:16:
32:bc:a1:a6:54:15:ea:c4:c5:db:f4:53:9f:0a:9b:
30:94:61:42:f6:34:80:24:62:ab:d7:ca:8f:c9:12:
aa:b7:46:14:3a:fd:3e:4b:2a:dc:70:38:a8:02:73:
5d:59:0c:27:73:dd:98:39:55:c0:fe:13:5f:32:5a:
9a:19:bc:97:b0:a2:01:a4:4e:70:b7:fb:49:ae:5e:
79:30:b2:7c:ee:15:b4:dc:e0:7b:de:d5:41:b1:8d:
94:16:60:e0:ab:7c:da:9f:6e:17:d1:e0:e7:0b:61:
88:0b:30:44:1a:49:f7:8a:e2:c1:c5:12:a3:fd:b3:
b2:6a:ec:4e:98:ae:ce:69:82:6d:58:2f:e1:dc:c5:
02:21:23:34:1d:4c:8f:e5:8f:91:0a:f1:03:8f:0e:
65:76:c1:09:ca:67:a2:9c:0d:a9:c8:ae:df:c7:20:
06:28:90:73:5e:2b:c7:fc:93:e3:d4:c7:3b:a7:d9:
0a:76:bb:bd:45:40:62:30:4a:2e:b4:e0:88:b9:28:
c9:8f:ab:70:6c:38:5c:55:87:e2:df:8a:25:8a:48:
57:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:7C:A2:D3:33:B4:69:EA:68:0A:3D:D8:7F:09:0E:D8:2B:2E:1C:39
X509v3 Authority Key Identifier:
keyid:78:26:B6:04:F6:F8:C0:3F:E9:DF:6C:98:E6:1F:39:EA:ED:75:55:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eCa2BPb4wD_p32yY5h856u11VaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/c94c65-ea02-405a-bba7-ca0474adf373/1/zHyi0zO0aepoCj3YfwkO2CsuHDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/c94c65-ea02-405a-bba7-ca0474adf373/1/eCa2BPb4wD_p32yY5h856u11VaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.98.0/24
Signature Algorithm: sha256WithRSAEncryption
22:6c:85:a9:5d:54:ae:ca:42:98:de:73:1f:c6:d1:4f:3b:a0:
f9:74:d1:82:99:17:69:44:b9:4d:f7:ad:6b:d5:5a:f7:13:76:
64:5f:0b:40:9d:4d:51:c1:54:88:32:07:ba:ec:2a:59:86:27:
70:f3:0a:f1:74:8b:9f:48:8b:9e:70:f0:b8:ca:7b:2b:40:c0:
8f:29:fe:58:7f:75:d1:59:4c:a1:8c:94:eb:9f:28:75:cf:a8:
e7:52:d9:db:88:e5:f2:d1:af:b4:88:d1:20:d4:cd:8a:d7:20:
4e:da:f2:8c:03:19:14:69:e0:a4:5f:2f:78:4f:41:71:68:15:
7e:41:df:4b:76:87:be:6d:15:a7:4f:77:f6:e2:a3:2f:0e:43:
b1:33:6a:54:a3:2e:f5:e6:27:36:11:5e:53:f3:58:07:f5:24:
c4:a5:3f:be:77:ad:fe:ed:4b:84:94:5d:27:e1:13:c3:63:5f:
c6:e4:bd:af:8a:4d:a6:16:f0:d3:3f:77:15:45:99:f6:99:12:
d2:6a:31:df:b7:24:d7:3b:91:ab:35:b5:20:55:36:cb:f8:cd:
5b:85:b3:71:a4:be:ff:1a:14:14:70:27:99:38:ea:93:a1:7c:
ae:95:78:4d:62:4e:cb:71:69:08:72:08:1e:f9:1b:d1:2b:42:
3a:0b:bc:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR5FxsBhwiWEtspcvq80YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4MjZiNjA0ZjZmOGMwM2ZlOWRmNmM5OGU2MWYzOWVhZWQ3
NTU1YTUwHhcNMjUwMTAyMTM0OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzdjYTJkMzMzYjQ2OWVhNjgwYTNkZDg3ZjA5MGVkODJiMmUxYzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtdVJU693Az+aIj7LtyCFysc7Fve
Ur/doq52wE0/PzKKByLlcAfVT7hO7RYyvKGmVBXqxMXb9FOfCpswlGFC9jSAJGKr
18qPyRKqt0YUOv0+SyrccDioAnNdWQwnc92YOVXA/hNfMlqaGbyXsKIBpE5wt/tJ
rl55MLJ87hW03OB73tVBsY2UFmDgq3zan24X0eDnC2GICzBEGkn3iuLBxRKj/bOy
auxOmK7OaYJtWC/h3MUCISM0HUyP5Y+RCvEDjw5ldsEJymeinA2pyK7fxyAGKJBz
XivH/JPj1Mc7p9kKdru9RUBiMEoutOCIuSjJj6twbDhcVYfi34olikhX6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMx8otMztGnqaAo92H8JDtgrLhw5MB8GA1UdIwQY
MBaAFHgmtgT2+MA/6d9smOYfOertdVWlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUNhMkJQYjR3RF9wMzJ5WTVoODU2dTExVmFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9jOTRjNjUtZWEwMi00MDVhLWJiYTct
Y2EwNDc0YWRmMzczLzEvekh5aTB6TzBhZXBvQ2ozWWZ3a08yQ3N1SERrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9jOTRjNjUtZWEwMi00MDVhLWJiYTctY2EwNDc0YWRmMzcz
LzEvZUNhMkJQYjR3RF9wMzJ5WTVoODU2dTExVmFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVliMA0G
CSqGSIb3DQEBCwUAA4IBAQAibIWpXVSuykKY3nMfxtFPO6D5dNGCmRdpRLlN961r
1Vr3E3ZkXwtAnU1RwVSIMge67CpZhidw8wrxdIufSIuecPC4ynsrQMCPKf5Yf3XR
WUyhjJTrnyh1z6jnUtnbiOXy0a+0iNEg1M2K1yBO2vKMAxkUaeCkXy94T0FxaBV+
Qd9Ldoe+bRWnT3f24qMvDkOxM2pUoy715ic2EV5T81gH9STEpT++d63+7UuElF0n
4RPDY1/G5L2vik2mFvDTP3cVRZn2mRLSajHftyTXO5GrNbUgVTbL+M1bhbNxpL7/
GhQUcCeZOOqToXyulXhNYk7LcWkIcgge+RvRK0I6C7zA
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:48:51 2025 by rpki-client