Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/5f5d8f-332b-42d6-a9bb-2f405d7f1d8f/1/zk_EJfgXLWpaC18an5MuvwV8OKs.roa
File: zk_EJfgXLWpaC18an5MuvwV8OKs.roa (raw, json)
Hash identifier: wzovCTkGHILtaaQx2CMxLRmIpGMJ+5P2KmVoWuwJuRI=
Subject key identifier: CE:4F:C4:25:F8:17:2D:6A:5A:0B:5F:1A:9F:93:2E:BF:05:7C:38:AB
Certificate issuer: /CN=7dd1b5b42dc3d846c2ad2549664e34f72d1cb4a6
Certificate serial: 024A201E
Authority key identifier: 7D:D1:B5:B4:2D:C3:D8:46:C2:AD:25:49:66:4E:34:F7:2D:1C:B4:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fdG1tC3D2EbCrSVJZk409y0ctKY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/5f5d8f-332b-42d6-a9bb-2f405d7f1d8f/1/zk_EJfgXLWpaC18an5MuvwV8OKs.roa
Signing time: Sat 01 Jan 2022 13:05:02 +0000
ROA not before: Sat 01 Jan 2022 13:05:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210602
IP address blocks: 185.203.40.0/22 maxlen: 22
195.128.164.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38412318 (0x24a201e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7dd1b5b42dc3d846c2ad2549664e34f72d1cb4a6
Validity
Not Before: Jan 1 13:05:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ce4fc425f8172d6a5a0b5f1a9f932ebf057c38ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:1a:14:a1:b9:3a:35:25:e8:48:ba:73:ee:91:
66:2e:9a:13:b6:bc:b9:46:86:52:29:bd:b5:14:7b:
d1:96:d2:9c:c7:6b:37:f9:5e:c4:d6:84:81:2d:8d:
cf:e5:de:35:6e:40:e0:cf:ad:79:a5:be:65:9c:e6:
17:7d:c0:48:2f:19:fa:ca:4d:91:90:22:10:fd:ab:
d7:b0:1f:39:2a:43:f0:34:de:80:bd:85:f9:ba:a8:
ff:a7:33:d7:a2:97:2c:7b:54:ee:37:1b:b4:e6:4d:
04:cf:84:17:80:2d:03:80:08:ec:76:34:4b:b5:b4:
64:3e:a3:e7:c3:68:a1:62:2d:05:25:91:5f:10:bb:
76:8c:fc:08:5c:80:f1:19:c2:de:7a:b2:bf:ba:7a:
14:42:aa:f8:ef:f5:2f:9a:4c:2e:c0:70:1b:b6:fb:
28:9b:d6:18:24:95:d7:8a:cb:d7:0e:c0:ee:6d:0e:
23:bc:6a:ed:c7:4a:0b:ee:56:34:cb:8d:f9:02:4e:
3c:f5:d5:23:34:0b:b2:0c:24:83:5c:11:c1:85:69:
20:4c:e9:f8:2e:94:9d:c2:56:c1:4d:25:5f:3b:0b:
f8:46:5b:4b:bb:7c:c5:e9:33:14:66:93:b3:26:10:
88:c5:f3:10:35:13:4b:14:6c:9e:af:5a:72:39:b3:
83:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:4F:C4:25:F8:17:2D:6A:5A:0B:5F:1A:9F:93:2E:BF:05:7C:38:AB
X509v3 Authority Key Identifier:
keyid:7D:D1:B5:B4:2D:C3:D8:46:C2:AD:25:49:66:4E:34:F7:2D:1C:B4:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fdG1tC3D2EbCrSVJZk409y0ctKY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/5f5d8f-332b-42d6-a9bb-2f405d7f1d8f/1/zk_EJfgXLWpaC18an5MuvwV8OKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/5f5d8f-332b-42d6-a9bb-2f405d7f1d8f/1/fdG1tC3D2EbCrSVJZk409y0ctKY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.203.40.0/22
195.128.164.0/23
Signature Algorithm: sha256WithRSAEncryption
57:2f:f6:f8:e7:38:c3:3a:6b:1a:24:ac:f8:b2:35:36:e3:1c:
fd:96:c9:98:01:d4:b1:e8:04:ca:ec:f8:8f:9e:89:07:3e:e6:
3c:2d:48:ad:c4:58:cf:be:33:f4:da:0f:38:0f:d4:e7:d6:59:
ef:03:12:55:91:8e:13:e8:bb:5b:8c:e3:e7:22:6a:e7:9a:de:
30:c5:e1:b7:99:8e:41:91:d9:52:08:76:22:b9:6a:5a:b1:2d:
e5:a9:9e:5e:26:13:e5:8d:39:a3:e9:7d:9b:ea:35:9c:54:6d:
e1:71:de:ea:ea:e1:1f:51:11:76:71:f3:21:14:60:6c:21:67:
ff:70:c8:fb:b9:ce:d5:16:77:96:7e:12:5d:d4:2a:4c:84:cd:
4a:da:fc:f4:87:00:c7:ef:3a:1c:4c:61:36:06:66:51:72:55:
85:83:5e:a7:1f:d3:1d:2d:4f:09:18:04:47:2b:28:1d:6a:fe:
b5:a3:5a:f1:73:4a:23:f2:90:00:00:3d:27:85:3e:d4:70:92:
bb:97:63:65:5f:14:e3:47:ee:42:cd:f0:69:0e:6a:32:4c:bb:
f4:d9:7e:64:4e:c6:ee:d6:84:ef:9e:cc:f4:8d:33:65:21:13:
af:26:11:34:ea:e5:e3:ff:9a:7d:56:d7:ac:fc:67:63:ee:7d:
d8:9b:83:cc
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAkogHjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZGQxYjViNDJkYzNkODQ2YzJhZDI1NDk2NjRlMzRmNzJkMWNiNGE2MB4XDTIyMDEw
MTEzMDUwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2U0ZmM0MjVmODE3
MmQ2YTVhMGI1ZjFhOWY5MzJlYmYwNTdjMzhhYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKsaFKG5OjUl6Ei6c+6RZi6aE7a8uUaGUim9tRR70ZbSnMdr
N/lexNaEgS2Nz+XeNW5A4M+teaW+ZZzmF33ASC8Z+spNkZAiEP2r17AfOSpD8DTe
gL2F+bqo/6cz16KXLHtU7jcbtOZNBM+EF4AtA4AI7HY0S7W0ZD6j58NooWItBSWR
XxC7doz8CFyA8RnC3nqyv7p6FEKq+O/1L5pMLsBwG7b7KJvWGCSV14rL1w7A7m0O
I7xq7cdKC+5WNMuN+QJOPPXVIzQLsgwkg1wRwYVpIEzp+C6UncJWwU0lXzsL+EZb
S7t8xekzFGaTsyYQiMXzEDUTSxRsnq9acjmzg0cCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTOT8Ql+BctaloLXxqfky6/BXw4qzAfBgNVHSMEGDAWgBR90bW0LcPYRsKt
JUlmTjT3LRy0pjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZkRzF0QzNEMkViQ3JTVkpaazQwOXkwY3RLWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWMvNWY1ZDhmLTMzMmItNDJkNi1hOWJiLTJmNDA1ZDdmMWQ4Zi8x
L3prX0VKZmdYTFdwYUMxOGFuNU11dndWOE9Lcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMv
NWY1ZDhmLTMzMmItNDJkNi1hOWJiLTJmNDA1ZDdmMWQ4Zi8xL2ZkRzF0QzNEMkVi
Q3JTVkpaazQwOXkwY3RLWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArnLKAMEAcOApDANBgkqhkiG9w0B
AQsFAAOCAQEAVy/2+Oc4wzprGiSs+LI1NuMc/ZbJmAHUsegEyuz4j56JBz7mPC1I
rcRYz74z9NoPOA/U59ZZ7wMSVZGOE+i7W4zj5yJq55reMMXht5mOQZHZUgh2Irlq
WrEt5ameXiYT5Y05o+l9m+o1nFRt4XHe6urhH1ERdnHzIRRgbCFn/3DI+7nO1RZ3
ln4SXdQqTITNStr89IcAx+86HExhNgZmUXJVhYNepx/THS1PCRgERysoHWr+taNa
8XNKI/KQAAA9J4U+1HCSu5djZV8U40fuQs3waQ5qMky79Nl+ZE7G7taE757M9I0z
ZSETryYRNOrl4/+afVbXrPxnY+592JuDzA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 21:41:23 2025 by rpki-client