Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/3dbd39-5f9f-48fb-9c01-bd6e3b026c37/1/cz_i6inXtcUIjcIN9oJWb2HinvM.roa
File: cz_i6inXtcUIjcIN9oJWb2HinvM.roa (raw, json)
Hash identifier: PQ0BLB4sI2B91vehL/dzDGr3GUpFGQqMElA5h/dx7n8=
Subject key identifier: 73:3F:E2:EA:29:D7:B5:C5:08:8D:C2:0D:F6:82:56:6F:61:E2:9E:F3
Certificate issuer: /CN=31db847d1db1e0b2c2c25502210ff5a719967a19
Certificate serial: 019424B3F14829DCE689A566C3C9D57BC7A2
Authority key identifier: 31:DB:84:7D:1D:B1:E0:B2:C2:C2:55:02:21:0F:F5:A7:19:96:7A:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MduEfR2x4LLCwlUCIQ_1pxmWehk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/3dbd39-5f9f-48fb-9c01-bd6e3b026c37/1/cz_i6inXtcUIjcIN9oJWb2HinvM.roa
Signing time: Thu 02 Jan 2025 01:49:19 +0000
ROA not before: Thu 02 Jan 2025 01:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 140224
IP address blocks: 185.238.212.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:f1:48:29:dc:e6:89:a5:66:c3:c9:d5:7b:c7:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31db847d1db1e0b2c2c25502210ff5a719967a19
Validity
Not Before: Jan 2 01:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=733fe2ea29d7b5c5088dc20df682566f61e29ef3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:77:cd:a7:4f:86:40:ab:60:ce:41:99:06:cd:
94:2f:49:be:c9:8e:3d:24:5a:2d:a9:ad:e7:86:e4:
00:97:0d:4a:03:35:51:7e:52:09:22:96:7e:bc:ca:
b9:f8:0e:02:a4:19:64:3d:84:59:5d:0e:64:a5:cd:
d2:8b:5f:55:fd:c8:f0:97:dc:80:97:01:6b:44:a4:
55:bb:71:22:59:75:e8:c3:ec:66:b5:de:7f:9b:40:
b1:ee:9b:09:b0:45:01:e3:7f:89:5f:63:50:f8:f8:
80:47:f2:e1:f9:7e:53:7e:a6:06:3f:1d:56:18:b9:
30:7b:cf:96:e9:aa:1b:57:15:02:5c:bf:fd:4f:12:
dc:6c:36:f6:16:b2:d4:ec:77:a8:e7:9b:43:e0:40:
1b:38:b0:1e:5a:d4:5e:a6:fc:f2:d7:f8:0a:e5:e3:
8b:29:85:dd:f3:71:5f:a3:c4:39:5c:d7:50:54:4f:
98:7b:a1:f2:59:04:1d:c9:27:d9:bb:d7:3e:b9:29:
ae:4a:6d:8f:48:86:e5:e1:2f:cd:46:d0:c8:12:19:
a9:73:cf:2a:63:b4:e7:f4:8a:e3:a5:d5:1b:d1:1d:
30:98:02:97:3d:25:ad:30:15:72:7d:96:57:5d:6d:
08:34:16:c1:60:d3:66:39:8a:e3:45:c6:86:bf:19:
ab:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:3F:E2:EA:29:D7:B5:C5:08:8D:C2:0D:F6:82:56:6F:61:E2:9E:F3
X509v3 Authority Key Identifier:
keyid:31:DB:84:7D:1D:B1:E0:B2:C2:C2:55:02:21:0F:F5:A7:19:96:7A:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MduEfR2x4LLCwlUCIQ_1pxmWehk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/3dbd39-5f9f-48fb-9c01-bd6e3b026c37/1/cz_i6inXtcUIjcIN9oJWb2HinvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/3dbd39-5f9f-48fb-9c01-bd6e3b026c37/1/MduEfR2x4LLCwlUCIQ_1pxmWehk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.212.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:02:f0:d0:55:fc:e5:8b:3f:9f:28:4d:ba:de:df:95:e8:f7:
3b:f5:5d:36:47:cb:e8:4e:7d:60:c6:33:86:72:f4:7e:7e:7e:
3e:9c:98:b2:08:08:cd:0b:43:5e:35:48:e5:6e:82:24:82:7d:
e8:cd:b7:20:34:bc:2a:18:4f:43:99:ca:e5:cb:02:a4:7a:bc:
ce:12:ec:f7:61:86:1c:04:5f:44:83:8e:5b:8c:a0:95:1e:38:
64:a7:21:7c:de:5e:93:ee:5c:b3:7d:3d:e7:52:38:f6:f4:7a:
1b:12:be:00:65:7d:68:18:0c:c3:a6:b4:66:da:6b:06:6d:95:
b5:b9:02:78:bd:40:4f:88:80:92:cd:8a:5d:74:04:2c:44:78:
eb:d3:c2:f6:c8:d5:1e:a5:ff:64:ee:31:5d:68:69:be:76:56:
ec:f2:39:e8:02:a3:20:bf:78:e7:55:92:36:23:11:6a:09:64:
ce:0b:72:f9:64:a0:04:55:fb:34:62:35:1e:db:8b:a3:12:a7:
bb:18:03:ad:44:4c:d9:53:77:07:4d:db:62:91:a5:99:6b:65:
58:ba:40:b6:0f:32:dd:a0:4b:11:05:67:62:eb:46:c1:0a:a5:
0f:d7:8b:10:71:ee:db:be:ac:7c:f2:15:5e:f4:92:fa:1e:2a:
b3:5f:19:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks/FIKdzmiaVmw8nVe8eiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZGI4NDdkMWRiMWUwYjJjMmMyNTUwMjIxMGZmNWE3MTk5
NjdhMTkwHhcNMjUwMTAyMDE0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzNmZTJlYTI5ZDdiNWM1MDg4ZGMyMGRmNjgyNTY2ZjYxZTI5ZWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz3fNp0+GQKtgzkGZBs2UL0m+yY49
JFotqa3nhuQAlw1KAzVRflIJIpZ+vMq5+A4CpBlkPYRZXQ5kpc3Si19V/cjwl9yA
lwFrRKRVu3EiWXXow+xmtd5/m0Cx7psJsEUB43+JX2NQ+PiAR/Lh+X5TfqYGPx1W
GLkwe8+W6aobVxUCXL/9TxLcbDb2FrLU7Heo55tD4EAbOLAeWtRepvzy1/gK5eOL
KYXd83Ffo8Q5XNdQVE+Ye6HyWQQdySfZu9c+uSmuSm2PSIbl4S/NRtDIEhmpc88q
Y7Tn9IrjpdUb0R0wmAKXPSWtMBVyfZZXXW0INBbBYNNmOYrjRcaGvxmrowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHM/4uop17XFCI3CDfaCVm9h4p7zMB8GA1UdIwQY
MBaAFDHbhH0dseCywsJVAiEP9acZlnoZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWR1RWZSMng0TExDd2xVQ0lRXzFweG1XZWhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi8zZGJkMzktNWY5Zi00OGZiLTljMDEt
YmQ2ZTNiMDI2YzM3LzEvY3pfaTZpblh0Y1VJamNJTjlvSldiMkhpbnZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi8zZGJkMzktNWY5Zi00OGZiLTljMDEtYmQ2ZTNiMDI2YzM3
LzEvTWR1RWZSMng0TExDd2xVQ0lRXzFweG1XZWhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBue7UMA0G
CSqGSIb3DQEBCwUAA4IBAQAtAvDQVfzliz+fKE263t+V6Pc79V02R8voTn1gxjOG
cvR+fn4+nJiyCAjNC0NeNUjlboIkgn3ozbcgNLwqGE9DmcrlywKkerzOEuz3YYYc
BF9Eg45bjKCVHjhkpyF83l6T7lyzfT3nUjj29HobEr4AZX1oGAzDprRm2msGbZW1
uQJ4vUBPiICSzYpddAQsRHjr08L2yNUepf9k7jFdaGm+dlbs8jnoAqMgv3jnVZI2
IxFqCWTOC3L5ZKAEVfs0YjUe24ujEqe7GAOtREzZU3cHTdtikaWZa2VYukC2DzLd
oEsRBWdi60bBCqUP14sQce7bvqx88hVe9JL6HiqzXxkB
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:09:08 2025 by rpki-client