Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/ZwkYd639lfe2-jjePABHprlJMh0.roa
File: ZwkYd639lfe2-jjePABHprlJMh0.roa (raw, json)
Hash identifier: pASW44lXtg8VA12ndK2M2ZOyoSyACOga1y1e0UOuU8k=
Subject key identifier: 67:09:18:77:AD:FD:95:F7:B6:FA:38:DE:3C:00:47:A6:B9:49:32:1D
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 019112456A5A100A231608F0872EDEC4B85E
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/ZwkYd639lfe2-jjePABHprlJMh0.roa
Signing time: Fri 02 Aug 2024 08:47:04 +0000
ROA not before: Fri 02 Aug 2024 08:47:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400866
IP address blocks: 89.34.171.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:12:45:6a:5a:10:0a:23:16:08:f0:87:2e:de:c4:b8:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Aug 2 08:47:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67091877adfd95f7b6fa38de3c0047a6b949321d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ee:43:96:7c:b3:05:30:92:ee:ef:42:b5:e1:
c4:09:54:c3:37:de:db:fc:49:00:de:9f:dc:4d:c8:
45:e6:40:f5:b2:87:79:bc:02:7a:b7:a1:c0:83:5a:
c8:16:7c:7b:de:d0:fd:2e:77:4d:5b:a6:01:83:4f:
fa:7c:de:30:df:8f:c2:9f:20:25:93:8a:76:b5:6a:
3a:99:9e:f6:bf:4b:72:b9:88:d3:6d:85:ba:6c:09:
6f:0e:3e:00:a1:34:8c:01:a0:d6:e9:32:9b:fc:5d:
81:d9:32:20:47:69:0a:07:a7:9d:17:bc:74:ec:5d:
e2:e8:75:62:a5:c0:d2:f9:1f:00:1b:3d:46:df:b9:
f5:4f:00:b3:42:5d:fb:84:67:91:8b:e3:88:5e:4f:
96:89:34:ff:40:3b:7a:12:e7:a8:d9:41:30:57:c3:
63:f6:b5:53:42:2b:fc:27:97:a2:70:a9:aa:de:fe:
70:55:77:a2:59:21:22:80:49:2a:05:02:00:0f:06:
11:82:42:b4:d7:d4:28:2b:20:4b:62:d5:38:16:2d:
0e:27:1d:6f:30:d8:1f:e6:04:fc:6b:f0:6a:9f:38:
1c:04:da:3f:d5:9e:3c:bb:3f:46:83:cb:73:a0:93:
06:f3:1f:41:ac:87:c4:0d:7c:3e:f2:ce:84:27:6d:
2e:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:09:18:77:AD:FD:95:F7:B6:FA:38:DE:3C:00:47:A6:B9:49:32:1D
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/ZwkYd639lfe2-jjePABHprlJMh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.171.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:72:97:53:06:7f:83:7f:12:c5:fc:17:a6:9d:20:03:ba:84:
7d:75:c7:06:8c:57:95:04:b8:c2:44:a7:ee:ea:6b:bd:4a:d0:
8d:40:32:b8:89:08:62:5a:bf:c7:a6:9f:29:e7:e8:45:d2:b2:
6e:c4:9d:7c:c3:9a:14:0c:f2:fd:ac:1d:f0:71:f2:04:ab:08:
13:cf:d5:cf:77:30:eb:a6:ce:e9:06:dd:8c:92:41:1b:08:81:
d4:99:10:de:fd:d0:cc:80:82:0d:6d:ff:a9:12:16:7a:06:11:
33:8a:b1:d4:59:fd:e6:3f:11:d7:97:98:f4:98:e9:61:9d:5d:
cd:bb:4f:45:18:13:f0:c2:0c:9c:f3:f1:c7:27:ea:d4:1d:cb:
e9:cd:70:17:c5:67:c4:99:a9:33:f6:dd:b6:93:bd:18:1c:c3:
f8:dd:80:a5:a9:ac:88:a0:16:13:58:ee:e8:6b:04:ef:f9:48:
3a:7a:07:42:20:8d:4c:7e:bd:49:6a:b5:1f:e1:c9:ac:f2:05:
64:e2:48:cd:a5:30:e6:34:8a:e8:b4:28:e9:04:87:c5:a5:6c:
d2:ce:22:79:4a:a3:44:a5:9c:f8:67:89:37:20:29:35:e6:8d:
50:17:b7:b5:7b:ee:de:1c:b7:d0:8f:7c:1f:0d:6b:a2:77:1f:
09:a0:b0:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZESRWpaEAojFgjwhy7exLheMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwODAyMDg0NzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzA5MTg3N2FkZmQ5NWY3YjZmYTM4ZGUzYzAwNDdhNmI5NDkzMjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApO5DlnyzBTCS7u9CteHECVTDN97b
/EkA3p/cTchF5kD1sod5vAJ6t6HAg1rIFnx73tD9LndNW6YBg0/6fN4w34/CnyAl
k4p2tWo6mZ72v0tyuYjTbYW6bAlvDj4AoTSMAaDW6TKb/F2B2TIgR2kKB6edF7x0
7F3i6HVipcDS+R8AGz1G37n1TwCzQl37hGeRi+OIXk+WiTT/QDt6Eueo2UEwV8Nj
9rVTQiv8J5eicKmq3v5wVXeiWSEigEkqBQIADwYRgkK019QoKyBLYtU4Fi0OJx1v
MNgf5gT8a/BqnzgcBNo/1Z48uz9Gg8tzoJMG8x9BrIfEDXw+8s6EJ20uMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGcJGHet/ZX3tvo43jwAR6a5STIdMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvWndrWWQ2MzlsZmUyLWpqZVBBQkhwcmxKTWgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSKrMA0G
CSqGSIb3DQEBCwUAA4IBAQA+cpdTBn+DfxLF/BemnSADuoR9dccGjFeVBLjCRKfu
6mu9StCNQDK4iQhiWr/Hpp8p5+hF0rJuxJ18w5oUDPL9rB3wcfIEqwgTz9XPdzDr
ps7pBt2MkkEbCIHUmRDe/dDMgIINbf+pEhZ6BhEzirHUWf3mPxHXl5j0mOlhnV3N
u09FGBPwwgyc8/HHJ+rUHcvpzXAXxWfEmakz9t22k70YHMP43YClqayIoBYTWO7o
awTv+Ug6egdCII1Mfr1JarUf4cms8gVk4kjNpTDmNIrotCjpBIfFpWzSziJ5SqNE
pZz4Z4k3ICk15o1QF7e1e+7eHLfQj3wfDWuidx8JoLDO
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:15 2025 by rpki-client