Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/2ZYVCHlVP79fGQDnUrmsC7N7n-A.roa
File: 2ZYVCHlVP79fGQDnUrmsC7N7n-A.roa (raw, json)
Hash identifier: K2aFrZIoX9SmdcEF5JzKuoA3IcG5HQKJ3ewD9wnPQMA=
Subject key identifier: D9:96:15:08:79:55:3F:BF:5F:19:00:E7:52:B9:AC:0B:B3:7B:9F:E0
Certificate issuer: /CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Certificate serial: 01956A65EED3D6210532AD649727DD1736C6
Authority key identifier: 1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/2ZYVCHlVP79fGQDnUrmsC7N7n-A.roa
Signing time: Thu 06 Mar 2025 07:40:19 +0000
ROA not before: Thu 06 Mar 2025 07:40:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5065
IP address blocks: 194.116.234.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6a:65:ee:d3:d6:21:05:32:ad:64:97:27:dd:17:36:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Validity
Not Before: Mar 6 07:40:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d996150879553fbf5f1900e752b9ac0bb37b9fe0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a4:1c:a0:19:94:a4:f1:f5:79:37:da:ca:66:
bb:2b:2d:45:0f:a5:8f:94:94:c2:d5:a4:68:0e:3a:
b1:e2:bd:d8:10:2c:a5:d0:c3:29:aa:55:91:2a:41:
dc:42:72:98:66:58:ea:eb:d6:42:23:5e:49:84:14:
81:00:8c:9b:08:a5:c3:2c:9a:fa:d0:35:3c:2a:27:
40:fe:85:80:fa:fb:61:25:c1:0c:8f:fc:f9:da:9d:
41:a2:28:d4:f3:10:01:e7:f5:bb:b6:32:70:a7:37:
e4:4b:47:d0:e7:3f:bf:58:51:4a:44:c9:37:28:2b:
42:4b:e6:c8:fc:65:22:3e:a8:ef:28:bb:56:5a:25:
9a:df:36:fe:bb:04:b0:33:f7:4f:ab:fa:af:40:fa:
33:b6:33:f2:08:fb:f3:14:84:a3:19:4d:f0:cf:5d:
1c:24:83:61:b0:fb:df:92:1c:1f:0e:38:77:57:a8:
c9:da:ab:d9:d3:19:79:13:c9:64:59:fa:0e:44:5b:
28:75:76:74:5e:6d:39:6b:e8:78:b9:6a:21:49:9e:
55:8c:ba:1b:dc:b6:04:09:e0:f8:2f:3b:bb:d4:8b:
34:bd:6c:e9:db:37:68:37:d7:67:e1:66:4e:a8:91:
3f:23:e9:43:d8:09:70:54:fa:1f:c1:bb:43:65:20:
ff:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:96:15:08:79:55:3F:BF:5F:19:00:E7:52:B9:AC:0B:B3:7B:9F:E0
X509v3 Authority Key Identifier:
keyid:1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/2ZYVCHlVP79fGQDnUrmsC7N7n-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/HHrXdUeV3dYF8og4u3zDWd96Jmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.116.234.0/24
Signature Algorithm: sha256WithRSAEncryption
56:d5:25:b6:0a:2a:8b:d8:38:6f:d2:d4:2d:68:8a:c5:e3:13:
6d:11:db:90:aa:c2:14:d1:dd:dd:74:9e:19:60:5b:63:59:1d:
e8:33:8b:54:6e:f3:73:f7:f8:c0:81:58:22:d7:1b:b0:5f:11:
2b:ef:2d:0b:b5:50:99:db:71:00:7b:b5:32:1c:0a:cd:9f:a4:
d5:21:54:80:48:31:88:da:2f:c7:5f:42:c6:d4:20:8c:01:82:
ef:8d:06:44:bf:bd:d3:63:bb:f1:75:88:0c:77:05:4d:45:6c:
74:8b:ac:3b:d8:fe:b3:c1:e8:1c:fb:0f:8e:24:b9:68:24:84:
41:b7:8c:9e:f6:5b:7a:94:3e:6a:e0:cd:88:a4:f5:69:b2:d6:
45:f3:8e:01:16:a6:6f:52:76:69:cc:d8:c4:1a:f7:b1:89:8a:
13:db:9d:52:c4:d1:c5:95:86:95:98:cf:ca:35:1d:99:3d:1c:
2b:46:e6:13:08:f4:9f:47:1e:08:13:80:d8:af:38:14:89:37:
c3:01:95:54:3e:9a:a8:bb:24:87:22:03:0f:ed:78:a9:37:2c:
dc:44:89:40:b0:e6:3e:c0:0b:76:d6:dd:5e:6e:23:79:16:aa:
76:46:4d:23:75:62:c9:81:13:e2:48:79:3b:7c:e3:66:68:b7:
59:e2:41:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVqZe7T1iEFMq1klyfdFzbGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjN2FkNzc1NDc5NWRkZDYwNWYyODgzOGJiN2NjMzU5ZGY3
YTI2NmEwHhcNMjUwMzA2MDc0MDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTk2MTUwODc5NTUzZmJmNWYxOTAwZTc1MmI5YWMwYmIzN2I5ZmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqQcoBmUpPH1eTfayma7Ky1FD6WP
lJTC1aRoDjqx4r3YECyl0MMpqlWRKkHcQnKYZljq69ZCI15JhBSBAIybCKXDLJr6
0DU8KidA/oWA+vthJcEMj/z52p1BoijU8xAB5/W7tjJwpzfkS0fQ5z+/WFFKRMk3
KCtCS+bI/GUiPqjvKLtWWiWa3zb+uwSwM/dPq/qvQPoztjPyCPvzFISjGU3wz10c
JINhsPvfkhwfDjh3V6jJ2qvZ0xl5E8lkWfoORFsodXZ0Xm05a+h4uWohSZ5VjLob
3LYECeD4Lzu71Is0vWzp2zdoN9dn4WZOqJE/I+lD2AlwVPofwbtDZSD/DQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNmWFQh5VT+/XxkA51K5rAuze5/gMB8GA1UdIwQY
MBaAFBx613VHld3WBfKIOLt8w1nfeiZqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhyWGRVZVYzZFlGOG9nNHUzekRXZDk2Sm1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9jNWE5ZTMtNjcyMi00YjZhLWJlNTgt
YWRhNWMyMGUzZjdiLzEvMlpZVkNIbFZQNzlmR1FEblVybXNDN043bi1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9jNWE5ZTMtNjcyMi00YjZhLWJlNTgtYWRhNWMyMGUzZjdi
LzEvSEhyWGRVZVYzZFlGOG9nNHUzekRXZDk2Sm1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwnTqMA0G
CSqGSIb3DQEBCwUAA4IBAQBW1SW2CiqL2Dhv0tQtaIrF4xNtEduQqsIU0d3ddJ4Z
YFtjWR3oM4tUbvNz9/jAgVgi1xuwXxEr7y0LtVCZ23EAe7UyHArNn6TVIVSASDGI
2i/HX0LG1CCMAYLvjQZEv73TY7vxdYgMdwVNRWx0i6w72P6zwegc+w+OJLloJIRB
t4ye9lt6lD5q4M2IpPVpstZF844BFqZvUnZpzNjEGvexiYoT251SxNHFlYaVmM/K
NR2ZPRwrRuYTCPSfRx4IE4DYrzgUiTfDAZVUPpqouySHIgMP7XipNyzcRIlAsOY+
wAt21t1ebiN5Fqp2Rk0jdWLJgRPiSHk7fONmaLdZ4kFB
-----END CERTIFICATE-----
Generated at Mon Apr 7 10:31:15 2025 by rpki-client