Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/ZWH5dik-57qT_VKYcibYh0fZMes.roa
File: ZWH5dik-57qT_VKYcibYh0fZMes.roa (raw, json)
Hash identifier: V4HyXcC7GD93JW+xBhzBdGWwVycZxFz98efL+J+3t6c=
Subject key identifier: 65:61:F9:76:29:3E:E7:BA:93:FD:52:98:72:26:D8:87:47:D9:31:EB
Certificate issuer: /CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Certificate serial: 01941F8C5ED1DEFCED03880F2B8DCBFA232C
Authority key identifier: EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/ZWH5dik-57qT_VKYcibYh0fZMes.roa
Signing time: Wed 01 Jan 2025 01:48:00 +0000
ROA not before: Wed 01 Jan 2025 01:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44477
IP address blocks: 92.240.201.0/24 maxlen: 24
92.240.205.0/24 maxlen: 24
92.240.214.0/24 maxlen: 24
92.240.216.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:5e:d1:de:fc:ed:03:88:0f:2b:8d:cb:fa:23:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Validity
Not Before: Jan 1 01:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6561f976293ee7ba93fd52987226d88747d931eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:95:40:d5:6c:d9:ab:25:0d:4c:8b:39:44:76:
3e:fb:49:19:0c:d6:4a:43:cd:bb:f6:44:8e:5e:22:
9c:8e:51:44:55:51:8b:c1:2b:e6:91:c6:81:2f:2c:
66:77:8f:42:e5:26:a0:ff:d8:3e:9d:cf:06:f0:a7:
b5:0f:5f:46:73:8e:b6:62:81:c5:53:b5:01:d1:c5:
a4:fa:4b:c1:ae:a8:4f:df:a8:68:3e:bb:68:4b:5f:
34:6b:fa:4e:41:06:58:86:4a:2c:fc:44:9b:e6:03:
15:4a:6e:8c:1c:f2:4c:eb:aa:2e:6a:82:c4:07:da:
16:b3:e5:59:b6:40:13:ef:9b:a1:e9:f0:d2:2a:67:
f6:cf:f9:85:73:b4:2f:37:03:7f:b7:c1:d3:b7:4e:
15:f7:89:b3:eb:ab:c9:e8:a8:ea:2e:08:1e:c9:f7:
a0:7a:c8:88:31:83:c3:ad:91:87:a9:05:65:e2:5e:
ff:d1:d5:62:d8:45:d0:cb:fe:e0:fd:9c:8b:07:26:
c4:43:80:3e:58:35:8a:71:cb:d5:fe:6d:99:c2:c1:
ee:26:ba:f1:4d:5a:cd:fd:cd:de:df:8a:73:8e:9a:
ec:90:c7:4c:c6:c9:27:88:40:3d:02:66:f0:78:b1:
96:52:e8:ae:83:80:dc:5b:49:7b:7e:bc:19:37:3a:
ce:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:61:F9:76:29:3E:E7:BA:93:FD:52:98:72:26:D8:87:47:D9:31:EB
X509v3 Authority Key Identifier:
keyid:EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/ZWH5dik-57qT_VKYcibYh0fZMes.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.240.201.0/24
92.240.205.0/24
92.240.214.0/24
92.240.216.0/24
Signature Algorithm: sha256WithRSAEncryption
08:84:6f:91:f2:02:f3:d8:82:12:64:98:83:51:ab:c0:cf:be:
79:c2:db:0b:3c:6a:72:81:cb:68:e3:7d:ae:b7:db:8c:13:85:
b5:1d:dd:f9:d6:3d:ad:7a:4e:ff:0c:25:f8:fd:a1:0e:99:aa:
1f:53:1e:ba:11:7d:85:aa:ae:ba:d7:ed:c2:02:18:74:09:94:
3c:e2:5d:0b:a2:8f:02:a7:93:19:05:00:fd:1e:d9:a1:af:78:
3e:0f:85:94:92:f8:c7:1c:b3:11:9a:6e:39:1d:94:f8:9b:6b:
5f:17:9b:db:8a:02:dc:e5:c0:cc:5d:46:b6:53:bf:38:fb:9f:
a5:12:c5:22:71:bd:4e:74:84:85:ba:b5:2c:0f:5a:b3:40:46:
b7:66:ab:2c:5e:34:af:73:f8:b1:bd:ae:94:2b:e6:f2:e2:55:
7f:74:ab:77:b3:62:9e:e4:e7:6f:a9:0d:42:41:cd:c4:98:f5:
bc:2c:e3:55:87:33:1f:f6:aa:4f:80:bf:3e:53:45:7c:df:f3:
c1:18:a0:af:03:b1:45:c5:e4:cc:20:0b:a4:6c:a3:de:4b:25:
1c:cf:e0:82:25:62:04:2d:75:51:d4:a1:19:c3:23:0e:db:5f:
c5:05:e2:9d:f5:17:8a:e7:e0:86:52:e1:cb:34:f6:ce:b6:3d:
19:56:06:32
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQfjF7R3vztA4gPK43L+iMsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTdjMmQ5ZDkzYWM3Y2Y5YjJmMTdjYWE3ODU5YjY5ODVi
MzliOWQwHhcNMjUwMTAxMDE0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTYxZjk3NjI5M2VlN2JhOTNmZDUyOTg3MjI2ZDg4NzQ3ZDkzMWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpVA1WzZqyUNTIs5RHY++0kZDNZK
Q8279kSOXiKcjlFEVVGLwSvmkcaBLyxmd49C5Sag/9g+nc8G8Ke1D19Gc462YoHF
U7UB0cWk+kvBrqhP36hoPrtoS180a/pOQQZYhkos/ESb5gMVSm6MHPJM66ouaoLE
B9oWs+VZtkAT75uh6fDSKmf2z/mFc7QvNwN/t8HTt04V94mz66vJ6KjqLggeyfeg
esiIMYPDrZGHqQVl4l7/0dVi2EXQy/7g/ZyLBybEQ4A+WDWKccvV/m2ZwsHuJrrx
TVrN/c3e34pzjprskMdMxskniEA9AmbweLGWUuiug4DcW0l7frwZNzrObwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGVh+XYpPue6k/1SmHIm2IdH2THrMB8GA1UdIwQY
MBaAFO9XwtnZOsfPmy8XyqeFm2mFs5udMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2Njct
OGU2Zjg3OGRiNWY0LzEvWldINWRpay01N3FUX1ZLWWNpYlloMGZaTWVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2NjctOGU2Zjg3OGRiNWY0
LzEvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAXPDJAwQA
XPDNAwQAXPDWAwQAXPDYMA0GCSqGSIb3DQEBCwUAA4IBAQAIhG+R8gLz2IISZJiD
UavAz755wtsLPGpygcto432ut9uME4W1Hd351j2tek7/DCX4/aEOmaofUx66EX2F
qq661+3CAhh0CZQ84l0Loo8Cp5MZBQD9Htmhr3g+D4WUkvjHHLMRmm45HZT4m2tf
F5vbigLc5cDMXUa2U784+5+lEsUicb1OdISFurUsD1qzQEa3ZqssXjSvc/ixva6U
K+by4lV/dKt3s2Ke5OdvqQ1CQc3EmPW8LONVhzMf9qpPgL8+U0V83/PBGKCvA7FF
xeTMIAukbKPeSyUcz+CCJWIELXVR1KEZwyMO21/FBeKd9ReK5+CGUuHLNPbOtj0Z
VgYy
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:28:44 2025 by rpki-client