Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/ZFhZ1BqFreky-hMCFILR09_VVoM.roa
File: ZFhZ1BqFreky-hMCFILR09_VVoM.roa (raw, json)
Hash identifier: qamEtLvOwpZ40vLyeg6d8oLlWWQ1GcUWvt7i4vqtvFc=
Subject key identifier: 64:58:59:D4:1A:85:AD:E9:32:FA:13:02:14:82:D1:D3:DF:D5:56:83
Certificate issuer: /CN=89a041670001660a3720b77d764d836852190138
Certificate serial: 01942521E01BC9424A58A571A9194D6666CE
Authority key identifier: 89:A0:41:67:00:01:66:0A:37:20:B7:7D:76:4D:83:68:52:19:01:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/ZFhZ1BqFreky-hMCFILR09_VVoM.roa
Signing time: Thu 02 Jan 2025 03:49:24 +0000
ROA not before: Thu 02 Jan 2025 03:49:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209961
IP address blocks: 95.128.152.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:e0:1b:c9:42:4a:58:a5:71:a9:19:4d:66:66:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89a041670001660a3720b77d764d836852190138
Validity
Not Before: Jan 2 03:49:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=645859d41a85ade932fa13021482d1d3dfd55683
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ee:31:1e:f7:2a:de:44:95:43:54:b4:04:ae:
4f:f6:32:e0:ed:5a:c1:f2:03:99:a3:b0:24:ef:7a:
25:77:a6:a1:6d:e6:ca:d4:99:15:83:d7:ff:93:12:
c9:50:88:51:be:aa:b3:b1:2a:3c:3d:48:6b:86:c0:
dc:08:8b:4d:b8:30:7c:35:74:79:7e:4c:52:56:50:
d4:70:e3:b2:e9:2a:cf:ec:56:54:28:b2:37:d0:95:
5f:e1:22:1b:bb:68:b6:ad:a9:5c:87:44:e5:d7:79:
32:3f:08:42:59:22:60:d1:cb:b5:3e:42:b0:47:36:
5c:47:47:ff:56:07:6f:d4:9b:ba:a3:ff:06:3b:fb:
46:2a:2d:7a:e7:d6:bf:d8:92:43:00:00:39:a0:2a:
3a:fe:a4:92:80:03:bf:0a:36:7d:ed:ad:93:bb:71:
30:d5:3d:7a:33:6c:2e:0c:e0:d2:aa:bd:12:a2:d5:
80:b2:71:d8:64:d5:cd:e0:4e:40:40:b1:50:4d:42:
b0:8f:ab:c8:32:38:6b:a0:eb:ad:9c:1c:e1:8c:ff:
50:12:6a:5b:06:f2:a2:aa:91:96:ba:9d:31:b9:d7:
20:b1:94:77:27:1c:0d:c4:cd:79:99:4c:bf:24:38:
5e:5c:b5:a3:c5:ea:ff:ba:27:2c:16:80:10:6c:9d:
b5:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:58:59:D4:1A:85:AD:E9:32:FA:13:02:14:82:D1:D3:DF:D5:56:83
X509v3 Authority Key Identifier:
keyid:89:A0:41:67:00:01:66:0A:37:20:B7:7D:76:4D:83:68:52:19:01:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/ZFhZ1BqFreky-hMCFILR09_VVoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.128.152.0/24
Signature Algorithm: sha256WithRSAEncryption
35:aa:ca:73:2c:33:5d:52:05:5f:ba:88:4f:eb:33:d6:51:5a:
fa:a7:fd:0d:2f:43:ed:e9:16:64:e1:60:ce:1c:0e:77:aa:cd:
ee:ee:dc:50:4e:14:c1:5d:ff:b3:16:6e:5c:af:44:6b:b1:a8:
42:95:57:19:01:51:6b:2b:02:1b:fd:c0:f6:6b:d4:af:3b:44:
c3:c2:29:db:8f:75:c3:d7:7f:42:b9:9d:24:19:96:7b:ef:8d:
b7:a0:bf:37:c5:0b:74:21:66:94:f3:4f:7e:c4:35:bb:2b:39:
d5:1f:15:4f:2d:09:93:13:c3:d4:c5:99:64:bc:98:4c:8c:c1:
49:91:c9:8c:6b:22:96:d7:c3:87:0e:a9:9c:15:bb:2d:91:5a:
9b:6b:d6:20:9a:0b:e8:0f:36:95:47:62:a3:42:b8:a4:c4:a3:
9f:57:dc:10:28:df:4a:d6:0f:de:73:5e:48:40:98:23:64:75:
67:5b:7b:6e:41:78:96:cb:62:a0:98:78:df:1c:9f:1c:43:70:
a1:0b:cf:ed:2c:be:e5:1a:d1:e8:1d:ce:f1:d3:fa:94:ce:d0:
6f:a1:c6:e2:d6:74:df:0f:93:51:9f:01:eb:e2:6d:9b:06:53:
a0:7f:c0:85:33:7e:0c:79:9b:09:af:63:2a:6a:77:0f:ff:c6:
c8:03:25:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIeAbyUJKWKVxqRlNZmbOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YTA0MTY3MDAwMTY2MGEzNzIwYjc3ZDc2NGQ4MzY4NTIx
OTAxMzgwHhcNMjUwMTAyMDM0OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDU4NTlkNDFhODVhZGU5MzJmYTEzMDIxNDgyZDFkM2RmZDU1NjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlO4xHvcq3kSVQ1S0BK5P9jLg7VrB
8gOZo7Ak73old6ahbebK1JkVg9f/kxLJUIhRvqqzsSo8PUhrhsDcCItNuDB8NXR5
fkxSVlDUcOOy6SrP7FZUKLI30JVf4SIbu2i2ralch0Tl13kyPwhCWSJg0cu1PkKw
RzZcR0f/Vgdv1Ju6o/8GO/tGKi1659a/2JJDAAA5oCo6/qSSgAO/CjZ97a2Tu3Ew
1T16M2wuDODSqr0SotWAsnHYZNXN4E5AQLFQTUKwj6vIMjhroOutnBzhjP9QEmpb
BvKiqpGWup0xudcgsZR3JxwNxM15mUy/JDheXLWjxer/uicsFoAQbJ216wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGRYWdQaha3pMvoTAhSC0dPf1VaDMB8GA1UdIwQY
MBaAFImgQWcAAWYKNyC3fXZNg2hSGQE4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9kNDQ2OWEtMTNhOC00NzJjLWI0NmYt
NGJiNDE0NjIzYTE0LzEvWkZoWjFCcUZyZWt5LWhNQ0ZJTFIwOV9WVm9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9kNDQ2OWEtMTNhOC00NzJjLWI0NmYtNGJiNDE0NjIzYTE0
LzEvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX4CYMA0G
CSqGSIb3DQEBCwUAA4IBAQA1qspzLDNdUgVfuohP6zPWUVr6p/0NL0Pt6RZk4WDO
HA53qs3u7txQThTBXf+zFm5cr0RrsahClVcZAVFrKwIb/cD2a9SvO0TDwinbj3XD
139CuZ0kGZZ77423oL83xQt0IWaU809+xDW7KznVHxVPLQmTE8PUxZlkvJhMjMFJ
kcmMayKW18OHDqmcFbstkVqba9YgmgvoDzaVR2KjQrikxKOfV9wQKN9K1g/ec15I
QJgjZHVnW3tuQXiWy2KgmHjfHJ8cQ3ChC8/tLL7lGtHoHc7x0/qUztBvocbi1nTf
D5NRnwHr4m2bBlOgf8CFM34MeZsJr2MqancP/8bIAyWS
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:17:35 2025 by rpki-client