Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ZPJoL4GnspvwEYHOxsUe5-cJq2Y.roa
File: ZPJoL4GnspvwEYHOxsUe5-cJq2Y.roa (raw, json)
Hash identifier: D8WnHhBFKxJqsE15bHSsIKGtu3MFpyQNJSQx4bwIOQA=
Subject key identifier: 64:F2:68:2F:81:A7:B2:9B:F0:11:81:CE:C6:C5:1E:E7:E7:09:AB:66
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0194ACDA4FFD782F665C28918C2B1B405BD3
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ZPJoL4GnspvwEYHOxsUe5-cJq2Y.roa
Signing time: Tue 28 Jan 2025 12:19:36 +0000
ROA not before: Tue 28 Jan 2025 12:19:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213035
IP address blocks: 194.87.132.0/24 maxlen: 24
195.133.16.0/24 maxlen: 24
212.192.216.0/24 maxlen: 24
212.192.240.0/24 maxlen: 24
212.192.243.0/24 maxlen: 24
212.193.29.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ac:da:4f:fd:78:2f:66:5c:28:91:8c:2b:1b:40:5b:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 28 12:19:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=64f2682f81a7b29bf01181cec6c51ee7e709ab66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:98:75:c8:c8:3f:05:18:0c:b8:f0:e8:c7:ee:
b6:69:21:1e:66:3a:7a:10:52:4b:9e:5b:49:8b:d2:
c5:59:41:90:f2:6b:b8:f7:cf:e8:c7:0e:19:9b:69:
74:9a:fe:59:ee:6b:51:23:98:7a:54:8f:78:a5:20:
ad:90:ef:c9:64:9c:cc:30:48:28:88:ce:47:f6:9a:
b8:17:ca:fb:87:06:40:7d:e8:13:3c:81:f6:cb:70:
62:7b:98:a6:72:4a:14:d0:6c:da:6f:0b:b8:57:a1:
2d:2e:ef:2c:22:91:18:35:8d:97:19:22:cd:24:7d:
d0:53:4c:cb:a8:4f:cc:91:03:ed:ee:b5:7a:22:d0:
99:32:ee:17:2a:7c:2e:ed:b8:83:0a:4f:4b:96:e3:
cb:eb:92:9d:b4:65:48:f8:4a:43:9d:db:c6:a3:d1:
73:c6:d9:29:bb:f7:cf:e7:8b:1a:fa:12:16:0e:41:
ac:cb:db:f0:52:d2:ef:2c:04:7b:8a:61:48:6c:45:
1a:a5:09:f0:5b:7a:ef:7a:b2:ba:5e:87:3d:a3:d8:
e6:14:dd:1d:8e:bd:bc:31:33:62:7f:d4:93:9b:76:
6c:24:49:08:b0:c2:94:8e:d6:56:36:57:54:9f:c3:
8a:55:d1:75:71:b8:a5:1f:f7:0c:29:91:51:96:3e:
9e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:F2:68:2F:81:A7:B2:9B:F0:11:81:CE:C6:C5:1E:E7:E7:09:AB:66
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ZPJoL4GnspvwEYHOxsUe5-cJq2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.132.0/24
195.133.16.0/24
212.192.216.0/24
212.192.240.0/24
212.192.243.0/24
212.193.29.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:43:f7:6b:3d:b6:dc:e4:8a:d6:33:a1:ec:87:20:3e:56:65:
77:45:89:e7:14:65:b1:ce:ea:03:d8:92:07:ec:e8:84:39:e6:
a3:fc:a3:d0:4d:b7:3c:ea:e6:73:8f:eb:f8:4b:53:b6:c0:ca:
61:19:ad:d7:1c:3d:87:80:c9:38:05:c1:ab:bb:77:89:eb:a9:
43:26:39:1f:4f:70:d6:59:29:7a:8f:da:d8:6c:67:4f:6c:af:
2d:d5:60:69:fe:99:11:b4:cc:9a:0c:9e:7d:04:d1:a2:55:80:
31:ed:b2:36:fc:1c:71:ef:bb:a8:81:1b:56:a4:fb:a0:7a:46:
7d:7f:22:17:ec:16:5f:67:83:f1:fd:9c:ff:9e:b5:b6:c7:3f:
8a:03:22:3c:e4:a2:0f:bc:2a:4a:2e:07:73:a7:35:f2:f5:9f:
88:1e:5a:43:9a:90:a3:a5:69:b7:f6:63:03:50:8a:a5:20:db:
47:fc:fa:9f:e1:42:26:9b:81:31:08:14:38:46:f9:43:0f:b1:
ea:6d:9e:a7:fe:12:3e:5d:8f:57:76:d4:cc:d6:58:fd:f3:e5:
80:ec:b6:69:c7:1e:71:39:3c:5b:32:c7:5d:a4:83:4d:ba:88:
85:e2:09:e6:8d:50:43:80:90:ab:0f:7c:26:a7:49:0b:0a:03:
74:48:b7:7b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZSs2k/9eC9mXCiRjCsbQFvTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMTI4MTIxOTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGYyNjgyZjgxYTdiMjliZjAxMTgxY2VjNmM1MWVlN2U3MDlhYjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnph1yMg/BRgMuPDox+62aSEeZjp6
EFJLnltJi9LFWUGQ8mu498/oxw4Zm2l0mv5Z7mtRI5h6VI94pSCtkO/JZJzMMEgo
iM5H9pq4F8r7hwZAfegTPIH2y3Bie5imckoU0Gzabwu4V6EtLu8sIpEYNY2XGSLN
JH3QU0zLqE/MkQPt7rV6ItCZMu4XKnwu7biDCk9LluPL65KdtGVI+EpDndvGo9Fz
xtkpu/fP54sa+hIWDkGsy9vwUtLvLAR7imFIbEUapQnwW3rverK6Xoc9o9jmFN0d
jr28MTNif9STm3ZsJEkIsMKUjtZWNldUn8OKVdF1cbilH/cMKZFRlj6esQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGTyaC+Bp7Kb8BGBzsbFHufnCatmMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWlBKb0w0R25zcHZ3RVlIT3hzVWU1LWNKcTJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwleEAwQA
w4UQAwQA1MDYAwQA1MDwAwQA1MDzAwQA1MEdMA0GCSqGSIb3DQEBCwUAA4IBAQBs
Q/drPbbc5IrWM6HshyA+VmV3RYnnFGWxzuoD2JIH7OiEOeaj/KPQTbc86uZzj+v4
S1O2wMphGa3XHD2HgMk4BcGru3eJ66lDJjkfT3DWWSl6j9rYbGdPbK8t1WBp/pkR
tMyaDJ59BNGiVYAx7bI2/Bxx77uogRtWpPugekZ9fyIX7BZfZ4Px/Zz/nrW2xz+K
AyI85KIPvCpKLgdzpzXy9Z+IHlpDmpCjpWm39mMDUIqlINtH/Pqf4UImm4ExCBQ4
RvlDD7HqbZ6n/hI+XY9XdtTM1lj98+WA7LZpxx5xOTxbMsddpINNuoiF4gnmjVBD
gJCrD3wmp0kLCgN0SLd7
-----END CERTIFICATE-----
Generated at Sat Apr 12 00:25:17 2025 by rpki-client