Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/2dec93-7b0a-4614-a059-f7e092ce2170/1/zz0zFx4P8KVz-0M_ISQU3arzU7M.roa
File: zz0zFx4P8KVz-0M_ISQU3arzU7M.roa (raw, json)
Hash identifier: plGpIIBk7oM4J3HYKFd01plJGs0KWiVdeWQMv1JAuM0=
Subject key identifier: CF:3D:33:17:1E:0F:F0:A5:73:FB:43:3F:21:24:14:DD:AA:F3:53:B3
Certificate issuer: /CN=a0db124ef35c222167894a5a5e93704a811c34ac
Certificate serial: 01856EC228F422DFEF5B29A7687B2DA3AE88
Authority key identifier: A0:DB:12:4E:F3:5C:22:21:67:89:4A:5A:5E:93:70:4A:81:1C:34:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNsSTvNcIiFniUpaXpNwSoEcNKw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/2dec93-7b0a-4614-a059-f7e092ce2170/1/zz0zFx4P8KVz-0M_ISQU3arzU7M.roa
Signing time: Sun 01 Jan 2023 19:14:56 +0000
ROA not before: Sun 01 Jan 2023 19:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60199
IP address blocks: 84.239.96.0/22 maxlen: 22
141.101.60.0/22 maxlen: 24
2a00:6900:10::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:28:f4:22:df:ef:5b:29:a7:68:7b:2d:a3:ae:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0db124ef35c222167894a5a5e93704a811c34ac
Validity
Not Before: Jan 1 19:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf3d33171e0ff0a573fb433f212414ddaaf353b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5b:23:0b:fa:25:9f:54:f4:8c:5f:7c:0a:0c:
28:46:fa:37:3b:c9:1a:a2:9f:06:0a:57:0d:4b:45:
8e:ba:77:fc:65:f9:6c:2c:1b:20:72:ea:50:e7:45:
d8:3c:41:97:f4:fa:a7:34:ea:60:1a:ae:80:01:d5:
b4:fb:ed:e5:6f:cc:41:8b:56:dd:cc:8f:3c:1d:61:
c1:7b:f0:73:6c:d2:67:ae:f3:d4:cb:16:5b:f4:b8:
aa:29:92:80:4d:4a:1a:d3:d3:6f:36:a2:ce:5e:78:
a6:00:8a:53:4b:00:90:d6:4b:69:91:01:d7:82:bf:
81:11:a9:9a:23:14:69:ab:d7:02:fe:bc:ce:c4:0a:
b1:67:14:3d:a9:66:5a:07:2d:33:04:74:ef:d4:1b:
4f:3d:5c:47:75:a7:ec:d5:e1:13:0f:f1:7c:2e:79:
c3:2d:bf:57:1b:95:3b:0e:74:c1:ad:57:ac:43:8d:
18:1e:76:d4:f4:17:bd:70:73:22:c2:bc:b0:69:06:
1b:70:77:03:1b:d9:e9:61:a9:1c:94:15:ba:fc:72:
6c:da:4c:7e:04:35:04:da:db:e7:c0:c3:23:9d:ab:
f6:e1:c7:82:89:16:51:eb:95:fe:b6:85:8e:6c:f0:
9d:ee:73:a4:3d:98:39:94:9c:5e:4d:21:f8:a0:63:
e8:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:3D:33:17:1E:0F:F0:A5:73:FB:43:3F:21:24:14:DD:AA:F3:53:B3
X509v3 Authority Key Identifier:
keyid:A0:DB:12:4E:F3:5C:22:21:67:89:4A:5A:5E:93:70:4A:81:1C:34:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNsSTvNcIiFniUpaXpNwSoEcNKw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/2dec93-7b0a-4614-a059-f7e092ce2170/1/zz0zFx4P8KVz-0M_ISQU3arzU7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/2dec93-7b0a-4614-a059-f7e092ce2170/1/oNsSTvNcIiFniUpaXpNwSoEcNKw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.239.96.0/22
141.101.60.0/22
IPv6:
2a00:6900:10::/48
Signature Algorithm: sha256WithRSAEncryption
48:2c:6c:f7:07:0d:70:55:b4:2b:e1:42:84:35:ef:05:51:54:
5b:f5:9e:e6:57:97:65:1e:6c:90:40:52:97:aa:7d:62:2b:2e:
43:69:09:98:aa:c0:80:f0:5a:e3:2f:ee:94:48:ac:c8:cb:61:
01:dc:3a:d0:a6:11:2a:52:f0:b7:9f:1c:fc:e2:9f:d9:44:6c:
78:6b:f7:c2:ab:be:14:34:ff:e5:9f:24:0a:f2:1d:50:de:bd:
82:43:ba:f6:3d:96:7d:8e:a1:fb:2c:76:16:03:67:17:fa:8a:
b8:6f:01:f9:31:54:ea:3d:bc:0e:8e:85:a4:50:a9:42:da:ec:
42:b1:86:9b:f5:93:01:e4:d5:53:0d:9a:cc:22:cc:70:02:85:
0e:5e:3f:b7:ef:30:b4:9c:df:c3:d0:11:ee:12:ba:26:c0:b6:
9e:bb:90:98:80:19:93:50:94:d9:4f:16:89:ba:a6:48:10:95:
e4:ab:09:9a:51:bf:56:45:00:f0:a1:d7:64:f9:9c:a0:48:7c:
89:08:e7:e2:bc:6a:ca:bb:bc:3f:5b:57:00:be:e0:41:dd:80:
cf:b2:b2:4e:1d:1c:6a:de:ec:6c:48:8f:e7:71:33:23:ee:fe:
d5:e6:9c:86:6d:12:fc:60:4f:d1:85:1d:38:27:d1:22:d3:71:
a0:f9:ce:84
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVuwij0It/vWymnaHsto66IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZGIxMjRlZjM1YzIyMjE2Nzg5NGE1YTVlOTM3MDRhODEx
YzM0YWMwHhcNMjMwMTAxMTkxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjNkMzMxNzFlMGZmMGE1NzNmYjQzM2YyMTI0MTRkZGFhZjM1M2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFsjC/oln1T0jF98CgwoRvo3O8ka
op8GClcNS0WOunf8ZflsLBsgcupQ50XYPEGX9PqnNOpgGq6AAdW0++3lb8xBi1bd
zI88HWHBe/BzbNJnrvPUyxZb9LiqKZKATUoa09NvNqLOXnimAIpTSwCQ1ktpkQHX
gr+BEamaIxRpq9cC/rzOxAqxZxQ9qWZaBy0zBHTv1BtPPVxHdafs1eETD/F8LnnD
Lb9XG5U7DnTBrVesQ40YHnbU9Be9cHMiwrywaQYbcHcDG9npYakclBW6/HJs2kx+
BDUE2tvnwMMjnav24ceCiRZR65X+toWObPCd7nOkPZg5lJxeTSH4oGPodQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFM89MxceD/Clc/tDPyEkFN2q81OzMB8GA1UdIwQY
MBaAFKDbEk7zXCIhZ4lKWl6TcEqBHDSsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb05zU1R2TmNJaUZuaVVwYVhwTndTb0VjTkt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8yZGVjOTMtN2IwYS00NjE0LWEwNTkt
ZjdlMDkyY2UyMTcwLzEvenowekZ4NFA4S1Z6LTBNX0lTUVUzYXJ6VTdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8yZGVjOTMtN2IwYS00NjE0LWEwNTktZjdlMDkyY2UyMTcw
LzEvb05zU1R2TmNJaUZuaVVwYVhwTndTb0VjTkt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCVO9gAwQC
jWU8MA8EAgACMAkDBwAqAGkAABAwDQYJKoZIhvcNAQELBQADggEBAEgsbPcHDXBV
tCvhQoQ17wVRVFv1nuZXl2UebJBAUpeqfWIrLkNpCZiqwIDwWuMv7pRIrMjLYQHc
OtCmESpS8LefHPzin9lEbHhr98KrvhQ0/+WfJAryHVDevYJDuvY9ln2OofssdhYD
Zxf6irhvAfkxVOo9vA6OhaRQqULa7EKxhpv1kwHk1VMNmswizHAChQ5eP7fvMLSc
38PQEe4SuibAtp67kJiAGZNQlNlPFom6pkgQleSrCZpRv1ZFAPCh12T5nKBIfIkI
5+K8asq7vD9bVwC+4EHdgM+ysk4dHGre7GxIj+dxMyPu/tXmnIZtEvxgT9GFHTgn
0SLTcaD5zoQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:12 2025 by rpki-client