Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/zzuE2zMvXGHXOJDlHs7HE2hg0Ig.roa
File: zzuE2zMvXGHXOJDlHs7HE2hg0Ig.roa (raw, json)
Hash identifier: SsNH6/NqF6hlEThKK8zgMaDH7SoTPVOLeboRYUvucBM=
Subject key identifier: CF:3B:84:DB:33:2F:5C:61:D7:38:90:E5:1E:CE:C7:13:68:60:D0:88
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 01941F8C30F6E8A12A5CE766C44EA5A89E89
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/zzuE2zMvXGHXOJDlHs7HE2hg0Ig.roa
Signing time: Wed 01 Jan 2025 01:47:48 +0000
ROA not before: Wed 01 Jan 2025 01:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59677
IP address blocks: 85.121.4.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:30:f6:e8:a1:2a:5c:e7:66:c4:4e:a5:a8:9e:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jan 1 01:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf3b84db332f5c61d73890e51ecec7136860d088
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:bd:7d:21:4b:a1:7a:e9:7c:11:df:49:74:9e:
4d:12:1d:de:fe:8f:f9:5d:f3:a4:c9:91:a6:85:d3:
68:1a:5a:d5:15:f1:d8:aa:6a:25:39:fd:d6:d5:01:
ad:88:f6:3f:02:87:77:bb:33:b0:7d:3f:25:c2:8c:
1d:6e:65:30:7a:60:24:ff:0c:82:70:96:e4:f4:50:
15:9a:98:5c:22:7e:3d:04:6a:21:1e:19:93:9e:e8:
d3:ca:1b:f1:20:89:b0:45:d9:5c:cb:e7:b8:e3:f7:
5f:fb:15:36:02:a6:de:1d:ef:29:b3:2f:66:c7:ac:
ff:56:19:13:bb:5e:c9:39:2d:8e:40:e4:0a:14:c5:
52:84:fe:39:15:d1:41:96:21:a2:e2:5c:83:60:12:
fe:36:5a:49:93:78:b5:b3:32:49:80:44:1a:d2:94:
f2:51:49:f9:02:9b:1e:46:26:92:55:9d:6b:85:78:
50:9a:5a:be:1b:00:74:60:14:07:9d:6a:be:63:60:
c4:a5:93:38:04:a6:d6:af:c0:de:e6:78:27:27:de:
e9:4d:ab:57:9e:a8:89:14:3e:35:ae:e1:81:01:85:
44:99:e4:e8:a2:70:58:b0:a6:0e:80:9f:a8:62:97:
68:71:e8:20:e2:9e:cd:ab:f8:58:40:e8:47:2f:82:
2a:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:3B:84:DB:33:2F:5C:61:D7:38:90:E5:1E:CE:C7:13:68:60:D0:88
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/zzuE2zMvXGHXOJDlHs7HE2hg0Ig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.121.4.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:f2:c5:e4:41:7d:27:af:0e:05:34:ba:6a:a6:93:9f:dc:9a:
b6:69:c9:e7:3d:62:5f:a8:cd:a1:d3:8c:b6:f8:3b:3d:d6:cd:
5e:5f:d9:b0:89:b0:7f:70:bc:8c:cd:bc:36:93:61:f5:12:58:
fa:e6:a2:16:da:4b:4c:6c:08:e4:9c:78:a2:6f:cb:f8:94:da:
56:d9:ec:e5:7d:b0:38:fe:5d:08:f1:6d:9f:64:77:7d:b2:e8:
18:9f:59:e1:4c:1e:cf:1f:80:89:e4:15:6f:49:70:c7:fb:a1:
f1:2f:90:98:7b:fb:79:a5:ce:14:36:fc:9f:12:08:4e:6f:3f:
98:c2:13:c8:35:e0:bb:1a:9b:ce:d0:f0:c5:6d:7a:53:c2:8b:
71:a3:87:55:00:73:b6:41:10:1d:a2:12:d3:63:b1:b5:4c:b2:
1f:43:89:48:d9:9c:cd:48:6b:e3:35:40:08:27:57:d7:d0:0a:
2d:9d:3a:4a:61:32:7c:5d:e9:62:01:29:22:32:7e:cb:e6:1c:
2d:a9:d1:e8:7c:bd:33:f5:70:fd:a1:d4:d1:e5:52:0a:3f:7b:
8a:f2:fe:bd:35:e2:58:58:d0:0f:db:1d:fd:49:12:35:fc:47:
98:4d:e9:ce:3e:06:13:2c:f4:da:8e:d2:4b:b5:ca:d3:d8:47:
1d:14:6a:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjDD26KEqXOdmxE6lqJ6JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjUwMTAxMDE0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjNiODRkYjMzMmY1YzYxZDczODkwZTUxZWNlYzcxMzY4NjBkMDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0719IUuheul8Ed9JdJ5NEh3e/o/5
XfOkyZGmhdNoGlrVFfHYqmolOf3W1QGtiPY/Aod3uzOwfT8lwowdbmUwemAk/wyC
cJbk9FAVmphcIn49BGohHhmTnujTyhvxIImwRdlcy+e44/df+xU2AqbeHe8psy9m
x6z/VhkTu17JOS2OQOQKFMVShP45FdFBliGi4lyDYBL+NlpJk3i1szJJgEQa0pTy
UUn5ApseRiaSVZ1rhXhQmlq+GwB0YBQHnWq+Y2DEpZM4BKbWr8De5ngnJ97pTatX
nqiJFD41ruGBAYVEmeToonBYsKYOgJ+oYpdocegg4p7Nq/hYQOhHL4IqQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM87hNszL1xh1ziQ5R7OxxNoYNCIMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvenp1RTJ6TXZYR0hYT0pEbEhzN0hFMmhnMElnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVXkEMA0G
CSqGSIb3DQEBCwUAA4IBAQAO8sXkQX0nrw4FNLpqppOf3Jq2acnnPWJfqM2h04y2
+Ds91s1eX9mwibB/cLyMzbw2k2H1Elj65qIW2ktMbAjknHiib8v4lNpW2ezlfbA4
/l0I8W2fZHd9sugYn1nhTB7PH4CJ5BVvSXDH+6HxL5CYe/t5pc4UNvyfEghObz+Y
whPINeC7GpvO0PDFbXpTwotxo4dVAHO2QRAdohLTY7G1TLIfQ4lI2ZzNSGvjNUAI
J1fX0AotnTpKYTJ8XeliASkiMn7L5hwtqdHofL0z9XD9odTR5VIKP3uK8v69NeJY
WNAP2x39SRI1/EeYTenOPgYTLPTajtJLtcrT2EcdFGoS
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:50:18 2025 by rpki-client