Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/ZTAC9SipRphX2IfnBvPmMyxwvxo.roa
File: ZTAC9SipRphX2IfnBvPmMyxwvxo.roa (raw, json)
Hash identifier: fnsc3Fihnt2tgAdsJdAtea3nbPHTZwmaRXGc2Dq8q2c=
Subject key identifier: 65:30:02:F5:28:A9:46:98:57:D8:87:E7:06:F3:E6:33:2C:70:BF:1A
Certificate issuer: /CN=9d210f2259093aaf45285922a588e9a661aba9fa
Certificate serial: 387FA32E
Authority key identifier: 9D:21:0F:22:59:09:3A:AF:45:28:59:22:A5:88:E9:A6:61:AB:A9:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSEPIlkJOq9FKFkipYjppmGrqfo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/ZTAC9SipRphX2IfnBvPmMyxwvxo.roa
Signing time: Sat 01 Jan 2022 16:10:58 +0000
ROA not before: Sat 01 Jan 2022 16:10:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43994
IP address blocks: 217.196.16.0/20 maxlen: 20
77.245.96.0/20 maxlen: 20
93.185.64.0/20 maxlen: 20
95.141.128.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 947888942 (0x387fa32e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d210f2259093aaf45285922a588e9a661aba9fa
Validity
Not Before: Jan 1 16:10:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=653002f528a9469857d887e706f3e6332c70bf1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b6:6f:0f:3e:1e:53:5e:61:4d:a7:5f:bf:d2:
6a:01:7a:46:ac:60:94:18:64:cf:33:96:2f:52:e0:
00:b5:48:e3:b2:43:45:87:67:54:cb:c7:63:22:d3:
81:9c:08:4c:f6:5d:3f:96:c2:d1:93:dd:2e:4f:ef:
c2:b3:dd:2b:2f:d9:5d:8f:72:8e:06:dd:7f:52:65:
b2:58:68:f6:c3:bc:ac:63:ce:cf:03:f3:be:80:79:
9d:c1:7f:07:d0:21:c6:25:bc:43:25:86:49:04:d9:
c4:b2:56:a1:f8:95:92:4a:e2:3f:4b:4a:24:0b:dd:
2b:36:15:13:bb:c7:c8:81:e1:0b:8b:79:18:46:d6:
87:73:8e:3d:51:63:fe:4d:c3:b1:0c:39:42:12:fc:
dd:30:e9:53:a2:68:2e:c0:9e:12:e2:23:3b:b7:ac:
47:61:2e:50:04:4c:38:71:3d:e4:14:80:09:0b:d9:
77:2b:f8:ff:c5:9b:d5:0b:0d:81:f6:00:47:bd:57:
52:07:57:d2:4c:67:50:d4:9e:86:d5:be:9c:80:2b:
51:9d:04:f3:09:18:01:25:22:b1:4e:17:ee:25:cc:
c9:e5:93:40:0a:7b:a5:b6:85:a5:9c:a2:88:14:0f:
7a:bb:b0:7d:1f:dc:d5:78:7a:98:0d:dd:f3:21:9b:
b5:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:30:02:F5:28:A9:46:98:57:D8:87:E7:06:F3:E6:33:2C:70:BF:1A
X509v3 Authority Key Identifier:
keyid:9D:21:0F:22:59:09:3A:AF:45:28:59:22:A5:88:E9:A6:61:AB:A9:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSEPIlkJOq9FKFkipYjppmGrqfo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/ZTAC9SipRphX2IfnBvPmMyxwvxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/nSEPIlkJOq9FKFkipYjppmGrqfo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.245.96.0/20
93.185.64.0/20
95.141.128.0/20
217.196.16.0/20
Signature Algorithm: sha256WithRSAEncryption
6e:f3:b6:ca:af:64:d1:54:6c:92:98:2e:90:ce:3d:d5:cb:2c:
07:e0:85:14:c0:de:b8:fe:8a:ee:ac:7b:50:62:21:9f:fd:ef:
44:04:ba:ac:a0:ac:b8:26:82:ef:7b:b2:be:eb:ad:a0:de:7f:
7a:f7:3a:f5:73:21:6a:89:8f:61:5f:62:d5:d2:44:df:f2:b6:
76:ed:4a:af:df:51:4a:5c:ee:3f:76:c8:0e:7f:49:10:66:19:
6c:3a:56:39:b1:ec:1c:3c:a7:35:b2:1a:f5:4f:40:12:c2:51:
9f:cd:85:7d:b7:85:9b:8c:fe:a3:6a:cf:ba:57:f4:69:61:92:
f0:2b:30:24:7c:6c:e3:5d:d7:ee:c5:0b:ef:6c:2c:25:be:48:
b0:e8:ac:41:d9:a7:40:7a:b2:b1:57:36:c1:3d:8c:75:11:c7:
32:d9:51:f4:c7:61:ec:66:66:40:a9:68:d2:5b:f3:a1:ec:b8:
8d:b0:0f:83:5b:77:b3:75:52:45:db:84:9f:e9:25:44:df:23:
ee:d5:8f:a9:aa:4d:60:28:00:5a:41:36:e9:66:ef:26:64:63:
4e:83:69:32:2c:fe:d4:cf:03:04:53:7c:6a:b8:ff:a4:11:1a:
ea:5c:e0:ac:6a:48:0e:5d:50:a3:53:85:62:a6:3f:58:7e:28:
be:54:ce:ba
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEOH+jLjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZDIxMGYyMjU5MDkzYWFmNDUyODU5MjJhNTg4ZTlhNjYxYWJhOWZhMB4XDTIyMDEw
MTE2MTA1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjUzMDAyZjUyOGE5
NDY5ODU3ZDg4N2U3MDZmM2U2MzMyYzcwYmYxYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJe2bw8+HlNeYU2nX7/SagF6RqxglBhkzzOWL1LgALVI47JD
RYdnVMvHYyLTgZwITPZdP5bC0ZPdLk/vwrPdKy/ZXY9yjgbdf1Jlslho9sO8rGPO
zwPzvoB5ncF/B9AhxiW8QyWGSQTZxLJWofiVkkriP0tKJAvdKzYVE7vHyIHhC4t5
GEbWh3OOPVFj/k3DsQw5QhL83TDpU6JoLsCeEuIjO7esR2EuUARMOHE95BSACQvZ
dyv4/8Wb1QsNgfYAR71XUgdX0kxnUNSehtW+nIArUZ0E8wkYASUisU4X7iXMyeWT
QAp7pbaFpZyiiBQPeruwfR/c1Xh6mA3d8yGbtZkCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBRlMAL1KKlGmFfYh+cG8+YzLHC/GjAfBgNVHSMEGDAWgBSdIQ8iWQk6r0Uo
WSKliOmmYaup+jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25TRVBJbGtKT3E5RktGa2lwWWpwcG1HcnFmby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWEvOTM2ODZkLTExZjUtNGUzZS1iNWM0LTQzODQzYzJlOTQzYi8x
L1pUQUM5U2lwUnBoWDJJZm5CdlBtTXl4d3Z4by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWEv
OTM2ODZkLTExZjUtNGUzZS1iNWM0LTQzODQzYzJlOTQzYi8xL25TRVBJbGtKT3E5
RktGa2lwWWpwcG1HcnFmby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEBE31YAMEBF25QAMEBF+NgAMEBNnE
EDANBgkqhkiG9w0BAQsFAAOCAQEAbvO2yq9k0VRskpgukM491cssB+CFFMDeuP6K
7qx7UGIhn/3vRAS6rKCsuCaC73uyvuutoN5/evc69XMhaomPYV9i1dJE3/K2du1K
r99RSlzuP3bIDn9JEGYZbDpWObHsHDynNbIa9U9AEsJRn82FfbeFm4z+o2rPulf0
aWGS8CswJHxs413X7sUL72wsJb5IsOisQdmnQHqysVc2wT2MdRHHMtlR9Mdh7GZm
QKlo0lvzoey4jbAPg1t3s3VSRduEn+klRN8j7tWPqapNYCgAWkE26WbvJmRjToNp
Miz+1M8DBFN8arj/pBEa6lzgrGpIDl1Qo1OFYqY/WH4ovlTOug==
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:19:58 2025 by rpki-client