Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/Zkz4_ZlIcB7DyFtPU6FEcoHSLPM.roa
File: Zkz4_ZlIcB7DyFtPU6FEcoHSLPM.roa (raw, json)
Hash identifier: s1IAQ81D2wcGPIyH9EA3eeNc1gEW0sjHMUGBYsUA8aU=
Subject key identifier: 66:4C:F8:FD:99:48:70:1E:C3:C8:5B:4F:53:A1:44:72:81:D2:2C:F3
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0194266BC213CA4807C15C36956F8E948921
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/Zkz4_ZlIcB7DyFtPU6FEcoHSLPM.roa
Signing time: Thu 02 Jan 2025 09:49:43 +0000
ROA not before: Thu 02 Jan 2025 09:49:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 150770
IP address blocks: 212.23.206.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:c2:13:ca:48:07:c1:5c:36:95:6f:8e:94:89:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jan 2 09:49:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=664cf8fd9948701ec3c85b4f53a1447281d22cf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a0:8b:3b:e5:cb:b4:05:d7:32:24:a7:bd:9b:
81:c7:a6:93:a9:9f:84:fa:07:98:a9:ae:6a:72:d3:
1f:be:4e:17:e8:94:5b:27:e2:34:c3:f6:3c:30:37:
ce:b5:5f:cd:86:29:76:40:38:a7:47:20:a1:88:67:
ab:ce:6a:be:ab:52:0a:66:c3:3a:d3:82:09:ec:16:
ff:3a:19:36:84:c7:3b:f4:f7:01:f5:cf:23:eb:98:
0d:f9:0e:c3:ac:5b:0e:b0:be:3a:d0:ce:5e:2b:df:
df:89:62:8c:86:99:8b:d6:e0:fc:ce:fa:c5:3c:d7:
0f:21:4c:f8:86:9f:0e:a5:f9:c9:da:cd:9e:e6:2a:
0c:bd:70:dd:31:b6:af:95:0d:3c:d8:ce:8d:30:c9:
a6:ff:94:cf:57:7f:cd:0b:a1:e8:02:63:7b:cb:71:
f8:b7:72:a3:6a:49:e5:98:45:04:ad:90:1d:eb:22:
64:df:2e:93:fc:99:4e:9e:12:fb:5b:5d:e4:1a:5b:
5c:28:99:a8:c7:4a:39:dd:99:59:3a:82:c5:4c:d9:
01:51:21:c3:df:7d:45:52:4e:6d:bc:28:87:70:91:
3e:bc:b2:84:24:ae:eb:52:5e:1e:aa:8e:f3:97:e1:
f9:33:07:a1:39:69:9e:71:c9:2b:7c:d8:c5:a7:ab:
70:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:4C:F8:FD:99:48:70:1E:C3:C8:5B:4F:53:A1:44:72:81:D2:2C:F3
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/Zkz4_ZlIcB7DyFtPU6FEcoHSLPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.23.206.0/24
Signature Algorithm: sha256WithRSAEncryption
02:2b:86:f9:09:0e:cc:5d:ec:f1:1e:cc:49:2b:c7:81:01:dc:
86:83:cb:26:d1:45:17:53:b0:f7:80:a7:36:53:4a:2c:be:25:
7c:a8:37:57:6e:21:ab:eb:36:fe:0d:3a:b5:7f:0e:5d:86:05:
b1:14:34:11:b6:c1:82:48:bf:ca:23:0e:bb:da:1e:0e:de:77:
ad:d4:13:30:59:57:e0:d7:b8:36:e7:9f:4c:ef:7e:a1:ba:55:
ba:1d:b0:7e:4c:df:89:fd:9d:c3:73:3f:40:5b:75:0c:7e:ae:
b6:74:c8:50:4f:4f:7f:a5:e2:6a:30:23:a9:17:a8:a2:47:dc:
b8:94:13:32:54:8e:3b:22:4b:64:f6:63:ad:84:89:ef:1c:46:
d1:6a:0b:d8:89:7e:48:6e:99:27:c0:7e:05:17:b2:31:fa:46:
aa:b4:e4:12:d0:8c:86:33:99:ef:6d:f6:5a:a1:c7:1b:04:64:
fd:f2:e2:17:78:1e:7c:bd:cb:74:50:52:ea:24:f1:2f:2c:cc:
f9:c5:b3:12:d0:fd:b7:38:2b:7f:60:15:a8:32:d7:16:fb:70:
92:9a:31:64:04:06:5e:3c:1c:3e:e2:f9:40:52:5c:d2:4d:51:
52:ad:4c:52:12:05:f1:66:0d:79:d5:f2:4a:7a:ba:ca:78:67:
05:5b:da:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma8ITykgHwVw2lW+OlIkhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjUwMTAyMDk0OTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjRjZjhmZDk5NDg3MDFlYzNjODViNGY1M2ExNDQ3MjgxZDIyY2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6CLO+XLtAXXMiSnvZuBx6aTqZ+E
+geYqa5qctMfvk4X6JRbJ+I0w/Y8MDfOtV/Nhil2QDinRyChiGerzmq+q1IKZsM6
04IJ7Bb/Ohk2hMc79PcB9c8j65gN+Q7DrFsOsL460M5eK9/fiWKMhpmL1uD8zvrF
PNcPIUz4hp8OpfnJ2s2e5ioMvXDdMbavlQ082M6NMMmm/5TPV3/NC6HoAmN7y3H4
t3KjaknlmEUErZAd6yJk3y6T/JlOnhL7W13kGltcKJmox0o53ZlZOoLFTNkBUSHD
331FUk5tvCiHcJE+vLKEJK7rUl4eqo7zl+H5MwehOWmecckrfNjFp6twTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGZM+P2ZSHAew8hbT1OhRHKB0izzMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvWmt6NF9abEljQjdEeUZ0UFU2RkVjb0hTTFBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BfOMA0G
CSqGSIb3DQEBCwUAA4IBAQACK4b5CQ7MXezxHsxJK8eBAdyGg8sm0UUXU7D3gKc2
U0osviV8qDdXbiGr6zb+DTq1fw5dhgWxFDQRtsGCSL/KIw672h4O3net1BMwWVfg
17g2559M736hulW6HbB+TN+J/Z3Dcz9AW3UMfq62dMhQT09/peJqMCOpF6iiR9y4
lBMyVI47Iktk9mOthInvHEbRagvYiX5IbpknwH4FF7Ix+kaqtOQS0IyGM5nvbfZa
occbBGT98uIXeB58vct0UFLqJPEvLMz5xbMS0P23OCt/YBWoMtcW+3CSmjFkBAZe
PBw+4vlAUlzSTVFSrUxSEgXxZg151fJKerrKeGcFW9qs
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:06:51 2025 by rpki-client