Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/67703c-0ef9-465e-8a5a-314f729fa595/1/ZSozNADh45J4NbvIkKpEauKMpSw.roa
File: ZSozNADh45J4NbvIkKpEauKMpSw.roa (raw, json)
Hash identifier: mnoV0dSjTeO4alwINNgX8Ctfpv2k8KelcFPYtDzw7tI=
Subject key identifier: 65:2A:33:34:00:E1:E3:92:78:35:BB:C8:90:AA:44:6A:E2:8C:A5:2C
Certificate issuer: /CN=a28815e43926af7eb961de7b703aed6328953e30
Certificate serial: 018CC3489C86C5EEEEF864B63A8B288E558F
Authority key identifier: A2:88:15:E4:39:26:AF:7E:B9:61:DE:7B:70:3A:ED:63:28:95:3E:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oogV5Dkmr365Yd57cDrtYyiVPjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/67703c-0ef9-465e-8a5a-314f729fa595/1/ZSozNADh45J4NbvIkKpEauKMpSw.roa
Signing time: Mon 01 Jan 2024 04:29:24 +0000
ROA not before: Mon 01 Jan 2024 04:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35625
IP address blocks: 195.90.116.0/22 maxlen: 22
94.158.180.0/22 maxlen: 22
85.208.216.0/22 maxlen: 22
109.197.240.0/21 maxlen: 21
185.39.168.0/22 maxlen: 22
195.190.27.0/24 maxlen: 24
45.15.204.0/22 maxlen: 22
91.212.236.0/24 maxlen: 24
185.218.212.0/22 maxlen: 22
185.181.4.0/22 maxlen: 22
185.31.148.0/22 maxlen: 22
91.229.136.0/24 maxlen: 24
2a00:ba60::/32 maxlen: 32
2a00:ba60::/31 maxlen: 31
2a00:ba62::/32 maxlen: 32
2a09:8c40::/29 maxlen: 29
2a00:ba61::/32 maxlen: 32
2a00:ba67::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:9c:86:c5:ee:ee:f8:64:b6:3a:8b:28:8e:55:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a28815e43926af7eb961de7b703aed6328953e30
Validity
Not Before: Jan 1 04:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=652a333400e1e3927835bbc890aa446ae28ca52c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a4:87:ef:d2:75:2d:5d:39:8a:6c:b6:d3:a7:
7b:ae:63:5a:d0:22:07:83:a5:24:68:f2:75:d6:d2:
28:56:c4:cf:89:a8:33:eb:ab:47:90:41:82:a7:d9:
aa:9e:71:f9:35:2f:e0:4b:05:4c:75:38:d5:6c:10:
21:63:c6:9f:e8:23:76:5a:ff:17:10:a9:d9:4f:db:
cf:54:06:28:e9:bc:b1:9f:d3:15:4e:99:31:59:6a:
0c:6c:40:0c:d3:e9:35:77:b0:32:12:74:00:4a:86:
3a:9c:82:c6:00:65:67:31:34:61:14:b9:04:9c:53:
a2:a5:a4:ed:cf:ee:8d:74:2d:f9:9f:8f:0b:ae:e6:
a5:19:7c:20:f7:e6:10:9d:a1:3a:f4:5b:14:8a:30:
99:27:94:52:6d:d2:02:6a:d2:97:5d:10:f3:4b:a4:
8e:b7:b1:78:f0:55:a7:d9:a6:b3:90:ed:26:db:30:
c0:60:2a:84:86:ae:21:85:5b:ab:d5:48:17:19:a5:
82:a4:49:09:37:62:90:d1:5c:40:be:57:7b:34:23:
dc:40:3b:2c:9a:ab:5e:da:01:61:4f:6e:84:15:17:
ec:1d:54:ed:f2:51:78:fe:ff:6c:bf:71:c0:c6:01:
46:08:d7:f2:8b:18:18:da:9e:3b:82:f0:f4:85:d5:
8b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:2A:33:34:00:E1:E3:92:78:35:BB:C8:90:AA:44:6A:E2:8C:A5:2C
X509v3 Authority Key Identifier:
keyid:A2:88:15:E4:39:26:AF:7E:B9:61:DE:7B:70:3A:ED:63:28:95:3E:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oogV5Dkmr365Yd57cDrtYyiVPjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/67703c-0ef9-465e-8a5a-314f729fa595/1/ZSozNADh45J4NbvIkKpEauKMpSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/67703c-0ef9-465e-8a5a-314f729fa595/1/oogV5Dkmr365Yd57cDrtYyiVPjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.204.0/22
85.208.216.0/22
91.212.236.0/24
91.229.136.0/24
94.158.180.0/22
109.197.240.0/21
185.31.148.0/22
185.39.168.0/22
185.181.4.0/22
185.218.212.0/22
195.90.116.0/22
195.190.27.0/24
IPv6:
2a00:ba60::-2a00:ba62:ffff:ffff:ffff:ffff:ffff:ffff
2a00:ba67::/32
2a09:8c40::/29
Signature Algorithm: sha256WithRSAEncryption
23:b4:8a:24:c9:18:be:9f:ae:ec:35:d5:a8:d6:57:64:86:89:
a8:15:f8:52:97:58:bd:79:70:cd:1a:67:f1:0f:1c:55:8e:fd:
4e:4d:7e:51:d6:72:41:bc:63:e6:14:82:a7:a0:98:52:3f:5a:
2c:42:2a:a5:b6:80:d4:e2:ab:da:62:7d:e9:50:c9:0f:6b:cc:
28:54:0c:24:e0:13:22:d9:64:3d:ad:69:fa:88:ed:15:fb:52:
21:32:61:d4:2e:69:00:d4:b5:c7:70:12:82:76:59:13:f0:80:
50:70:ac:b0:69:55:79:f4:d0:17:f1:06:87:18:42:70:d5:29:
f6:e1:99:2a:85:0c:d5:00:bf:ff:38:6a:b0:88:46:44:39:1b:
d6:04:a7:17:c2:e3:21:c8:03:67:e9:b4:82:c4:87:3c:b3:df:
16:c2:d8:07:bc:21:55:84:50:74:9d:68:a6:3d:12:33:b8:b5:
99:ba:5e:9b:bf:03:a5:1e:41:12:48:01:40:bc:3c:27:90:b6:
e0:ee:d6:5b:70:6d:9d:4c:f7:8b:5c:19:39:24:33:8e:d5:9f:
70:e5:d2:4d:31:0b:e7:f9:5f:95:91:b6:42:72:3b:2f:0e:bb:
22:8b:43:08:56:bb:25:68:5e:e5:74:d9:b3:ba:0b:31:1c:ec:
10:f3:ce:c3
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAYzDSJyGxe7u+GS2OosojlWPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyODgxNWU0MzkyNmFmN2ViOTYxZGU3YjcwM2FlZDYzMjg5
NTNlMzAwHhcNMjQwMTAxMDQyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTJhMzMzNDAwZTFlMzkyNzgzNWJiYzg5MGFhNDQ2YWUyOGNhNTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqSH79J1LV05imy206d7rmNa0CIH
g6UkaPJ11tIoVsTPiagz66tHkEGCp9mqnnH5NS/gSwVMdTjVbBAhY8af6CN2Wv8X
EKnZT9vPVAYo6byxn9MVTpkxWWoMbEAM0+k1d7AyEnQASoY6nILGAGVnMTRhFLkE
nFOipaTtz+6NdC35n48LrualGXwg9+YQnaE69FsUijCZJ5RSbdICatKXXRDzS6SO
t7F48FWn2aazkO0m2zDAYCqEhq4hhVur1UgXGaWCpEkJN2KQ0VxAvld7NCPcQDss
mqte2gFhT26EFRfsHVTt8lF4/v9sv3HAxgFGCNfyixgY2p47gvD0hdWLLQIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFGUqMzQA4eOSeDW7yJCqRGrijKUsMB8GA1UdIwQY
MBaAFKKIFeQ5Jq9+uWHee3A67WMolT4wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb29nVjVEa21yMzY1WWQ1N2NEcnRZeWlWUGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS82NzcwM2MtMGVmOS00NjVlLThhNWEt
MzE0ZjcyOWZhNTk1LzEvWlNvek5BRGg0NUo0TmJ2SWtLcEVhdUtNcFN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS82NzcwM2MtMGVmOS00NjVlLThhNWEtMzE0ZjcyOWZhNTk1
LzEvb29nVjVEa21yMzY1WWQ1N2NEcnRZeWlWUGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwTgQCAAEwSAMEAi0PzAME
AlXQ2AMEAFvU7AMEAFvliAMEAl6etAMEA23F8AMEArkflAMEArknqAMEArm1BAME
Arna1AMEAsNadAMEAMO+GzAkBAIAAjAeMA4DBQUqALpgAwUAKgC6YgMFACoAumcD
BQMqCYxAMA0GCSqGSIb3DQEBCwUAA4IBAQAjtIokyRi+n67sNdWo1ldkhomoFfhS
l1i9eXDNGmfxDxxVjv1OTX5R1nJBvGPmFIKnoJhSP1osQiqltoDU4qvaYn3pUMkP
a8woVAwk4BMi2WQ9rWn6iO0V+1IhMmHULmkA1LXHcBKCdlkT8IBQcKywaVV59NAX
8QaHGEJw1Sn24ZkqhQzVAL//OGqwiEZEORvWBKcXwuMhyANn6bSCxIc8s98WwtgH
vCFVhFB0nWimPRIzuLWZul6bvwOlHkESSAFAvDwnkLbg7tZbcG2dTPeLXBk5JDOO
1Z9w5dJNMQvn+V+VkbZCcjsvDrsii0MIVrslaF7ldNmzugsxHOwQ887D
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:20 2024 by rpki-client on console-ams.rpki-client.org