Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/f288bd-10f5-47b3-b124-6b136494e3dc/1/ZVdKIHMCZIgZmO29HfZuK9KianY.roa
File: ZVdKIHMCZIgZmO29HfZuK9KianY.roa (raw, json)
Hash identifier: 2kGDIO6FKG2t3hXhHnF2iU2nfmaxGFRQZKaQHnUSkxM=
Subject key identifier: 65:57:4A:20:73:02:64:88:19:98:ED:BD:1D:F6:6E:2B:D2:A2:6A:76
Certificate issuer: /CN=abb060166d64cead0e295797e8d27c55d8898bc2
Certificate serial: 0194258F4E3E68D02612210D554456DECECE
Authority key identifier: AB:B0:60:16:6D:64:CE:AD:0E:29:57:97:E8:D2:7C:55:D8:89:8B:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q7BgFm1kzq0OKVeX6NJ8VdiJi8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/f288bd-10f5-47b3-b124-6b136494e3dc/1/ZVdKIHMCZIgZmO29HfZuK9KianY.roa
Signing time: Thu 02 Jan 2025 05:48:56 +0000
ROA not before: Thu 02 Jan 2025 05:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205390
IP address blocks: 185.220.0.0/22 maxlen: 24
2a0b:ecc0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:4e:3e:68:d0:26:12:21:0d:55:44:56:de:ce:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abb060166d64cead0e295797e8d27c55d8898bc2
Validity
Not Before: Jan 2 05:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=65574a20730264881998edbd1df66e2bd2a26a76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:d5:bd:7f:38:ff:e6:f2:d6:3a:d2:76:2b:14:
1e:0e:3b:16:b7:48:2a:25:5a:39:1a:50:66:a6:b3:
a8:1b:92:af:54:a8:f7:0b:47:42:88:51:ee:ce:bc:
c1:8b:fa:f4:b0:4e:67:23:ce:bf:ce:2c:4c:d9:ad:
30:c8:9b:1c:47:0c:9d:5c:72:9b:b6:c6:65:8a:59:
77:55:c0:10:05:a0:99:1d:76:7e:c4:26:dd:f7:b7:
26:f0:98:d1:5c:3d:27:c2:b0:39:e1:10:e3:7e:d7:
6d:be:db:c9:04:bf:4f:29:9f:97:c4:1c:e6:d9:53:
ad:98:1e:6f:d3:7d:d3:4b:cd:2c:0a:d7:dd:8c:68:
d3:79:33:21:39:d5:d7:4c:f0:7b:ff:2d:dc:0a:89:
9f:9c:a6:f6:96:0c:03:ef:18:ec:2e:8f:a7:a1:f3:
a1:1c:ea:92:ad:f9:6c:c9:2d:d7:97:fe:73:33:9a:
9c:8e:b8:73:9e:d7:9e:61:50:c1:5f:ea:37:65:1b:
32:68:31:bd:ff:58:82:cf:9d:68:53:78:c8:8f:95:
f1:50:81:21:a3:cb:14:05:8a:3a:0d:91:38:03:68:
6b:a3:cd:34:dc:6f:35:10:30:55:bc:16:a8:af:51:
16:fa:95:a9:bb:e3:98:93:dd:ad:fc:e1:ff:a9:f6:
69:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:57:4A:20:73:02:64:88:19:98:ED:BD:1D:F6:6E:2B:D2:A2:6A:76
X509v3 Authority Key Identifier:
keyid:AB:B0:60:16:6D:64:CE:AD:0E:29:57:97:E8:D2:7C:55:D8:89:8B:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7BgFm1kzq0OKVeX6NJ8VdiJi8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f288bd-10f5-47b3-b124-6b136494e3dc/1/ZVdKIHMCZIgZmO29HfZuK9KianY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f288bd-10f5-47b3-b124-6b136494e3dc/1/q7BgFm1kzq0OKVeX6NJ8VdiJi8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.0.0/22
IPv6:
2a0b:ecc0::/29
Signature Algorithm: sha256WithRSAEncryption
9e:ae:6f:af:a2:72:a0:dc:84:5d:f8:24:2b:14:42:fd:91:ba:
97:4f:c0:f7:fb:82:fd:e8:90:92:2d:7b:b2:40:1d:ca:17:c3:
42:78:98:ca:ae:81:ec:1c:03:b9:ad:61:f2:9d:a3:71:83:3d:
f2:fb:82:01:c1:cf:ea:86:dc:8f:26:64:29:ad:b1:55:3a:fd:
b8:0f:79:1a:e8:04:96:64:ed:16:f4:66:b4:44:4a:ec:b2:28:
a1:22:f4:5e:84:91:cb:2e:2c:8e:65:76:ca:8d:a1:92:a4:3d:
0d:da:77:3f:e9:e8:11:7d:08:4a:73:88:d1:17:fb:e8:0b:bf:
37:e0:12:7c:36:16:02:ec:dd:9a:93:ed:99:01:aa:f3:6d:6b:
7f:47:18:99:76:37:54:50:5d:39:50:f2:79:5a:4e:90:7b:5f:
95:35:21:e1:4b:20:61:24:ca:5d:a9:cf:f8:dd:58:a7:5f:0e:
61:97:20:34:39:92:82:fd:b9:a5:c7:e0:36:57:98:8f:c7:ef:
89:6e:63:2e:fe:ea:6c:ab:fd:41:87:a5:48:28:64:fd:d3:22:
1a:24:ac:0b:de:74:f9:7d:14:5b:c9:3a:7c:3c:28:58:e3:a3:
91:c5:d9:80:97:d8:d1:a7:94:68:4f:ed:af:68:4b:46:c0:27:
d5:f7:a3:0e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlj04+aNAmEiENVURW3s7OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYjA2MDE2NmQ2NGNlYWQwZTI5NTc5N2U4ZDI3YzU1ZDg4
OThiYzIwHhcNMjUwMTAyMDU0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTU3NGEyMDczMDI2NDg4MTk5OGVkYmQxZGY2NmUyYmQyYTI2YTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9W9fzj/5vLWOtJ2KxQeDjsWt0gq
JVo5GlBmprOoG5KvVKj3C0dCiFHuzrzBi/r0sE5nI86/zixM2a0wyJscRwydXHKb
tsZlill3VcAQBaCZHXZ+xCbd97cm8JjRXD0nwrA54RDjftdtvtvJBL9PKZ+XxBzm
2VOtmB5v033TS80sCtfdjGjTeTMhOdXXTPB7/y3cComfnKb2lgwD7xjsLo+nofOh
HOqSrflsyS3Xl/5zM5qcjrhznteeYVDBX+o3ZRsyaDG9/1iCz51oU3jIj5XxUIEh
o8sUBYo6DZE4A2hro8003G81EDBVvBaor1EW+pWpu+OYk92t/OH/qfZpywIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGVXSiBzAmSIGZjtvR32bivSomp2MB8GA1UdIwQY
MBaAFKuwYBZtZM6tDilXl+jSfFXYiYvCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTdCZ0ZtMWt6cTBPS1ZlWDZOSjhWZGlKaThJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9mMjg4YmQtMTBmNS00N2IzLWIxMjQt
NmIxMzY0OTRlM2RjLzEvWlZkS0lITUNaSWdabU8yOUhmWnVLOUtpYW5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9mMjg4YmQtMTBmNS00N2IzLWIxMjQtNmIxMzY0OTRlM2Rj
LzEvcTdCZ0ZtMWt6cTBPS1ZlWDZOSjhWZGlKaThJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudwAMA0E
AgACMAcDBQMqC+zAMA0GCSqGSIb3DQEBCwUAA4IBAQCerm+vonKg3IRd+CQrFEL9
kbqXT8D3+4L96JCSLXuyQB3KF8NCeJjKroHsHAO5rWHynaNxgz3y+4IBwc/qhtyP
JmQprbFVOv24D3ka6ASWZO0W9Ga0RErssiihIvRehJHLLiyOZXbKjaGSpD0N2nc/
6egRfQhKc4jRF/voC7834BJ8NhYC7N2ak+2ZAarzbWt/RxiZdjdUUF05UPJ5Wk6Q
e1+VNSHhSyBhJMpdqc/43VinXw5hlyA0OZKC/bmlx+A2V5iPx++JbmMu/upsq/1B
h6VIKGT90yIaJKwL3nT5fRRbyTp8PChY46ORxdmAl9jRp5RoT+2vaEtGwCfV96MO
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:58:45 2025 by rpki-client