Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/ZaM9jNyw62egtMMXYnGxszrNY3k.roa
File: ZaM9jNyw62egtMMXYnGxszrNY3k.roa (raw, json)
Hash identifier: IjXCT+wQnlaMHMU5neUWgppwJ+IMB7wimw7ZMxVicdg=
Subject key identifier: 65:A3:3D:8C:DC:B0:EB:67:A0:B4:C3:17:62:71:B1:B3:3A:CD:63:79
Certificate issuer: /CN=23259da3b1b38ca0939f490fb9043fcd89cfd062
Certificate serial: 019427B5722EE940ACB404FA9C144DCD98CC
Authority key identifier: 23:25:9D:A3:B1:B3:8C:A0:93:9F:49:0F:B9:04:3F:CD:89:CF:D0:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/ZaM9jNyw62egtMMXYnGxszrNY3k.roa
Signing time: Thu 02 Jan 2025 15:49:50 +0000
ROA not before: Thu 02 Jan 2025 15:49:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57728
IP address blocks: 81.25.16.0/21 maxlen: 21
81.25.24.0/21 maxlen: 21
109.234.40.0/21 maxlen: 21
185.255.116.0/22 maxlen: 22
2a00:1800::/32 maxlen: 32
2a00:1807::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:72:2e:e9:40:ac:b4:04:fa:9c:14:4d:cd:98:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23259da3b1b38ca0939f490fb9043fcd89cfd062
Validity
Not Before: Jan 2 15:49:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=65a33d8cdcb0eb67a0b4c3176271b1b33acd6379
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:36:56:82:39:87:ff:37:11:06:22:0f:36:88:
cf:e4:60:ae:47:a0:53:37:5f:fb:60:35:13:b1:65:
a1:65:d3:ad:1e:33:11:d3:6d:f4:67:21:5b:bc:bf:
31:a2:75:b8:ee:dc:62:a0:29:1a:83:10:33:15:0d:
6e:41:aa:9e:44:25:3d:94:b5:8b:ba:ef:c2:fb:ee:
69:5b:3c:2f:f9:e6:dd:51:5f:80:57:df:5d:b0:ce:
f1:8d:26:0b:65:bd:d5:89:28:d6:ac:10:64:cb:86:
7f:4f:1a:bf:b6:1c:fb:25:73:e0:4c:6c:c9:91:6e:
9b:95:5e:01:3a:b5:9b:57:1f:92:df:e0:33:8d:3f:
52:fd:78:f2:6e:ec:b2:12:af:07:d1:0a:ba:d3:80:
89:09:bd:bf:31:4a:0f:06:e8:a0:2f:24:bf:c3:de:
0b:3d:c8:ad:c3:d5:c0:c3:32:24:83:6b:f4:a5:67:
5d:cf:78:d5:a7:cc:35:ea:cd:cf:5b:a1:52:3f:8e:
90:82:8a:0f:49:f4:bd:63:6a:e8:74:9b:03:c0:97:
bf:88:f5:7b:97:6b:26:b9:cf:a9:d1:4b:35:f7:df:
f8:c8:f9:0a:fa:82:5d:3b:b8:f7:74:9a:e2:ac:b4:
4b:85:12:9e:77:e2:a9:0b:01:cc:37:87:b7:92:da:
02:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:A3:3D:8C:DC:B0:EB:67:A0:B4:C3:17:62:71:B1:B3:3A:CD:63:79
X509v3 Authority Key Identifier:
keyid:23:25:9D:A3:B1:B3:8C:A0:93:9F:49:0F:B9:04:3F:CD:89:CF:D0:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/ZaM9jNyw62egtMMXYnGxszrNY3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.25.16.0/20
109.234.40.0/21
185.255.116.0/22
IPv6:
2a00:1800::/32
2a00:1807::/32
Signature Algorithm: sha256WithRSAEncryption
17:c4:a2:e7:7a:d2:06:ff:5f:b1:fe:5f:16:81:91:d5:73:2d:
9e:c4:2d:82:03:03:c3:7e:8f:5f:de:b9:e3:2b:e3:15:21:1e:
af:1d:e6:79:95:c2:15:a7:77:e1:cd:ec:81:ad:c4:79:09:7d:
00:50:7c:46:92:c8:6d:dd:e7:ac:f3:90:56:5a:51:1b:b4:0d:
e7:e5:6b:e7:16:d8:b8:da:0c:14:a0:da:95:38:ad:19:29:db:
39:31:a2:ca:55:8e:50:cd:60:1c:56:63:ad:f4:6d:0f:00:9e:
a1:d4:59:43:30:8c:4d:5a:80:2f:62:77:f1:4b:c1:a4:59:d8:
01:bd:40:a0:e5:49:5d:25:75:10:33:b2:61:48:91:ba:3b:f2:
24:7f:01:7b:22:a7:72:da:ea:8f:6d:20:15:a4:ee:2f:37:be:
8e:ac:89:34:5a:84:ea:4e:b2:c6:5a:e3:32:37:32:aa:bf:93:
2a:a2:57:c0:46:38:35:d6:cf:5e:87:08:97:3b:02:07:83:f5:
44:3d:1a:35:b6:11:8a:df:3b:40:57:83:ab:58:ae:5c:e4:48:
32:b7:80:b4:be:d9:70:96:a5:34:0a:0a:f1:30:63:77:74:54:
1c:12:51:c6:c0:54:8d:94:df:c3:a1:2e:8d:b9:b1:17:2a:a7:
e3:b8:b2:dc
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQntXIu6UCstAT6nBRNzZjMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMjU5ZGEzYjFiMzhjYTA5MzlmNDkwZmI5MDQzZmNkODlj
ZmQwNjIwHhcNMjUwMTAyMTU0OTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWEzM2Q4Y2RjYjBlYjY3YTBiNGMzMTc2MjcxYjFiMzNhY2Q2Mzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2TZWgjmH/zcRBiIPNojP5GCuR6BT
N1/7YDUTsWWhZdOtHjMR0230ZyFbvL8xonW47txioCkagxAzFQ1uQaqeRCU9lLWL
uu/C++5pWzwv+ebdUV+AV99dsM7xjSYLZb3ViSjWrBBky4Z/Txq/thz7JXPgTGzJ
kW6blV4BOrWbVx+S3+AzjT9S/XjybuyyEq8H0Qq604CJCb2/MUoPBuigLyS/w94L
Pcitw9XAwzIkg2v0pWddz3jVp8w16s3PW6FSP46QgooPSfS9Y2rodJsDwJe/iPV7
l2smuc+p0Us199/4yPkK+oJdO7j3dJrirLRLhRKed+KpCwHMN4e3ktoCiwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFGWjPYzcsOtnoLTDF2JxsbM6zWN5MB8GA1UdIwQY
MBaAFCMlnaOxs4ygk59JD7kEP82Jz9BiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXlXZG83R3pqS0NUbjBrUHVRUV96WW5QMEdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy85MWE1ZmQtZTU2Yy00ZDg3LWJkNzUt
NjU0ZGQ2NDQyY2U0LzEvWmFNOWpOeXc2MmVndE1NWFluR3hzenJOWTNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy85MWE1ZmQtZTU2Yy00ZDg3LWJkNzUtNjU0ZGQ2NDQyY2U0
LzEvSXlXZG83R3pqS0NUbjBrUHVRUV96WW5QMEdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQEURkQAwQD
beooAwQCuf90MBQEAgACMA4DBQAqABgAAwUAKgAYBzANBgkqhkiG9w0BAQsFAAOC
AQEAF8Si53rSBv9fsf5fFoGR1XMtnsQtggMDw36PX9654yvjFSEerx3meZXCFad3
4c3sga3EeQl9AFB8RpLIbd3nrPOQVlpRG7QN5+Vr5xbYuNoMFKDalTitGSnbOTGi
ylWOUM1gHFZjrfRtDwCeodRZQzCMTVqAL2J38UvBpFnYAb1AoOVJXSV1EDOyYUiR
ujvyJH8BeyKnctrqj20gFaTuLze+jqyJNFqE6k6yxlrjMjcyqr+TKqJXwEY4NdbP
XocIlzsCB4P1RD0aNbYRit87QFeDq1iuXORIMreAtL7ZcJalNAoK8TBjd3RUHBJR
xsBUjZTfw6EujbmxFyqn47iy3A==
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:34:13 2025 by rpki-client