Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/307607-5706-4e44-bb8e-189d00a333ee/1/ZSjK1k03bVh7IszUUplOg1a3fhc.roa
File: ZSjK1k03bVh7IszUUplOg1a3fhc.roa (raw, json)
Hash identifier: ur9lsl4V/e4ObtEPnWIBtt1dkjYzJgol0eBWTC8If5g=
Subject key identifier: 65:28:CA:D6:4D:37:6D:58:7B:22:CC:D4:52:99:4E:83:56:B7:7E:17
Certificate issuer: /CN=432fe70f4cef10376836152f38e4e08532cc7b9f
Certificate serial: 01941F8C2B093221F13A68A4D581A7BFB44F
Authority key identifier: 43:2F:E7:0F:4C:EF:10:37:68:36:15:2F:38:E4:E0:85:32:CC:7B:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qy_nD0zvEDdoNhUvOOTghTLMe58.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/307607-5706-4e44-bb8e-189d00a333ee/1/ZSjK1k03bVh7IszUUplOg1a3fhc.roa
Signing time: Wed 01 Jan 2025 01:47:47 +0000
ROA not before: Wed 01 Jan 2025 01:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34984
IP address blocks: 185.95.168.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:2b:09:32:21:f1:3a:68:a4:d5:81:a7:bf:b4:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=432fe70f4cef10376836152f38e4e08532cc7b9f
Validity
Not Before: Jan 1 01:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6528cad64d376d587b22ccd452994e8356b77e17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:05:a8:3f:03:29:45:3d:27:97:21:8e:b4:36:
0f:68:e4:60:44:98:ed:d4:be:be:73:51:f3:90:e1:
97:e5:a3:7c:a0:6f:06:18:e8:20:65:9c:d5:74:ee:
40:d3:f7:72:f3:6b:97:c5:e2:7f:de:ba:f9:e9:23:
c6:cc:86:d3:91:d6:27:ad:ea:f5:92:12:7d:ee:21:
38:30:fa:94:06:cf:9c:ff:34:0e:6c:42:a8:6e:0b:
58:b7:98:e7:47:fb:1c:d8:7f:c5:13:71:25:13:79:
a5:ec:fa:02:e0:db:0a:b2:9e:35:88:54:68:1e:c9:
fe:46:80:7b:59:b8:1b:45:87:84:2c:d7:6b:2f:38:
fc:1d:36:ee:be:a3:d1:17:43:0e:e1:da:c9:dc:ff:
29:ac:67:fd:7d:bf:8a:93:19:b4:36:eb:30:ac:0a:
04:9c:46:5b:b3:9f:fa:29:8e:4f:b0:0c:d6:38:6f:
b2:37:c0:70:49:60:45:19:0b:b4:c2:f4:56:ce:3d:
45:de:2e:9a:ac:94:85:1f:64:d8:ee:8d:e8:d5:0f:
a2:14:82:a0:d8:c2:a0:40:ef:39:fb:15:44:7e:4a:
39:fc:d7:a2:d3:e0:54:d1:ed:49:f2:87:9a:56:d5:
d1:86:b4:54:ae:ba:f2:07:ce:5b:6f:bf:71:22:ef:
8b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:28:CA:D6:4D:37:6D:58:7B:22:CC:D4:52:99:4E:83:56:B7:7E:17
X509v3 Authority Key Identifier:
keyid:43:2F:E7:0F:4C:EF:10:37:68:36:15:2F:38:E4:E0:85:32:CC:7B:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qy_nD0zvEDdoNhUvOOTghTLMe58.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/307607-5706-4e44-bb8e-189d00a333ee/1/ZSjK1k03bVh7IszUUplOg1a3fhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/307607-5706-4e44-bb8e-189d00a333ee/1/Qy_nD0zvEDdoNhUvOOTghTLMe58.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.168.0/22
Signature Algorithm: sha256WithRSAEncryption
91:b9:b8:50:89:f3:5e:5d:bf:34:44:24:1c:a6:df:70:99:0a:
04:c7:12:33:cc:63:45:8c:ed:0c:eb:81:2d:c9:2d:e2:aa:4c:
0f:ba:ff:ce:e3:11:61:5b:4f:34:37:e4:fc:7a:3d:ba:28:bb:
be:21:1c:cf:f2:90:c2:31:cc:4b:68:7c:bb:cb:98:c1:c1:6e:
fb:f5:79:1c:de:c1:29:65:57:23:1f:7a:39:31:9b:38:54:2b:
5b:2a:e2:0c:ad:ee:6f:af:c3:bd:00:71:4d:ce:75:46:ae:39:
d3:75:f3:4a:a8:e2:fc:49:e8:c3:be:3d:a7:8f:41:d8:42:9d:
1a:a6:91:ab:9f:6d:e6:16:78:70:08:f4:18:be:64:17:12:16:
e3:9c:50:6d:42:87:d8:4a:0e:c3:98:89:7a:7f:56:8e:69:ab:
6e:5c:db:a2:8d:9c:39:18:1b:91:9e:60:a9:54:26:dd:01:48:
d2:17:d1:e3:43:61:7d:e8:5e:e1:2a:32:07:84:30:1a:0c:b6:
f2:43:6b:f8:62:56:8b:89:04:70:6f:24:9a:38:f1:1b:b1:e3:
fb:af:d6:99:c1:4f:de:12:a4:d5:6f:d9:34:cc:b7:d4:fb:b1:
9e:b7:a9:08:ac:9c:81:16:7e:a2:ef:9f:fd:58:28:8d:10:0a:
67:2c:11:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjCsJMiHxOmik1YGnv7RPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMmZlNzBmNGNlZjEwMzc2ODM2MTUyZjM4ZTRlMDg1MzJj
YzdiOWYwHhcNMjUwMTAxMDE0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTI4Y2FkNjRkMzc2ZDU4N2IyMmNjZDQ1Mjk5NGU4MzU2Yjc3ZTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgWoPwMpRT0nlyGOtDYPaORgRJjt
1L6+c1HzkOGX5aN8oG8GGOggZZzVdO5A0/dy82uXxeJ/3rr56SPGzIbTkdYnrer1
khJ97iE4MPqUBs+c/zQObEKobgtYt5jnR/sc2H/FE3ElE3ml7PoC4NsKsp41iFRo
Hsn+RoB7WbgbRYeELNdrLzj8HTbuvqPRF0MO4drJ3P8prGf9fb+Kkxm0NuswrAoE
nEZbs5/6KY5PsAzWOG+yN8BwSWBFGQu0wvRWzj1F3i6arJSFH2TY7o3o1Q+iFIKg
2MKgQO85+xVEfko5/Nei0+BU0e1J8oeaVtXRhrRUrrryB85bb79xIu+LkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGUoytZNN21YeyLM1FKZToNWt34XMB8GA1UdIwQY
MBaAFEMv5w9M7xA3aDYVLzjk4IUyzHufMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXlfbkQwenZFRGRvTmhVdk9PVGdoVExNZTU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zMDc2MDctNTcwNi00ZTQ0LWJiOGUt
MTg5ZDAwYTMzM2VlLzEvWlNqSzFrMDNiVmg3SXN6VVVwbE9nMWEzZmhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zMDc2MDctNTcwNi00ZTQ0LWJiOGUtMTg5ZDAwYTMzM2Vl
LzEvUXlfbkQwenZFRGRvTmhVdk9PVGdoVExNZTU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuV+oMA0G
CSqGSIb3DQEBCwUAA4IBAQCRubhQifNeXb80RCQcpt9wmQoExxIzzGNFjO0M64Et
yS3iqkwPuv/O4xFhW080N+T8ej26KLu+IRzP8pDCMcxLaHy7y5jBwW779Xkc3sEp
ZVcjH3o5MZs4VCtbKuIMre5vr8O9AHFNznVGrjnTdfNKqOL8SejDvj2nj0HYQp0a
ppGrn23mFnhwCPQYvmQXEhbjnFBtQofYSg7DmIl6f1aOaatuXNuijZw5GBuRnmCp
VCbdAUjSF9HjQ2F96F7hKjIHhDAaDLbyQ2v4YlaLiQRwbySaOPEbseP7r9aZwU/e
EqTVb9k0zLfU+7Get6kIrJyBFn6i75/9WCiNEApnLBFY
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:05:24 2025 by rpki-client