Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/D2Z_L386Enm9QxC1ZnNLuY9b8hY.roa
File: D2Z_L386Enm9QxC1ZnNLuY9b8hY.roa (raw, json)
Hash identifier: Ens2EgMzEWcITsyMvYkfnAchqlNGXNjHRan8FWaLvCY=
Subject key identifier: 0F:66:7F:2F:7F:3A:12:79:BD:43:10:B5:66:73:4B:B9:8F:5B:F2:16
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 01856D8B04A40F4FCB2AE3686407CD30C521
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/D2Z_L386Enm9QxC1ZnNLuY9b8hY.roa
Signing time: Sun 01 Jan 2023 13:35:05 +0000
ROA not before: Sun 01 Jan 2023 13:35:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35610
IP address blocks: 194.209.52.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8b:04:a4:0f:4f:cb:2a:e3:68:64:07:cd:30:c5:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 13:35:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f667f2f7f3a1279bd4310b566734bb98f5bf216
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:de:f7:30:cd:6a:19:bc:ea:9f:df:55:2d:1e:
69:64:e5:35:d6:ff:1d:9f:e6:61:1c:13:c9:89:c5:
3f:8f:dc:1f:84:ed:7a:75:ab:6e:7e:47:c1:de:ea:
8d:59:00:48:1a:ea:d7:30:b7:c8:f4:ef:8e:e3:3b:
57:c0:50:3f:1f:cb:0c:e5:72:fa:c8:59:aa:32:7e:
2c:c2:6f:69:62:96:32:c9:aa:5a:ef:ee:4d:96:eb:
11:1f:99:44:0a:cc:23:62:85:43:f7:fb:74:76:77:
c1:fe:56:1b:ed:a2:df:95:c0:a0:76:ba:6f:90:12:
29:b7:6c:32:ab:4e:ee:7e:2f:37:ba:db:a8:86:6e:
2a:17:5a:47:73:cb:3d:33:09:a3:3c:c7:2e:38:49:
2f:e8:bb:7d:2e:f8:b3:af:31:fd:f8:0d:8d:76:50:
45:78:24:60:84:2d:90:70:b7:85:66:ea:bc:61:2f:
79:03:11:6a:b3:38:e5:29:76:91:22:90:5e:2a:76:
57:e3:50:ac:b7:a1:b4:f2:a1:36:08:99:69:59:c8:
0b:b7:8a:91:6b:f8:55:82:66:33:5c:8d:59:1a:ff:
c1:8d:52:7f:74:01:8e:24:72:e1:ee:d9:e8:62:3a:
8c:e0:2f:38:e1:0b:fa:58:63:19:f7:4b:97:66:ee:
b0:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:66:7F:2F:7F:3A:12:79:BD:43:10:B5:66:73:4B:B9:8F:5B:F2:16
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/D2Z_L386Enm9QxC1ZnNLuY9b8hY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.209.52.0/24
Signature Algorithm: sha256WithRSAEncryption
15:a7:96:6e:21:23:40:3c:93:9f:44:32:b8:69:59:ad:6b:70:
ab:60:f2:fd:7d:0d:47:97:02:01:c2:92:3e:2e:62:60:0e:2b:
a9:3f:cf:92:37:eb:70:9b:97:00:da:28:1d:18:3f:d8:f7:eb:
2b:5c:62:7a:c9:89:2c:22:4d:20:be:bc:a0:38:52:3b:68:5a:
09:98:af:d2:46:f9:c3:74:b7:b4:6c:53:69:9b:ac:1c:de:1b:
4f:31:9d:b6:ea:51:61:45:8c:d4:6f:ac:1a:82:7f:1e:90:3d:
83:ac:98:4d:20:3e:ee:6a:7b:d6:81:aa:a6:23:10:19:d4:1d:
12:81:73:f9:ca:d8:fa:4c:86:1b:94:03:57:0d:07:27:7a:0c:
8c:f8:cd:e9:14:23:80:cb:0e:2c:a7:1e:57:70:b9:97:24:4f:
e3:37:67:7a:5c:d2:21:67:d1:c0:fb:13:13:6c:20:40:10:33:
35:06:32:53:43:34:80:e2:9d:fc:ea:da:c0:94:20:24:50:d8:
85:65:f9:eb:9e:e1:42:0f:e2:82:b3:47:88:fb:dc:47:83:d9:
99:e1:ec:95:7b:39:1c:ab:5e:6a:49:27:d5:6d:04:e4:a2:04:
b2:86:39:38:10:19:99:34:d0:81:87:4f:76:88:57:a5:8d:68:
ea:91:a0:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtiwSkD0/LKuNoZAfNMMUhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjMwMTAxMTMzNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjY2N2YyZjdmM2ExMjc5YmQ0MzEwYjU2NjczNGJiOThmNWJmMjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzt73MM1qGbzqn99VLR5pZOU11v8d
n+ZhHBPJicU/j9wfhO16datufkfB3uqNWQBIGurXMLfI9O+O4ztXwFA/H8sM5XL6
yFmqMn4swm9pYpYyyapa7+5NlusRH5lECswjYoVD9/t0dnfB/lYb7aLflcCgdrpv
kBIpt2wyq07ufi83utuohm4qF1pHc8s9MwmjPMcuOEkv6Lt9LvizrzH9+A2NdlBF
eCRghC2QcLeFZuq8YS95AxFqszjlKXaRIpBeKnZX41Cst6G08qE2CJlpWcgLt4qR
a/hVgmYzXI1ZGv/BjVJ/dAGOJHLh7tnoYjqM4C844Qv6WGMZ90uXZu6wPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA9mfy9/OhJ5vUMQtWZzS7mPW/IWMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvRDJaX0wzODZFbm05UXhDMVpuTkx1WTliOGhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwtE0MA0G
CSqGSIb3DQEBCwUAA4IBAQAVp5ZuISNAPJOfRDK4aVmta3CrYPL9fQ1HlwIBwpI+
LmJgDiupP8+SN+twm5cA2igdGD/Y9+srXGJ6yYksIk0gvrygOFI7aFoJmK/SRvnD
dLe0bFNpm6wc3htPMZ226lFhRYzUb6wagn8ekD2DrJhNID7uanvWgaqmIxAZ1B0S
gXP5ytj6TIYblANXDQcnegyM+M3pFCOAyw4spx5XcLmXJE/jN2d6XNIhZ9HA+xMT
bCBAEDM1BjJTQzSA4p386trAlCAkUNiFZfnrnuFCD+KCs0eI+9xHg9mZ4eyVezkc
q15qSSfVbQTkogSyhjk4EBmZNNCBh092iFeljWjqkaDp
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:44:09 2025 by rpki-client