Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/ZoB1gP7oTVyfRG13O-c_gIaMGCQ.roa
File: ZoB1gP7oTVyfRG13O-c_gIaMGCQ.roa (raw, json)
Hash identifier: IRa/KE/nKCEiaBHR1gpdLgw9wOk9Ig7ABGA1PIr0t2o=
Subject key identifier: 66:80:75:80:FE:E8:4D:5C:9F:44:6D:77:3B:E7:3F:80:86:8C:18:24
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 01942067D2146E0D51E804E0D5D5FF841744
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/ZoB1gP7oTVyfRG13O-c_gIaMGCQ.roa
Signing time: Wed 01 Jan 2025 05:47:42 +0000
ROA not before: Wed 01 Jan 2025 05:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199802
IP address blocks: 194.209.214.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:d2:14:6e:0d:51:e8:04:e0:d5:d5:ff:84:17:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 05:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=66807580fee84d5c9f446d773be73f80868c1824
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b0:c8:68:4b:c3:ef:e2:00:03:97:71:f7:65:
23:0c:53:84:96:06:f9:94:47:0c:a5:96:89:27:9b:
2d:5f:ef:2f:e6:31:9c:4c:25:52:e5:2e:c3:45:d3:
d7:ac:34:c5:71:4c:f5:e1:b8:12:92:1f:9b:6c:b5:
06:37:0e:93:f3:04:13:17:5b:ee:ea:b5:1a:b2:20:
27:4b:a5:67:d5:ff:8b:ab:8e:71:b7:82:87:32:ab:
e1:71:5c:2c:64:dc:2e:f8:79:c7:13:70:7c:b0:80:
71:3b:f3:8f:ea:26:96:e3:ec:2e:53:50:26:b1:23:
c9:8d:d9:26:1c:63:9b:17:b4:b3:bf:01:f5:de:e5:
80:14:6d:27:3e:04:1f:e8:0e:2a:be:6c:61:f1:ba:
42:ac:55:de:fa:81:a7:21:40:ef:c1:3e:fd:a0:6f:
48:d9:ea:76:fc:72:25:f7:36:89:87:02:3c:89:2e:
42:00:84:0b:7b:4a:15:bc:5c:b4:86:9f:4c:7e:8b:
53:7b:90:50:ef:98:ab:e3:22:0d:75:dc:55:97:ed:
27:60:4d:47:5f:df:2f:f6:80:9f:55:5e:e2:53:d8:
79:4f:ea:d1:f5:09:1f:46:89:41:36:b2:da:9e:a2:
4e:68:71:73:86:59:13:7e:29:85:02:02:f2:df:62:
d3:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:80:75:80:FE:E8:4D:5C:9F:44:6D:77:3B:E7:3F:80:86:8C:18:24
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/ZoB1gP7oTVyfRG13O-c_gIaMGCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.209.214.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:36:a8:11:8e:17:a2:d9:56:fe:2e:8b:36:61:d3:92:20:e3:
b2:17:98:77:7b:dc:57:8f:38:bc:0f:ab:24:5c:a5:34:cd:82:
80:21:11:67:1b:74:4f:af:81:3b:be:ee:c1:0f:51:2b:a4:a6:
b6:6f:32:ed:30:4e:da:55:ca:15:e4:b6:4c:f8:68:6d:cc:bf:
73:7d:fb:5e:09:b9:73:7b:86:04:31:74:4a:75:8c:8a:69:81:
e8:4e:e5:96:1a:9e:8d:9b:df:18:ee:59:ce:f4:73:33:6d:41:
02:c2:ca:31:64:95:cf:c1:95:ca:8a:ab:f0:cd:ac:72:de:9a:
91:f2:e2:0b:ae:bd:99:61:1e:9a:be:62:1c:2f:b3:aa:8e:8a:
f6:b6:5b:2a:2c:f0:7e:4a:56:e1:7e:6b:11:ab:d8:7c:e8:d2:
8d:39:19:3a:4d:13:63:98:48:45:69:cc:c5:21:98:a8:46:a5:
07:fc:ab:f8:fe:4f:84:75:f9:68:15:22:0c:1c:14:77:d7:a0:
a3:0a:9f:d6:d4:51:6d:f7:b8:cf:ac:48:84:5d:62:a6:0f:71:
52:8e:4c:05:7a:d8:0f:f1:9c:70:6c:66:a2:33:3c:b5:39:33:
74:9f:25:02:fc:0c:7b:6e:16:de:05:c9:7f:7b:c0:59:71:d5:
38:5f:34:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgZ9IUbg1R6ATg1dX/hBdEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjUwMTAxMDU0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjgwNzU4MGZlZTg0ZDVjOWY0NDZkNzczYmU3M2Y4MDg2OGMxODI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbDIaEvD7+IAA5dx92UjDFOElgb5
lEcMpZaJJ5stX+8v5jGcTCVS5S7DRdPXrDTFcUz14bgSkh+bbLUGNw6T8wQTF1vu
6rUasiAnS6Vn1f+Lq45xt4KHMqvhcVwsZNwu+HnHE3B8sIBxO/OP6iaW4+wuU1Am
sSPJjdkmHGObF7SzvwH13uWAFG0nPgQf6A4qvmxh8bpCrFXe+oGnIUDvwT79oG9I
2ep2/HIl9zaJhwI8iS5CAIQLe0oVvFy0hp9MfotTe5BQ75ir4yINddxVl+0nYE1H
X98v9oCfVV7iU9h5T+rR9QkfRolBNrLanqJOaHFzhlkTfimFAgLy32LT9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGaAdYD+6E1cn0RtdzvnP4CGjBgkMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvWm9CMWdQN29UVnlmUkcxM08tY19nSWFNR0NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwtHWMA0G
CSqGSIb3DQEBCwUAA4IBAQCgNqgRjhei2Vb+Los2YdOSIOOyF5h3e9xXjzi8D6sk
XKU0zYKAIRFnG3RPr4E7vu7BD1ErpKa2bzLtME7aVcoV5LZM+GhtzL9zffteCblz
e4YEMXRKdYyKaYHoTuWWGp6Nm98Y7lnO9HMzbUECwsoxZJXPwZXKiqvwzaxy3pqR
8uILrr2ZYR6avmIcL7Oqjor2tlsqLPB+SlbhfmsRq9h86NKNORk6TRNjmEhFaczF
IZioRqUH/Kv4/k+EdfloFSIMHBR316CjCp/W1FFt97jPrEiEXWKmD3FSjkwFetgP
8ZxwbGaiMzy1OTN0nyUC/Ax7bhbeBcl/e8BZcdU4XzTL
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:45:50 2025 by rpki-client