Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/zrfqR75OoH5LAkx5ywUrxPfIkl0.roa
File: zrfqR75OoH5LAkx5ywUrxPfIkl0.roa (raw, json)
Hash identifier: qjeO7XM/I4bWvX832yFNGj8IE6vN1cd5m9loEAID2jI=
Subject key identifier: CE:B7:EA:47:BE:4E:A0:7E:4B:02:4C:79:CB:05:2B:C4:F7:C8:92:5D
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 018CC348E33D1C46A3E98E58E2F090A2EC0C
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/zrfqR75OoH5LAkx5ywUrxPfIkl0.roa
Signing time: Mon 01 Jan 2024 04:29:42 +0000
ROA not before: Mon 01 Jan 2024 04:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205492
IP address blocks: 194.209.80.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:e3:3d:1c:46:a3:e9:8e:58:e2:f0:90:a2:ec:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 04:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ceb7ea47be4ea07e4b024c79cb052bc4f7c8925d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:e1:17:30:09:8d:33:f5:4a:4e:71:49:92:fa:
d6:f0:74:97:14:9f:3a:c8:92:c5:99:6e:f4:26:88:
0f:fb:99:a6:46:66:15:31:1b:7d:1f:f9:6c:ec:45:
46:92:86:ee:e5:aa:2d:ba:58:c5:70:b7:ad:b7:a2:
6e:39:fa:18:50:fb:65:47:51:83:91:c3:c6:43:e3:
72:52:0a:88:cf:b9:b3:e4:7a:a0:07:d0:c2:23:0a:
b4:9f:6c:03:2c:29:e6:50:92:a6:9d:6c:66:36:43:
ed:bc:5f:9e:dd:0e:e6:06:f5:cb:0d:6a:26:9c:dc:
cf:dc:9b:af:3a:e3:e8:e4:bc:e1:13:55:02:5a:ac:
d5:9e:ee:2b:cf:da:4a:b9:fd:45:7e:a7:1f:a5:7a:
e1:94:cc:3f:fb:04:75:d9:dd:e8:68:b1:e6:ab:7f:
2b:de:09:3d:12:6a:1d:47:2f:83:7f:c5:77:7f:95:
0a:5c:1f:59:9c:eb:22:5c:64:55:21:f9:69:f1:ce:
ed:e8:6a:f7:37:f2:3e:f5:80:63:53:2a:ed:e5:54:
2e:09:a2:58:9f:03:0a:67:3b:4d:67:5b:57:42:fe:
94:6f:90:f6:67:43:ed:35:c4:f6:69:d4:75:30:88:
71:a0:a0:70:fc:6a:12:c1:b5:2f:b0:dd:89:3e:4c:
93:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:B7:EA:47:BE:4E:A0:7E:4B:02:4C:79:CB:05:2B:C4:F7:C8:92:5D
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/zrfqR75OoH5LAkx5ywUrxPfIkl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.209.80.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:5a:bb:52:67:fa:ad:b4:8b:5b:2b:22:20:37:4c:fe:66:a1:
ab:79:e3:8e:be:4c:a5:96:54:4e:a9:5a:79:f0:b3:0f:d9:c8:
f5:c4:6f:56:a2:c2:84:0f:9d:01:db:82:8f:6b:85:b6:35:d9:
26:99:af:7b:d4:55:f0:5c:d8:52:30:54:56:3f:70:48:75:4e:
af:e1:d9:a5:cc:d3:5c:3c:dc:98:8b:e5:b0:94:b8:05:70:59:
61:b3:1f:86:29:d0:48:28:09:5c:11:e0:7b:8d:e1:2a:d1:cc:
75:2c:07:da:58:9d:45:08:ac:a7:a0:44:17:77:eb:bf:ed:91:
7e:d8:6d:13:23:9a:be:81:5b:74:b8:08:91:71:73:f1:37:83:
69:af:43:64:c7:a6:5f:fa:cb:94:15:58:a6:c4:e7:4d:cb:78:
95:20:5a:bb:de:1b:81:37:6a:2b:02:b1:66:d7:b7:41:b5:11:
ad:ba:d6:8d:15:4c:1d:1e:fb:11:82:51:01:c6:a7:ba:bc:93:
cc:bc:32:fe:88:51:07:ac:69:5b:69:75:fc:63:cc:e8:ab:99:
9e:45:b0:b9:c5:30:b8:2d:ab:a0:90:9f:a5:d6:69:36:24:07:
af:1b:e3:56:0a:59:e3:3a:5a:5d:b0:93:0d:b8:2e:17:90:08:
41:8d:d9:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSOM9HEaj6Y5Y4vCQouwMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjQwMTAxMDQyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWI3ZWE0N2JlNGVhMDdlNGIwMjRjNzljYjA1MmJjNGY3Yzg5MjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+EXMAmNM/VKTnFJkvrW8HSXFJ86
yJLFmW70JogP+5mmRmYVMRt9H/ls7EVGkobu5aotuljFcLett6JuOfoYUPtlR1GD
kcPGQ+NyUgqIz7mz5HqgB9DCIwq0n2wDLCnmUJKmnWxmNkPtvF+e3Q7mBvXLDWom
nNzP3JuvOuPo5LzhE1UCWqzVnu4rz9pKuf1FfqcfpXrhlMw/+wR12d3oaLHmq38r
3gk9EmodRy+Df8V3f5UKXB9ZnOsiXGRVIflp8c7t6Gr3N/I+9YBjUyrt5VQuCaJY
nwMKZztNZ1tXQv6Ub5D2Z0PtNcT2adR1MIhxoKBw/GoSwbUvsN2JPkyTnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM636ke+TqB+SwJMecsFK8T3yJJdMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvenJmcVI3NU9vSDVMQWt4NXl3VXJ4UGZJa2wwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwtFQMA0G
CSqGSIb3DQEBCwUAA4IBAQC9WrtSZ/qttItbKyIgN0z+ZqGreeOOvkylllROqVp5
8LMP2cj1xG9WosKED50B24KPa4W2Ndkmma971FXwXNhSMFRWP3BIdU6v4dmlzNNc
PNyYi+WwlLgFcFlhsx+GKdBIKAlcEeB7jeEq0cx1LAfaWJ1FCKynoEQXd+u/7ZF+
2G0TI5q+gVt0uAiRcXPxN4Npr0Nkx6Zf+suUFVimxOdNy3iVIFq73huBN2orArFm
17dBtRGtutaNFUwdHvsRglEBxqe6vJPMvDL+iFEHrGlbaXX8Y8zoq5meRbC5xTC4
LaugkJ+l1mk2JAevG+NWClnjOlpdsJMNuC4XkAhBjdlx
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:50:23 2025 by rpki-client