Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/dZXJkmlyvZVvQ5UHAg09uOJXwSY.roa
File: dZXJkmlyvZVvQ5UHAg09uOJXwSY.roa (raw, json)
Hash identifier: Jsh2CkPEmDN5+70/mHjZupn2rWz00wbGnX5L8iRif4w=
Subject key identifier: 75:95:C9:92:69:72:BD:95:6F:43:95:07:02:0D:3D:B8:E2:57:C1:26
Certificate issuer: /CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Certificate serial: 01943BCD52BFB03870471D451675B94D6B43
Authority key identifier: 17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/dZXJkmlyvZVvQ5UHAg09uOJXwSY.roa
Signing time: Mon 06 Jan 2025 13:28:19 +0000
ROA not before: Mon 06 Jan 2025 13:28:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 86.110.42.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3b:cd:52:bf:b0:38:70:47:1d:45:16:75:b9:4d:6b:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Validity
Not Before: Jan 6 13:28:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7595c9926972bd956f439507020d3db8e257c126
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:70:79:05:09:f9:aa:86:ff:3f:61:91:1a:86:
64:b0:34:cb:b3:54:da:e8:3a:98:5d:23:27:a0:8a:
48:cd:93:c9:d3:df:db:fa:fa:ca:0d:2a:52:89:21:
4d:29:46:8d:53:94:12:e1:f5:7f:7e:0f:b4:7a:af:
78:5d:13:42:9a:cd:df:bd:0a:ee:b9:bd:9c:e6:0c:
54:35:6e:2b:5f:3b:5d:e1:55:ce:c1:ec:10:ed:fc:
05:8b:5d:f3:5d:17:7b:5f:89:7e:dd:30:4d:26:ed:
5e:75:ca:5f:46:17:d8:d9:27:aa:b4:17:b4:68:8d:
2a:fe:e4:f2:53:f2:4b:fd:aa:eb:a2:4c:4d:8e:4e:
79:9d:65:42:7c:fe:c2:c1:94:ec:bd:9d:43:50:e1:
ef:88:21:99:f5:d5:b6:b2:bd:85:ac:eb:df:42:9d:
10:97:3b:df:43:dd:2a:f1:d5:4f:15:12:6e:a3:24:
14:e9:c8:73:9f:5b:ec:cd:5f:3d:5e:e2:48:05:ff:
22:c0:02:52:1c:d8:67:9c:9c:be:6e:d0:5c:94:70:
a4:76:8c:37:87:13:91:0a:f5:f5:c0:17:84:72:8f:
9f:1f:63:76:3b:85:81:5f:a0:ff:47:0a:9a:0c:b0:
aa:fa:86:66:70:17:3d:61:5d:b5:94:b0:7b:6c:fe:
bb:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:95:C9:92:69:72:BD:95:6F:43:95:07:02:0D:3D:B8:E2:57:C1:26
X509v3 Authority Key Identifier:
keyid:17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/dZXJkmlyvZVvQ5UHAg09uOJXwSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.110.42.0/24
Signature Algorithm: sha256WithRSAEncryption
18:0d:ab:a0:4f:58:5f:cc:d8:b3:71:bc:df:ac:95:fa:7f:b4:
fc:76:db:07:6e:3c:13:aa:05:3a:3e:10:a1:45:18:4a:d6:0f:
6c:e5:58:15:3b:70:69:e4:41:99:91:4e:eb:2d:a4:87:3e:67:
63:7d:40:eb:cc:bc:3f:5f:c1:dd:8a:68:bc:6a:9b:8b:5b:81:
d3:3e:00:85:75:59:de:f6:27:6d:6a:a5:51:33:43:1e:92:52:
f7:33:08:e8:cc:ac:55:51:a6:7d:3b:cd:88:76:58:bd:e0:9a:
eb:17:87:fe:b5:7a:be:e6:6b:48:83:3f:ca:3d:a9:d9:26:51:
6c:91:ce:be:14:7a:44:90:46:6e:b2:8c:36:77:f1:c1:ab:03:
39:3c:81:73:dc:9c:10:cb:d0:5c:ab:2f:56:4a:ab:b1:f2:00:
89:92:7b:f9:0f:a3:44:4f:06:db:d1:35:a7:0b:36:b7:df:15:
85:54:16:d1:42:48:1f:e0:48:e4:e3:a8:94:c2:39:c9:1c:56:
55:40:62:61:b4:7c:5b:1a:80:0f:ff:35:f5:7b:ea:ef:b0:d1:
b2:ca:5b:0c:3f:bc:0e:3b:3c:ce:01:d2:a2:eb:fe:49:4c:0f:
ea:26:38:e5:1d:f0:dc:9d:03:5d:2d:f4:89:06:b4:94:da:71:
0b:53:40:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQ7zVK/sDhwRx1FFnW5TWtDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MDY3OTc3ZWZkMTRiYzg5ZmIwZGFiYTAzYmIwZjYwMGZi
YjAxODQwHhcNMjUwMTA2MTMyODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTk1Yzk5MjY5NzJiZDk1NmY0Mzk1MDcwMjBkM2RiOGUyNTdjMTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyXB5BQn5qob/P2GRGoZksDTLs1Ta
6DqYXSMnoIpIzZPJ09/b+vrKDSpSiSFNKUaNU5QS4fV/fg+0eq94XRNCms3fvQru
ub2c5gxUNW4rXztd4VXOwewQ7fwFi13zXRd7X4l+3TBNJu1edcpfRhfY2SeqtBe0
aI0q/uTyU/JL/arrokxNjk55nWVCfP7CwZTsvZ1DUOHviCGZ9dW2sr2FrOvfQp0Q
lzvfQ90q8dVPFRJuoyQU6chzn1vszV89XuJIBf8iwAJSHNhnnJy+btBclHCkdow3
hxORCvX1wBeEco+fH2N2O4WBX6D/RwqaDLCq+oZmcBc9YV21lLB7bP67/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHWVyZJpcr2Vb0OVBwINPbjiV8EmMB8GA1UdIwQY
MBaAFBcGeXfv0UvIn7DaugO7D2APuwGEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUt
ZDFhNzc3MmRiMDc2LzEvZFpYSmttbHl2WlZ2UTVVSEFnMDl1T0pYd1NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUtZDFhNzc3MmRiMDc2
LzEvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVm4qMA0G
CSqGSIb3DQEBCwUAA4IBAQAYDaugT1hfzNizcbzfrJX6f7T8dtsHbjwTqgU6PhCh
RRhK1g9s5VgVO3Bp5EGZkU7rLaSHPmdjfUDrzLw/X8Hdimi8apuLW4HTPgCFdVne
9idtaqVRM0MeklL3MwjozKxVUaZ9O82Idli94JrrF4f+tXq+5mtIgz/KPanZJlFs
kc6+FHpEkEZusow2d/HBqwM5PIFz3JwQy9Bcqy9WSqux8gCJknv5D6NETwbb0TWn
Cza33xWFVBbRQkgf4Ejk46iUwjnJHFZVQGJhtHxbGoAP/zX1e+rvsNGyylsMP7wO
OzzOAdKi6/5JTA/qJjjlHfDcnQNdLfSJBrSU2nELU0D/
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:04:54 2025 by rpki-client