Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/ZOyHJ4Yqv0XVd9AATFKr91oKlKQ.roa
File: ZOyHJ4Yqv0XVd9AATFKr91oKlKQ.roa (raw, json)
Hash identifier: UP88f3uzMOFhKaWDsZtlJomj/zgPQgChtV7gCg0+LOM=
Subject key identifier: 64:EC:87:27:86:2A:BF:45:D5:77:D0:00:4C:52:AB:F7:5A:0A:94:A4
Certificate issuer: /CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Certificate serial: 019427B5BF9E178172CDEB15BD47C46434C2
Authority key identifier: 00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/ZOyHJ4Yqv0XVd9AATFKr91oKlKQ.roa
Signing time: Thu 02 Jan 2025 15:50:10 +0000
ROA not before: Thu 02 Jan 2025 15:50:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42635
IP address blocks: 85.204.36.0/24 maxlen: 24
185.253.56.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:bf:9e:17:81:72:cd:eb:15:bd:47:c4:64:34:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Validity
Not Before: Jan 2 15:50:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=64ec8727862abf45d577d0004c52abf75a0a94a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:de:00:16:6c:cd:8a:7c:5b:dd:b9:f1:57:66:
b4:22:8e:e2:fd:f5:f2:f0:a2:14:8a:0a:f7:0f:77:
d6:7c:ed:35:6b:64:85:db:d7:d9:7c:c6:f6:74:d2:
f1:50:f3:d0:04:2b:41:cf:36:1c:26:37:4c:be:4a:
25:96:98:ea:1c:da:1d:60:4f:8a:9d:7d:ec:5a:b1:
af:fc:53:bf:a7:c6:a8:15:26:d7:0a:23:e4:c0:f2:
18:7f:99:39:b8:c4:43:96:a0:6b:e8:b3:46:0b:77:
45:db:cc:21:87:46:8b:86:f2:04:13:48:35:a9:50:
47:15:48:d7:5c:f7:d9:86:f6:c6:38:f5:d2:89:db:
5f:5e:dd:c8:ac:5c:78:be:60:71:ab:59:26:e4:69:
6c:95:88:9c:9c:04:4b:25:e8:32:76:86:d6:03:0b:
15:30:54:27:70:82:2c:3e:82:51:b1:65:6f:83:37:
17:5e:fc:86:6b:68:0a:a4:d6:5f:e0:83:1a:62:0c:
c0:df:cb:0d:ed:06:62:26:06:dc:32:53:e6:9b:ee:
1e:25:f9:69:12:51:e2:06:39:10:7a:65:71:6c:bb:
bb:20:45:2d:eb:5b:f6:43:e2:c7:70:f4:d1:e4:42:
14:b5:e8:4d:7f:8e:36:3d:67:80:34:35:ad:f0:81:
7c:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:EC:87:27:86:2A:BF:45:D5:77:D0:00:4C:52:AB:F7:5A:0A:94:A4
X509v3 Authority Key Identifier:
keyid:00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/ZOyHJ4Yqv0XVd9AATFKr91oKlKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.36.0/24
185.253.56.0/24
Signature Algorithm: sha256WithRSAEncryption
82:03:53:ba:f0:07:a7:96:40:4e:d6:89:20:0b:e3:ad:f7:72:
2c:5b:b6:49:28:b1:23:12:c9:11:18:98:77:24:42:28:b4:55:
77:ab:b7:0a:aa:00:be:b9:4d:42:9e:46:b1:71:41:04:81:99:
cd:1a:0c:34:cf:29:03:f0:89:57:1b:26:ff:e3:8c:bf:a3:c7:
6c:a1:5b:22:fb:06:58:9c:e6:bc:49:2d:b3:d8:7b:01:e7:23:
de:eb:95:72:d6:8c:b1:55:f9:29:7f:e7:1c:9a:aa:e0:70:45:
db:a1:e7:41:91:be:bf:19:9f:e4:78:07:41:b4:8f:5e:12:98:
d0:8b:f6:eb:21:bf:4f:29:71:51:ba:24:99:27:2c:ae:e2:ac:
ec:3c:4a:7e:f3:c6:06:bf:72:3a:6b:10:ea:b3:6d:4a:20:85:
04:91:ed:57:b2:65:03:4c:4d:39:34:fa:8c:23:83:35:a4:4b:
1e:df:00:f8:5d:18:cc:fa:73:eb:0a:4c:2f:5b:8d:98:1c:e8:
bf:42:54:1b:6c:b2:9f:f7:84:2c:85:d1:f3:61:1c:b0:65:f6:
44:85:08:01:12:2d:4f:d0:6b:84:c4:0f:dc:1b:f5:5d:2a:b8:
5a:6d:c8:40:0b:e3:4a:05:f8:63:13:82:25:85:47:0a:26:ef:
1e:0a:1a:07
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQntb+eF4FyzesVvUfEZDTCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWZmNmI0ZWZmZTdjMzYzZWYyMDBmNmYzZTU4ODhiOTE1
YmE2ODEwHhcNMjUwMTAyMTU1MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGVjODcyNzg2MmFiZjQ1ZDU3N2QwMDA0YzUyYWJmNzVhMGE5NGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs94AFmzNinxb3bnxV2a0Io7i/fXy
8KIUigr3D3fWfO01a2SF29fZfMb2dNLxUPPQBCtBzzYcJjdMvkollpjqHNodYE+K
nX3sWrGv/FO/p8aoFSbXCiPkwPIYf5k5uMRDlqBr6LNGC3dF28whh0aLhvIEE0g1
qVBHFUjXXPfZhvbGOPXSidtfXt3IrFx4vmBxq1km5GlslYicnARLJegydobWAwsV
MFQncIIsPoJRsWVvgzcXXvyGa2gKpNZf4IMaYgzA38sN7QZiJgbcMlPmm+4eJflp
ElHiBjkQemVxbLu7IEUt61v2Q+LHcPTR5EIUtehNf442PWeANDWt8IF8RQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGTshyeGKr9F1XfQAExSq/daCpSkMB8GA1UdIwQY
MBaAFACv9rTv/nw2PvIA9vPliIuRW6aBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMt
YTg3NzNkZTc2OGY3LzEvWk95SEo0WXF2MFhWZDlBQVRGS3I5MW9LbEtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMtYTg3NzNkZTc2OGY3
LzEvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVcwkAwQA
uf04MA0GCSqGSIb3DQEBCwUAA4IBAQCCA1O68AenlkBO1okgC+Ot93IsW7ZJKLEj
EskRGJh3JEIotFV3q7cKqgC+uU1CnkaxcUEEgZnNGgw0zykD8IlXGyb/44y/o8ds
oVsi+wZYnOa8SS2z2HsB5yPe65Vy1oyxVfkpf+ccmqrgcEXboedBkb6/GZ/keAdB
tI9eEpjQi/brIb9PKXFRuiSZJyyu4qzsPEp+88YGv3I6axDqs21KIIUEke1XsmUD
TE05NPqMI4M1pEse3wD4XRjM+nPrCkwvW42YHOi/QlQbbLKf94QshdHzYRywZfZE
hQgBEi1P0GuExA/cG/VdKrhabchAC+NKBfhjE4IlhUcKJu8eChoH
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:34 2025 by rpki-client