Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/zMZkIjmJ2QpgvnpDUAinKvhQb1o.roa
File: zMZkIjmJ2QpgvnpDUAinKvhQb1o.roa (raw, json)
Hash identifier: Y7E9I/njb2IhcUidLKH3fAcdQ31FJYDtFn4eagm4C1Q=
Subject key identifier: CC:C6:64:22:39:89:D9:0A:60:BE:7A:43:50:08:A7:2A:F8:50:6F:5A
Certificate issuer: /CN=706b7fea8ad35111ca687a9cd00a49f9a4f0459b
Certificate serial: 0194266ACDD35D6E6E2347BB8F40433606FC
Authority key identifier: 70:6B:7F:EA:8A:D3:51:11:CA:68:7A:9C:D0:0A:49:F9:A4:F0:45:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cGt_6orTURHKaHqc0ApJ-aTwRZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/zMZkIjmJ2QpgvnpDUAinKvhQb1o.roa
Signing time: Thu 02 Jan 2025 09:48:41 +0000
ROA not before: Thu 02 Jan 2025 09:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212001
IP address blocks: 185.87.168.0/24 maxlen: 24
185.87.169.0/24 maxlen: 24
185.87.170.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6a:cd:d3:5d:6e:6e:23:47:bb:8f:40:43:36:06:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=706b7fea8ad35111ca687a9cd00a49f9a4f0459b
Validity
Not Before: Jan 2 09:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ccc664223989d90a60be7a435008a72af8506f5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e4:b0:ca:c2:4e:cd:b2:3f:45:e5:71:d7:d9:
9d:55:e4:14:0c:f0:93:0e:d9:00:9e:11:98:c6:6e:
17:37:6e:01:f0:a6:76:74:74:be:e8:24:ac:8a:66:
dc:32:d1:95:56:44:55:12:35:b0:70:8a:25:b3:3f:
ce:6c:3d:ce:32:70:41:4a:4e:e7:17:3b:46:c4:6a:
58:06:00:80:5b:6d:89:08:68:f0:19:de:c6:85:63:
1f:09:37:76:6f:75:d7:6e:d9:43:fa:9f:18:6c:e4:
64:fd:4f:ab:4f:18:d2:50:98:b2:81:2b:75:a0:c2:
84:c8:ef:da:9b:d1:3d:f9:25:62:9f:14:6f:45:e1:
68:ec:2d:b1:0d:cf:1e:fa:35:d5:c6:99:f8:6f:2e:
b3:51:36:99:14:69:55:8c:c3:12:c9:59:87:06:60:
32:dd:a8:9d:56:3b:69:b5:65:90:0c:77:29:02:94:
bd:27:fe:b6:69:f3:fb:68:92:77:39:5d:79:41:ec:
08:9b:04:5e:7d:90:5f:10:d9:3f:8e:74:23:34:44:
ee:fe:07:af:19:f7:4d:a0:2f:d2:13:a1:44:56:da:
85:d3:76:2d:52:26:d5:7a:73:8f:ed:35:1a:a2:3a:
81:db:af:09:1f:1b:02:d3:df:b9:12:85:51:b9:26:
51:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:C6:64:22:39:89:D9:0A:60:BE:7A:43:50:08:A7:2A:F8:50:6F:5A
X509v3 Authority Key Identifier:
keyid:70:6B:7F:EA:8A:D3:51:11:CA:68:7A:9C:D0:0A:49:F9:A4:F0:45:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cGt_6orTURHKaHqc0ApJ-aTwRZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/zMZkIjmJ2QpgvnpDUAinKvhQb1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/cGt_6orTURHKaHqc0ApJ-aTwRZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.87.168.0-185.87.170.255
Signature Algorithm: sha256WithRSAEncryption
0e:ff:ad:e7:2f:fc:dc:8c:17:81:57:63:22:fa:1d:11:c3:ef:
0c:c1:bb:23:80:42:c0:f7:16:d4:af:6e:15:16:ed:37:7d:0b:
22:b3:06:7a:d9:c8:39:78:07:69:d7:6f:26:e2:5f:00:a7:e1:
70:57:53:bf:3b:ab:2f:3d:1e:97:fd:c6:fe:75:f1:2e:ec:d2:
31:a7:d0:64:8f:84:84:ec:ca:8d:9c:c3:be:78:cf:30:b9:45:
2b:13:01:a7:7f:dc:d3:de:42:07:b5:24:64:6d:85:73:c2:24:
74:00:7d:3c:f4:a2:15:ec:54:3b:12:4d:20:b8:98:48:df:ab:
73:ac:b1:05:6a:d7:e5:9e:82:9a:c7:a3:c8:bf:3b:f7:b8:fa:
ca:5c:b1:a2:4f:16:4c:2a:0b:95:00:c5:53:0f:1c:9f:7e:de:
fb:46:32:8d:95:df:15:6e:a5:03:39:4e:f4:e9:6d:38:6c:97:
53:5e:bb:53:bb:8c:05:5a:c0:de:6e:db:05:78:55:a3:77:7c:
4c:f8:e5:37:e6:a7:07:fd:12:57:a1:d1:a5:5d:63:4a:7e:fb:
bb:92:47:46:90:02:18:fd:3b:c2:e7:9c:9b:6b:68:45:c2:de:
63:9d:9f:7f:cd:b2:ad:19:ce:8b:10:27:1a:74:81:59:76:86:
cf:6f:43:a6
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQmas3TXW5uI0e7j0BDNgb8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNmI3ZmVhOGFkMzUxMTFjYTY4N2E5Y2QwMGE0OWY5YTRm
MDQ1OWIwHhcNMjUwMTAyMDk0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2M2NjQyMjM5ODlkOTBhNjBiZTdhNDM1MDA4YTcyYWY4NTA2ZjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuSwysJOzbI/ReVx19mdVeQUDPCT
DtkAnhGYxm4XN24B8KZ2dHS+6CSsimbcMtGVVkRVEjWwcIolsz/ObD3OMnBBSk7n
FztGxGpYBgCAW22JCGjwGd7GhWMfCTd2b3XXbtlD+p8YbORk/U+rTxjSUJiygSt1
oMKEyO/am9E9+SVinxRvReFo7C2xDc8e+jXVxpn4by6zUTaZFGlVjMMSyVmHBmAy
3aidVjtptWWQDHcpApS9J/62afP7aJJ3OV15QewImwRefZBfENk/jnQjNETu/gev
GfdNoC/SE6FEVtqF03YtUibVenOP7TUaojqB268JHxsC09+5EoVRuSZRQwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMzGZCI5idkKYL56Q1AIpyr4UG9aMB8GA1UdIwQY
MBaAFHBrf+qK01ERymh6nNAKSfmk8EWbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0d0XzZvclRVUkhLYUhxYzBBcEotYVR3UlpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9kMjk3NGYtN2VmYS00NjExLTg4Mjct
MjYwYzM3N2EzMTRhLzEvek1aa0lqbUoyUXBndm5wRFVBaW5LdmhRYjFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9kMjk3NGYtN2VmYS00NjExLTg4MjctMjYwYzM3N2EzMTRh
LzEvY0d0XzZvclRVUkhLYUhxYzBBcEotYVR3UlpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAO5V6gD
BAC5V6owDQYJKoZIhvcNAQELBQADggEBAA7/recv/NyMF4FXYyL6HRHD7wzBuyOA
QsD3FtSvbhUW7Td9CyKzBnrZyDl4B2nXbybiXwCn4XBXU787qy89Hpf9xv518S7s
0jGn0GSPhITsyo2cw754zzC5RSsTAad/3NPeQge1JGRthXPCJHQAfTz0ohXsVDsS
TSC4mEjfq3OssQVq1+WegprHo8i/O/e4+spcsaJPFkwqC5UAxVMPHJ9+3vtGMo2V
3xVupQM5TvTpbThsl1Neu1O7jAVawN5u2wV4VaN3fEz45Tfmpwf9Eleh0aVdY0p+
+7uSR0aQAhj9O8LnnJtraEXC3mOdn3/Nsq0ZzosQJxp0gVl2hs9vQ6Y=
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:04:47 2025 by rpki-client