Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/ZU_khK4df-wheiHw2cU4waMiDok.roa
File: ZU_khK4df-wheiHw2cU4waMiDok.roa (raw, json)
Hash identifier: Uwj4BCcUx0V4mYpYhUPtJMS6R4lRMC37Jc+dw0XylHk=
Subject key identifier: 65:4F:E4:84:AE:1D:7F:EC:21:7A:21:F0:D9:C5:38:C1:A3:22:0E:89
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 0194266B9F13AA7C9E4A54C6B7F05192F08C
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/ZU_khK4df-wheiHw2cU4waMiDok.roa
Signing time: Thu 02 Jan 2025 09:49:34 +0000
ROA not before: Thu 02 Jan 2025 09:49:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3320
IP address blocks: 45.141.130.0/24 maxlen: 24
185.240.85.0/24 maxlen: 24
193.56.21.0/24 maxlen: 24
212.87.217.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:9f:13:aa:7c:9e:4a:54:c6:b7:f0:51:92:f0:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Jan 2 09:49:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=654fe484ae1d7fec217a21f0d9c538c1a3220e89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:9b:8e:b1:d6:c2:1d:5c:4c:dc:87:8b:83:f1:
b8:a8:cf:32:a7:ce:4a:02:57:59:bb:d9:b9:e4:7d:
2c:92:f2:e0:9e:ba:82:1d:d5:ba:04:04:31:b2:b0:
ee:78:76:1a:e2:da:c0:00:e6:51:59:32:d6:6c:cb:
21:8a:7d:bc:29:83:e8:6f:1f:8e:7e:e3:80:3e:93:
df:18:b0:48:9c:cf:1c:d4:82:cd:a5:98:69:91:3e:
67:77:24:3b:43:e0:93:72:1b:ec:69:df:27:02:56:
0d:39:ff:45:7e:f3:32:d6:a2:82:2b:e5:5c:17:f5:
71:91:a8:ef:d8:04:60:19:e7:95:78:0e:c2:c6:a8:
75:8a:26:53:f5:2e:c5:3c:9d:ca:b7:83:23:52:73:
8f:9a:5c:6f:df:3a:f1:99:6f:7e:9f:e3:e2:d5:fe:
59:af:78:f3:23:b3:48:4e:a1:57:34:e7:30:fa:d6:
6c:c2:ad:92:48:1c:74:ae:3c:7c:99:ec:3f:4b:20:
1f:68:58:70:4a:70:cb:47:1e:cb:fb:14:bb:4e:0b:
cd:9e:e9:88:90:ef:65:5d:f2:73:2c:0d:3a:d9:0c:
f8:0e:ef:8f:b2:30:1d:fd:52:6c:79:df:15:92:77:
9f:b1:08:15:80:8d:5b:51:da:75:27:70:52:33:66:
e1:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:4F:E4:84:AE:1D:7F:EC:21:7A:21:F0:D9:C5:38:C1:A3:22:0E:89
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/ZU_khK4df-wheiHw2cU4waMiDok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.130.0/24
185.240.85.0/24
193.56.21.0/24
212.87.217.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:44:40:c7:ed:87:7c:b6:93:00:b1:0b:0b:14:de:3a:cc:5a:
76:63:c9:d0:47:84:fd:da:0d:3a:eb:ff:97:79:eb:f0:a1:c3:
0d:dc:03:5d:91:2d:40:27:c6:6a:2d:ef:25:21:18:7f:3d:4f:
ff:5a:29:d9:24:19:5c:95:ab:7d:e2:c5:f8:0c:8e:1e:8a:2c:
b0:e2:62:99:09:13:bf:03:d6:2a:93:ea:b2:78:0a:75:6e:79:
fe:7c:04:82:71:4b:e4:40:16:85:9b:14:66:7e:4e:ba:69:cf:
04:a7:60:91:1f:b5:3c:62:78:d1:25:da:e1:28:bf:c7:56:be:
cc:67:b1:3c:4b:bc:b5:50:c9:8c:70:77:35:34:01:9c:59:dd:
40:c1:83:60:1a:a4:fc:6a:ea:e0:5f:da:cd:8b:48:39:fb:5e:
45:64:64:7a:7c:16:47:22:69:73:35:8f:94:1c:3e:cf:61:72:
fe:76:40:7d:4c:28:26:c4:0f:ef:ab:92:39:2a:bc:eb:a8:f2:
3f:a0:f3:9c:49:7c:bc:8f:99:9b:0a:d0:86:66:47:66:6f:ac:
d4:13:7d:69:8c:cb:39:39:b5:85:e4:fc:14:cf:4d:00:cd:cb:
65:4b:86:7e:4d:ef:0c:58:7e:e8:d9:b1:84:a3:01:2a:df:84:
48:99:02:42
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQma58TqnyeSlTGt/BRkvCMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjUwMTAyMDk0OTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTRmZTQ4NGFlMWQ3ZmVjMjE3YTIxZjBkOWM1MzhjMWEzMjIwZTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ZuOsdbCHVxM3IeLg/G4qM8yp85K
AldZu9m55H0skvLgnrqCHdW6BAQxsrDueHYa4trAAOZRWTLWbMshin28KYPobx+O
fuOAPpPfGLBInM8c1ILNpZhpkT5ndyQ7Q+CTchvsad8nAlYNOf9FfvMy1qKCK+Vc
F/Vxkajv2ARgGeeVeA7Cxqh1iiZT9S7FPJ3Kt4MjUnOPmlxv3zrxmW9+n+Pi1f5Z
r3jzI7NITqFXNOcw+tZswq2SSBx0rjx8mew/SyAfaFhwSnDLRx7L+xS7TgvNnumI
kO9lXfJzLA062Qz4Du+PsjAd/VJsed8VknefsQgVgI1bUdp1J3BSM2bhvQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGVP5ISuHX/sIXoh8NnFOMGjIg6JMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvWlVfa2hLNGRmLXdoZWlIdzJjVTR3YU1pRG9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALY2CAwQA
ufBVAwQAwTgVAwQA1FfZMA0GCSqGSIb3DQEBCwUAA4IBAQBPREDH7Yd8tpMAsQsL
FN46zFp2Y8nQR4T92g066/+XeevwocMN3ANdkS1AJ8ZqLe8lIRh/PU//WinZJBlc
lat94sX4DI4eiiyw4mKZCRO/A9Yqk+qyeAp1bnn+fASCcUvkQBaFmxRmfk66ac8E
p2CRH7U8YnjRJdrhKL/HVr7MZ7E8S7y1UMmMcHc1NAGcWd1AwYNgGqT8aurgX9rN
i0g5+15FZGR6fBZHImlzNY+UHD7PYXL+dkB9TCgmxA/vq5I5KrzrqPI/oPOcSXy8
j5mbCtCGZkdmb6zUE31pjMs5ObWF5PwUz00AzctlS4Z+Te8MWH7o2bGEowEq34RI
mQJC
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:40:10 2025 by rpki-client