Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/zCNBmhsRDnDb9ryCDWtbUPndwlA.roa
File: zCNBmhsRDnDb9ryCDWtbUPndwlA.roa (raw, json)
Hash identifier: lM4B9V8EL0JwuFhSV6qhcY7Zl4qM4vGH7yp9eojuZsI=
Subject key identifier: CC:23:41:9A:1B:11:0E:70:DB:F6:BC:82:0D:6B:5B:50:F9:DD:C2:50
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 0190E62CF6A569E4B9B098CDC8E819202700
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/zCNBmhsRDnDb9ryCDWtbUPndwlA.roa
Signing time: Wed 24 Jul 2024 19:17:04 +0000
ROA not before: Wed 24 Jul 2024 19:17:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 95.82.0.0/20 maxlen: 20
109.111.32.0/20 maxlen: 24
109.111.40.0/22 maxlen: 24
176.221.20.0/22 maxlen: 24
176.221.24.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e6:2c:f6:a5:69:e4:b9:b0:98:cd:c8:e8:19:20:27:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Jul 24 19:17:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc23419a1b110e70dbf6bc820d6b5b50f9ddc250
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:31:c4:0a:3f:03:c1:8c:9b:5c:78:26:3a:ae:
8c:92:91:4a:3f:cb:c9:e3:48:83:4e:f5:99:3d:bc:
7d:b2:7a:9c:a9:80:f0:48:14:17:c3:cf:4a:0e:1d:
33:8f:21:d4:bd:c7:3e:6f:3a:fa:59:1d:86:7f:9c:
e8:c4:f8:ac:7e:5a:6f:d9:d4:84:2d:7c:1b:fb:92:
b9:33:af:c6:ee:9e:5a:ce:a1:fc:ff:10:19:cb:f3:
f6:2e:22:fb:66:b3:da:38:17:e9:66:cb:24:0a:f0:
a4:96:7f:e4:51:f6:ca:1c:02:0c:7f:6a:3f:d9:23:
b0:16:5e:f9:4b:42:98:73:c7:49:7e:a7:fd:6b:d5:
20:59:0b:10:d5:59:e1:11:6d:60:f9:54:fb:88:08:
a2:be:fa:1f:b3:4d:4d:dd:c7:e7:fe:a4:99:de:dd:
6f:3d:9e:86:1b:41:42:75:ec:9f:78:64:64:c7:72:
38:a4:3c:4d:58:87:ad:d0:6a:ed:ac:62:12:02:36:
6c:a2:4a:fe:bc:09:48:b2:80:19:d2:8e:d8:49:99:
6e:6f:da:2c:80:a3:71:ab:22:58:93:44:17:c2:7f:
e6:c8:97:8b:8a:af:e9:11:a8:0d:22:ba:bd:6c:6a:
d1:e9:c0:e6:53:5c:cd:72:b1:85:9e:b3:fe:0f:d3:
94:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:23:41:9A:1B:11:0E:70:DB:F6:BC:82:0D:6B:5B:50:F9:DD:C2:50
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/zCNBmhsRDnDb9ryCDWtbUPndwlA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.82.0.0/20
109.111.32.0/20
176.221.20.0-176.221.27.255
Signature Algorithm: sha256WithRSAEncryption
7d:0d:e1:4d:f1:07:89:89:7c:94:26:7e:6e:8f:1c:e0:80:ba:
73:15:4e:a2:93:7f:ca:82:75:fe:37:dc:c6:43:49:6f:cd:12:
41:3d:1b:21:4b:8d:18:ae:fb:c8:53:7a:99:42:75:43:8b:7d:
32:c4:fe:d8:26:91:0d:9a:b8:c4:44:df:e9:82:c6:89:3b:9b:
9a:da:f8:f5:80:2a:dc:61:7c:b5:df:a8:5b:04:89:76:3c:1a:
d0:e2:9e:bb:20:79:b4:9b:b4:cd:6c:6f:40:8e:aa:5d:72:95:
a9:48:18:8c:a0:e1:84:21:31:9c:5e:4a:91:2b:0b:22:4b:b1:
fe:c7:75:6e:c6:fe:0c:ae:f6:b6:17:97:38:f6:cb:ab:06:ee:
18:a5:b2:0e:8c:e6:fd:7a:bd:e5:81:c3:2c:a4:cf:0c:33:55:
b0:5d:60:1f:9a:85:36:8e:8b:5c:ba:e6:91:4c:cd:23:0c:d5:
2f:e6:df:60:c2:cf:c6:78:a9:64:0b:b5:ae:fb:54:0b:e9:9b:
0c:46:dd:4a:4e:3f:77:e7:5f:45:ab:f4:37:35:e1:2c:d6:7a:
80:91:fa:2e:61:c3:ae:39:96:db:34:88:05:fb:2b:a8:c3:71:
67:ff:eb:39:d4:05:78:f8:05:a5:1b:fa:0b:37:b9:c5:6b:3b:
56:f6:2b:5b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZDmLPalaeS5sJjNyOgZICcAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQwNzI0MTkxNzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzIzNDE5YTFiMTEwZTcwZGJmNmJjODIwZDZiNWI1MGY5ZGRjMjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDHECj8DwYybXHgmOq6MkpFKP8vJ
40iDTvWZPbx9snqcqYDwSBQXw89KDh0zjyHUvcc+bzr6WR2Gf5zoxPisflpv2dSE
LXwb+5K5M6/G7p5azqH8/xAZy/P2LiL7ZrPaOBfpZsskCvCkln/kUfbKHAIMf2o/
2SOwFl75S0KYc8dJfqf9a9UgWQsQ1VnhEW1g+VT7iAiivvofs01N3cfn/qSZ3t1v
PZ6GG0FCdeyfeGRkx3I4pDxNWIet0GrtrGISAjZsokr+vAlIsoAZ0o7YSZlub9os
gKNxqyJYk0QXwn/myJeLiq/pEagNIrq9bGrR6cDmU1zNcrGFnrP+D9OUtwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMwjQZobEQ5w2/a8gg1rW1D53cJQMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvekNOQm1oc1JEbkRiOXJ5Q0RXdGJVUG5kd2xBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQEX1IAAwQE
bW8gMAwDBAKw3RQDBAKw3RgwDQYJKoZIhvcNAQELBQADggEBAH0N4U3xB4mJfJQm
fm6PHOCAunMVTqKTf8qCdf433MZDSW/NEkE9GyFLjRiu+8hTeplCdUOLfTLE/tgm
kQ2auMRE3+mCxok7m5ra+PWAKtxhfLXfqFsEiXY8GtDinrsgebSbtM1sb0COql1y
lalIGIyg4YQhMZxeSpErCyJLsf7HdW7G/gyu9rYXlzj2y6sG7hilsg6M5v16veWB
wyykzwwzVbBdYB+ahTaOi1y65pFMzSMM1S/m32DCz8Z4qWQLta77VAvpmwxG3UpO
P3fnX0Wr9Dc14SzWeoCR+i5hw645lts0iAX7K6jDcWf/6znUBXj4BaUb+gs3ucVr
O1b2K1s=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:13:41 2025 by rpki-client