Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/zOlgY5IrHLgbtIfV0Pi6jl9YDU4.roa
File: zOlgY5IrHLgbtIfV0Pi6jl9YDU4.roa (raw, json)
Hash identifier: njD9QIK3E73hbtUqBIUD8MdL8+AItiVKSz0ilT4meI8=
Subject key identifier: CC:E9:60:63:92:2B:1C:B8:1B:B4:87:D5:D0:F8:BA:8E:5F:58:0D:4E
Certificate issuer: /CN=5a376c8008d6abd962341563dd2a4dccaf153cba
Certificate serial: 019424454EA3F4EFFF97464B17CA8BEBD758
Authority key identifier: 5A:37:6C:80:08:D6:AB:D9:62:34:15:63:DD:2A:4D:CC:AF:15:3C:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/zOlgY5IrHLgbtIfV0Pi6jl9YDU4.roa
Signing time: Wed 01 Jan 2025 23:48:29 +0000
ROA not before: Wed 01 Jan 2025 23:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203854
IP address blocks: 185.122.4.0/22 maxlen: 22
2a05:7e40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:4e:a3:f4:ef:ff:97:46:4b:17:ca:8b:eb:d7:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a376c8008d6abd962341563dd2a4dccaf153cba
Validity
Not Before: Jan 1 23:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cce96063922b1cb81bb487d5d0f8ba8e5f580d4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:97:d3:97:5d:99:1a:ee:dd:69:03:23:7b:b8:
8c:e0:73:52:4b:ec:00:f8:c0:07:7d:2d:da:f8:ca:
46:5e:20:be:8c:0d:1c:7d:93:c5:ca:6e:30:6e:c6:
84:4d:9f:2f:80:a9:f9:70:67:77:71:63:7f:a5:7b:
4f:a5:e0:41:89:52:f7:36:3b:92:ac:6f:7a:2c:53:
83:25:06:a9:c6:a1:1a:90:39:a3:4b:8b:db:65:8c:
00:65:da:50:64:56:80:2a:f0:b6:85:e4:4c:2f:f4:
b3:d7:da:21:3b:b3:95:8f:9c:e8:cf:1a:49:bc:e9:
b3:14:98:04:f8:f2:55:59:0e:d0:18:49:88:3d:97:
36:e0:d1:50:48:3b:56:d5:08:54:da:89:73:78:79:
aa:34:06:61:a3:7b:51:ca:fd:4d:03:f9:01:e2:f1:
21:ab:63:a0:10:2c:90:19:29:6c:1b:4a:9e:59:0c:
62:fd:76:32:f5:81:46:09:83:8d:2d:c9:71:47:7d:
57:f8:74:b2:b0:fe:12:10:f5:08:22:ad:f3:b5:38:
12:ed:f4:fe:48:91:8d:be:44:ce:42:d3:10:46:c8:
6a:ab:47:7d:61:8c:42:94:88:f1:59:b7:7e:a9:d8:
8e:55:bb:2c:bd:57:80:76:30:c5:09:11:5b:be:ed:
06:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:E9:60:63:92:2B:1C:B8:1B:B4:87:D5:D0:F8:BA:8E:5F:58:0D:4E
X509v3 Authority Key Identifier:
keyid:5A:37:6C:80:08:D6:AB:D9:62:34:15:63:DD:2A:4D:CC:AF:15:3C:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/zOlgY5IrHLgbtIfV0Pi6jl9YDU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/WjdsgAjWq9liNBVj3SpNzK8VPLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.122.4.0/22
IPv6:
2a05:7e40::/29
Signature Algorithm: sha256WithRSAEncryption
74:10:be:58:ee:8a:a8:94:88:a3:da:ea:a9:37:60:e6:bc:52:
89:8e:29:2e:5f:78:ec:42:0b:ee:d4:b5:5e:9a:98:bf:84:66:
cb:a0:6b:25:65:eb:3d:b2:5d:f0:63:26:21:d9:e2:95:c3:aa:
20:58:63:be:e1:99:53:6b:fb:30:19:8d:c8:cd:38:83:30:11:
b2:b3:5c:dd:b1:bb:43:cc:af:f6:f9:d6:c8:cd:82:07:54:5f:
7e:eb:1e:20:3c:a5:df:02:2b:24:02:53:a3:ea:41:81:59:cd:
07:50:23:6b:84:61:c4:b3:e8:ec:9b:6f:d1:0c:da:47:d2:09:
e0:76:da:15:be:4e:04:38:b3:95:de:de:8c:27:66:56:03:8a:
7f:9f:61:1f:df:7d:13:9d:b2:27:9b:19:22:64:f8:58:9e:00:
56:70:67:6b:06:8f:d1:b2:55:db:ee:65:fc:5f:3c:69:0e:43:
74:fb:c2:03:28:b1:11:20:96:49:f0:07:fb:00:24:1f:46:50:
b3:32:a8:c4:46:3a:84:e2:b3:58:6a:8a:43:88:f4:3c:9d:31:
6e:10:2b:52:eb:c7:23:3a:db:12:ce:a5:c0:3d:51:dc:da:7b:
78:02:71:d1:70:5b:83:e0:12:e4:e9:88:95:f1:bb:dd:e3:fd:
af:6f:6c:62
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQkRU6j9O//l0ZLF8qL69dYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMzc2YzgwMDhkNmFiZDk2MjM0MTU2M2RkMmE0ZGNjYWYx
NTNjYmEwHhcNMjUwMTAxMjM0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2U5NjA2MzkyMmIxY2I4MWJiNDg3ZDVkMGY4YmE4ZTVmNTgwZDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZfTl12ZGu7daQMje7iM4HNSS+wA
+MAHfS3a+MpGXiC+jA0cfZPFym4wbsaETZ8vgKn5cGd3cWN/pXtPpeBBiVL3NjuS
rG96LFODJQapxqEakDmjS4vbZYwAZdpQZFaAKvC2heRML/Sz19ohO7OVj5zozxpJ
vOmzFJgE+PJVWQ7QGEmIPZc24NFQSDtW1QhU2olzeHmqNAZho3tRyv1NA/kB4vEh
q2OgECyQGSlsG0qeWQxi/XYy9YFGCYONLclxR31X+HSysP4SEPUIIq3ztTgS7fT+
SJGNvkTOQtMQRshqq0d9YYxClIjxWbd+qdiOVbssvVeAdjDFCRFbvu0GEQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMzpYGOSKxy4G7SH1dD4uo5fWA1OMB8GA1UdIwQY
MBaAFFo3bIAI1qvZYjQVY90qTcyvFTy6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2pkc2dBaldxOWxpTkJWajNTcE56SzhWUExvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9jYWE3NDMtMWMxMy00YTI1LTlmNmEt
NjViZTU1MDMxNjVkLzEvek9sZ1k1SXJITGdidElmVjBQaTZqbDlZRFU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9jYWE3NDMtMWMxMy00YTI1LTlmNmEtNjViZTU1MDMxNjVk
LzEvV2pkc2dBaldxOWxpTkJWajNTcE56SzhWUExvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXoEMA0E
AgACMAcDBQMqBX5AMA0GCSqGSIb3DQEBCwUAA4IBAQB0EL5Y7oqolIij2uqpN2Dm
vFKJjikuX3jsQgvu1LVempi/hGbLoGslZes9sl3wYyYh2eKVw6ogWGO+4ZlTa/sw
GY3IzTiDMBGys1zdsbtDzK/2+dbIzYIHVF9+6x4gPKXfAiskAlOj6kGBWc0HUCNr
hGHEs+jsm2/RDNpH0gngdtoVvk4EOLOV3t6MJ2ZWA4p/n2Ef330TnbInmxkiZPhY
ngBWcGdrBo/RslXb7mX8XzxpDkN0+8IDKLERIJZJ8Af7ACQfRlCzMqjERjqE4rNY
aopDiPQ8nTFuECtS68cjOtsSzqXAPVHc2nt4AnHRcFuD4BLk6YiV8bvd4/2vb2xi
-----END CERTIFICATE-----
Generated at Wed Apr 9 05:34:53 2025 by rpki-client