Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ZAqhfKGzKxjwDql7H0MZ6FrL66w.roa
File: ZAqhfKGzKxjwDql7H0MZ6FrL66w.roa (raw, json)
Hash identifier: V7ALUz5g8dw79houSfGZJQdL+hh1dXtgQGOX3dA/6q0=
Subject key identifier: 64:0A:A1:7C:A1:B3:2B:18:F0:0E:A9:7B:1F:43:19:E8:5A:CB:EB:AC
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 01942746B99449E83195B8D515D2CCA97B9C
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ZAqhfKGzKxjwDql7H0MZ6FrL66w.roa
Signing time: Thu 02 Jan 2025 13:48:53 +0000
ROA not before: Thu 02 Jan 2025 13:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213002
IP address blocks: 185.241.10.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:46:b9:94:49:e8:31:95:b8:d5:15:d2:cc:a9:7b:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jan 2 13:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=640aa17ca1b32b18f00ea97b1f4319e85acbebac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:6f:5a:b6:15:9d:5b:5a:06:7c:9a:af:84:00:
ef:0b:a4:fb:d3:d4:55:5b:78:24:bd:f2:28:df:d1:
3d:5c:99:ed:81:cb:0b:4e:a6:b7:54:e9:16:aa:9e:
8f:68:83:b8:97:20:c7:df:3b:1a:0a:05:8f:41:99:
ee:f1:39:9e:a9:2b:00:87:ad:6a:65:82:d2:a0:e6:
c5:51:d6:84:28:86:9c:e7:cf:24:bc:8e:e7:1d:d1:
07:b8:62:76:45:81:cf:99:5a:9a:0b:33:ca:17:99:
ba:5a:b8:c5:cc:aa:10:ce:f4:35:29:d4:a9:83:1a:
5d:08:45:04:d7:8e:53:94:07:b7:99:40:85:60:24:
3e:c6:c2:64:f2:c5:0b:d5:89:82:c0:32:54:5d:2a:
8d:98:ac:e1:b1:81:0f:a6:65:f2:6d:64:77:57:94:
ce:65:72:38:e3:01:b7:d6:bd:b7:0a:2b:d9:2a:5f:
a2:75:fe:dd:c5:08:c3:1a:e2:87:11:15:1d:63:8c:
11:f7:f6:55:fc:4e:6a:69:42:c6:32:3f:09:de:b0:
d6:df:d1:83:1e:cc:e2:b9:a0:97:3a:7c:f3:47:3d:
f0:22:b3:9d:5d:10:35:ba:25:38:64:5f:15:5e:a8:
89:ab:3c:fc:d9:36:39:f8:f5:59:5c:67:24:ea:2b:
06:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:0A:A1:7C:A1:B3:2B:18:F0:0E:A9:7B:1F:43:19:E8:5A:CB:EB:AC
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ZAqhfKGzKxjwDql7H0MZ6FrL66w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.241.10.0/24
Signature Algorithm: sha256WithRSAEncryption
65:99:77:f4:4a:f2:2a:f8:20:6e:cc:89:c0:79:bf:4b:c0:6e:
9d:ed:fb:0e:7f:f5:b8:eb:e7:f7:06:e9:aa:5b:f0:6e:d8:02:
fb:6a:d0:7c:c7:7d:82:77:74:ce:f6:c4:f7:55:b2:d7:f2:48:
11:65:98:8d:3f:75:a4:d5:b7:f9:9f:dc:e9:19:69:69:da:92:
22:25:e5:1c:d6:bf:ea:0a:1d:8d:61:79:87:3b:04:81:50:aa:
36:67:d3:84:08:12:a2:97:09:21:a4:ca:09:89:3d:3a:ad:30:
cf:2c:89:73:3c:48:59:e8:4f:d2:ac:56:0a:15:d6:6b:82:94:
19:6a:1a:ed:54:c3:4a:7a:80:ac:14:7c:42:db:55:00:06:19:
14:79:99:f2:7a:7d:b6:1b:00:6e:5a:f6:1e:ec:dc:49:d7:6b:
66:61:14:b3:44:fc:c6:63:4f:95:f3:b6:04:aa:d2:ad:95:53:
ae:5b:9f:71:26:00:07:09:4b:bb:43:16:a9:ea:7e:86:8d:ce:
6d:2c:ec:0c:cb:0e:f4:11:f9:24:43:d4:d3:58:1c:d2:36:6f:
4c:e9:d9:55:98:5e:7b:52:34:2d:79:94:62:73:ad:2e:ae:b3:
8f:94:52:d4:4b:ee:bf:4a:d4:9a:19:2c:98:47:80:10:95:a9:
96:c5:00:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnRrmUSegxlbjVFdLMqXucMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwMTAyMTM0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDBhYTE3Y2ExYjMyYjE4ZjAwZWE5N2IxZjQzMTllODVhY2JlYmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArG9athWdW1oGfJqvhADvC6T709RV
W3gkvfIo39E9XJntgcsLTqa3VOkWqp6PaIO4lyDH3zsaCgWPQZnu8TmeqSsAh61q
ZYLSoObFUdaEKIac588kvI7nHdEHuGJ2RYHPmVqaCzPKF5m6WrjFzKoQzvQ1KdSp
gxpdCEUE145TlAe3mUCFYCQ+xsJk8sUL1YmCwDJUXSqNmKzhsYEPpmXybWR3V5TO
ZXI44wG31r23CivZKl+idf7dxQjDGuKHERUdY4wR9/ZV/E5qaULGMj8J3rDW39GD
HsziuaCXOnzzRz3wIrOdXRA1uiU4ZF8VXqiJqzz82TY5+PVZXGck6isGDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGQKoXyhsysY8A6pex9DGehay+usMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvWkFxaGZLR3pLeGp3RHFsN0gwTVo2RnJMNjZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufEKMA0G
CSqGSIb3DQEBCwUAA4IBAQBlmXf0SvIq+CBuzInAeb9LwG6d7fsOf/W46+f3Bumq
W/Bu2AL7atB8x32Cd3TO9sT3VbLX8kgRZZiNP3Wk1bf5n9zpGWlp2pIiJeUc1r/q
Ch2NYXmHOwSBUKo2Z9OECBKilwkhpMoJiT06rTDPLIlzPEhZ6E/SrFYKFdZrgpQZ
ahrtVMNKeoCsFHxC21UABhkUeZnyen22GwBuWvYe7NxJ12tmYRSzRPzGY0+V87YE
qtKtlVOuW59xJgAHCUu7Qxap6n6Gjc5tLOwMyw70EfkkQ9TTWBzSNm9M6dlVmF57
UjQteZRic60urrOPlFLUS+6/StSaGSyYR4AQlamWxQBk
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:29:38 2025 by rpki-client