Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/z4h6VOta7nlktuKCkK1-Zw-1S8Q.roa
File: z4h6VOta7nlktuKCkK1-Zw-1S8Q.roa (raw, json)
Hash identifier: XA8aL+R7cIm6KIZ8pt2+mp6cPL138KkhjyZFmjM+7SU=
Subject key identifier: CF:88:7A:54:EB:5A:EE:79:64:B6:E2:82:90:AD:7E:67:0F:B5:4B:C4
Certificate issuer: /CN=ab7ba43576667664ad6f29a666270e3357836f1a
Certificate serial: 019424459455D4A9A4DB80055F0F61D6A101
Authority key identifier: AB:7B:A4:35:76:66:76:64:AD:6F:29:A6:66:27:0E:33:57:83:6F:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3ukNXZmdmStbymmZicOM1eDbxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/z4h6VOta7nlktuKCkK1-Zw-1S8Q.roa
Signing time: Wed 01 Jan 2025 23:48:47 +0000
ROA not before: Wed 01 Jan 2025 23:48:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199472
IP address blocks: 176.121.16.0/22 maxlen: 24
176.121.16.0/24 maxlen: 24
176.121.17.0/24 maxlen: 24
176.121.18.0/24 maxlen: 24
176.121.19.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:94:55:d4:a9:a4:db:80:05:5f:0f:61:d6:a1:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab7ba43576667664ad6f29a666270e3357836f1a
Validity
Not Before: Jan 1 23:48:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf887a54eb5aee7964b6e28290ad7e670fb54bc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:bb:d2:ae:7b:b3:67:95:aa:3e:98:55:57:b4:
fe:09:e7:d3:35:c6:77:ed:f6:26:c7:22:f1:9f:85:
12:d8:69:f3:57:63:36:55:a3:2a:a3:09:55:b1:d7:
a6:cd:75:cb:f8:0f:1c:9b:9b:9b:17:39:3a:f1:3a:
38:cb:b8:95:9c:df:2f:d6:52:c3:07:ab:08:2e:51:
48:9f:14:69:80:53:0f:61:ac:5f:d0:8e:59:e9:7e:
7f:a0:32:ca:0d:cf:0f:f5:b6:3b:46:19:b8:d4:23:
78:86:0e:43:0f:c0:4c:cf:57:bd:10:a7:14:07:64:
14:e5:35:e2:49:4b:ed:30:f0:ec:56:8b:aa:6d:c7:
d4:ea:cb:40:39:0b:f9:6f:b3:09:06:e6:68:a2:ec:
f0:e0:5f:21:44:e2:67:ab:0e:82:07:fd:ec:48:37:
d3:18:e1:11:0a:2a:a5:78:84:4d:47:99:62:32:fb:
00:df:a0:43:ae:d4:18:79:e6:1f:12:62:74:21:62:
b0:11:40:62:95:c3:8c:4f:dd:63:1c:fb:9f:f3:5c:
27:00:b4:4c:b8:4e:9a:06:77:4b:0e:6f:4f:65:8d:
7f:1b:f8:9e:96:0b:76:20:e6:47:74:c4:ac:d3:06:
5a:8f:52:ad:62:df:45:40:40:bd:22:38:8c:44:77:
97:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:88:7A:54:EB:5A:EE:79:64:B6:E2:82:90:AD:7E:67:0F:B5:4B:C4
X509v3 Authority Key Identifier:
keyid:AB:7B:A4:35:76:66:76:64:AD:6F:29:A6:66:27:0E:33:57:83:6F:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3ukNXZmdmStbymmZicOM1eDbxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/z4h6VOta7nlktuKCkK1-Zw-1S8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/q3ukNXZmdmStbymmZicOM1eDbxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.121.16.0/22
Signature Algorithm: sha256WithRSAEncryption
73:8f:01:0e:42:e4:fa:52:86:d4:14:f5:d0:fb:97:36:e3:e4:
a4:57:0c:be:16:d0:64:03:d4:03:d5:d8:08:2e:0f:48:0d:c2:
4e:4d:97:a5:f7:a5:cf:9c:d0:d2:39:69:50:88:cc:d3:41:65:
0d:6f:f6:a9:b6:c1:25:c9:63:a9:86:22:b3:76:41:46:e2:c9:
1c:fb:6a:cf:40:42:92:5e:cc:33:6c:ae:3f:33:ed:ed:57:4d:
c0:e2:89:0e:83:ce:40:7d:a2:66:54:a1:23:b8:69:8f:a4:88:
ac:ab:59:60:31:4b:9f:ea:3e:ac:06:6d:77:21:56:b6:53:1d:
24:4c:63:88:4c:d0:90:f4:94:40:f8:3e:ef:b4:94:ff:e4:d8:
57:44:34:0b:1c:e3:71:e1:4a:ec:6a:4d:53:62:be:32:ff:eb:
4c:c8:05:c5:1d:3e:b2:ab:91:bf:7f:17:cd:de:9a:c4:35:56:
a4:57:bf:9c:d6:8b:89:36:6a:c0:45:fc:e8:fe:98:b6:07:81:
6a:ef:ba:b7:00:19:03:68:5e:71:1d:82:19:ed:64:5b:eb:22:
a2:22:95:75:31:0d:df:82:47:94:e3:52:1d:e6:2b:08:1a:d3:
4e:df:4e:4e:8f:34:ac:0d:b7:f7:4e:f5:84:97:2f:38:d1:d9:
90:13:41:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRZRV1Kmk24AFXw9h1qEBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiN2JhNDM1NzY2Njc2NjRhZDZmMjlhNjY2MjcwZTMzNTc4
MzZmMWEwHhcNMjUwMTAxMjM0ODQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjg4N2E1NGViNWFlZTc5NjRiNmUyODI5MGFkN2U2NzBmYjU0YmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLvSrnuzZ5WqPphVV7T+CefTNcZ3
7fYmxyLxn4US2GnzV2M2VaMqowlVsdemzXXL+A8cm5ubFzk68To4y7iVnN8v1lLD
B6sILlFInxRpgFMPYaxf0I5Z6X5/oDLKDc8P9bY7Rhm41CN4hg5DD8BMz1e9EKcU
B2QU5TXiSUvtMPDsVouqbcfU6stAOQv5b7MJBuZoouzw4F8hROJnqw6CB/3sSDfT
GOERCiqleIRNR5liMvsA36BDrtQYeeYfEmJ0IWKwEUBilcOMT91jHPuf81wnALRM
uE6aBndLDm9PZY1/G/ielgt2IOZHdMSs0wZaj1KtYt9FQEC9IjiMRHeXXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM+IelTrWu55ZLbigpCtfmcPtUvEMB8GA1UdIwQY
MBaAFKt7pDV2ZnZkrW8ppmYnDjNXg28aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTN1a05YWm1kbVN0YnltbVppY09NMWVEYnhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My8wZTFmOTEtYzNlZC00MzVkLWE0NWYt
MjNhYzc1ODA0OGVjLzEvejRoNlZPdGE3bmxrdHVLQ2tLMS1ady0xUzhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My8wZTFmOTEtYzNlZC00MzVkLWE0NWYtMjNhYzc1ODA0OGVj
LzEvcTN1a05YWm1kbVN0YnltbVppY09NMWVEYnhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsHkQMA0G
CSqGSIb3DQEBCwUAA4IBAQBzjwEOQuT6UobUFPXQ+5c24+SkVwy+FtBkA9QD1dgI
Lg9IDcJOTZel96XPnNDSOWlQiMzTQWUNb/aptsElyWOphiKzdkFG4skc+2rPQEKS
XswzbK4/M+3tV03A4okOg85AfaJmVKEjuGmPpIisq1lgMUuf6j6sBm13IVa2Ux0k
TGOITNCQ9JRA+D7vtJT/5NhXRDQLHONx4Ursak1TYr4y/+tMyAXFHT6yq5G/fxfN
3prENVakV7+c1ouJNmrARfzo/pi2B4Fq77q3ABkDaF5xHYIZ7WRb6yKiIpV1MQ3f
gkeU41Id5isIGtNO305OjzSsDbf3TvWEly840dmQE0GF
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:43:27 2025 by rpki-client