Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/1d575d-7b22-47c7-a17e-8a136cb0dd5c/1/zElW9nBSEefX0nViIsarFQPCkZs.roa
File: zElW9nBSEefX0nViIsarFQPCkZs.roa (raw, json)
Hash identifier: CmIv1btIhlBvo+yXBuSYJkAIeImv5p3pKaVYvxzuwhU=
Subject key identifier: CC:49:56:F6:70:52:11:E7:D7:D2:75:62:22:C6:AB:15:03:C2:91:9B
Certificate issuer: /CN=37c48b789cc7ffe7be09444643fdb86bdb573f7d
Certificate serial: 0194221FA366750B76090153F3FEDEC76806
Authority key identifier: 37:C4:8B:78:9C:C7:FF:E7:BE:09:44:46:43:FD:B8:6B:DB:57:3F:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N8SLeJzH_-e-CURGQ_24a9tXP30.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/1d575d-7b22-47c7-a17e-8a136cb0dd5c/1/zElW9nBSEefX0nViIsarFQPCkZs.roa
Signing time: Wed 01 Jan 2025 13:48:06 +0000
ROA not before: Wed 01 Jan 2025 13:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202373
IP address blocks: 84.38.76.0/23 maxlen: 23
194.55.96.0/22 maxlen: 22
194.55.97.0/24 maxlen: 24
194.55.98.0/24 maxlen: 24
2a0c:cac0::/29 maxlen: 29
2a0c:cac1::/32 maxlen: 32
2a0c:cac2::/32 maxlen: 32
2a0c:cac6:1000::/36 maxlen: 36
2a0c:cac6:2000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:a3:66:75:0b:76:09:01:53:f3:fe:de:c7:68:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37c48b789cc7ffe7be09444643fdb86bdb573f7d
Validity
Not Before: Jan 1 13:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc4956f6705211e7d7d2756222c6ab1503c2919b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:be:26:2f:fb:4d:cf:aa:56:1c:f7:87:a0:e9:
22:c9:5f:6b:ca:1b:2e:20:43:1a:3a:02:a1:4a:ba:
e4:8c:27:c0:bc:a3:4f:8c:0b:e3:8c:50:b1:a3:db:
f7:80:c8:9f:77:1d:be:aa:64:bd:9f:2e:e3:71:6c:
85:79:c0:3a:c6:48:3b:ee:cf:1d:09:b5:52:87:56:
fa:cd:59:77:02:2f:18:95:f7:71:5c:77:15:e6:c3:
10:51:ca:eb:a3:02:8a:07:08:27:e6:a0:ad:c3:07:
4a:40:65:40:66:84:b5:4e:a4:ec:03:df:a9:b7:0e:
d7:16:44:cb:29:89:43:6b:16:e4:51:03:c0:e4:51:
3c:84:e1:e1:dd:22:37:45:26:9e:c8:a0:d5:86:d7:
1a:04:f4:3f:fd:f6:ba:8c:1f:ff:47:89:6c:40:c3:
7b:e0:6b:4d:46:bb:a2:12:c3:2b:99:be:3e:6d:ba:
eb:59:08:d0:88:95:2b:ec:d4:d0:00:03:b9:85:c0:
b1:3a:b8:6c:1c:4d:36:9d:cb:ea:26:87:23:3b:ad:
84:d7:17:72:0e:79:53:75:fa:ea:e6:98:4b:c3:28:
52:e8:7d:62:48:dc:a8:10:57:8d:4c:ef:f7:44:37:
85:74:07:30:bc:ee:0f:cb:18:07:0a:2d:0f:ed:2f:
d5:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:49:56:F6:70:52:11:E7:D7:D2:75:62:22:C6:AB:15:03:C2:91:9B
X509v3 Authority Key Identifier:
keyid:37:C4:8B:78:9C:C7:FF:E7:BE:09:44:46:43:FD:B8:6B:DB:57:3F:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N8SLeJzH_-e-CURGQ_24a9tXP30.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/1d575d-7b22-47c7-a17e-8a136cb0dd5c/1/zElW9nBSEefX0nViIsarFQPCkZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/1d575d-7b22-47c7-a17e-8a136cb0dd5c/1/N8SLeJzH_-e-CURGQ_24a9tXP30.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.38.76.0/23
194.55.96.0/22
IPv6:
2a0c:cac0::/29
Signature Algorithm: sha256WithRSAEncryption
30:53:68:ca:ab:89:7f:6e:2d:4d:73:ff:9c:e2:9c:c1:d9:34:
75:e3:a8:28:e2:39:25:f3:c1:1b:29:f3:11:a8:ee:c0:06:d1:
94:4c:77:ed:b4:b5:20:07:5a:ff:fd:e0:b5:b9:de:6b:d9:ee:
fe:11:c3:29:b7:88:53:ea:87:64:11:57:b9:13:f3:ac:24:ec:
85:58:ad:4c:bc:1d:01:08:83:89:4c:be:98:80:b1:13:b9:d4:
6d:58:66:e5:77:36:a0:fc:19:e7:06:1a:3f:2d:20:87:30:26:
c0:6d:d5:7c:d5:b2:63:e7:56:2a:2f:46:02:c5:60:69:84:11:
41:b4:61:30:95:6e:51:aa:86:7c:e5:92:51:ab:d6:d9:81:ff:
6a:74:23:2f:34:f2:03:35:80:0f:90:08:22:47:33:2b:2e:62:
62:15:48:25:98:a3:3f:91:33:d8:92:aa:fc:03:3c:c1:59:ba:
e2:5e:1f:92:e9:67:97:8c:92:68:20:a6:50:45:a9:3d:75:13:
de:6b:d6:02:2e:6b:7e:24:e0:bf:02:aa:95:62:5b:1f:e4:63:
57:e5:97:ff:0b:5f:a9:a3:cf:4c:62:ba:55:88:91:48:d3:61:
06:e2:35:4c:07:f4:a4:e8:c4:0a:25:f1:9a:2c:c4:36:9f:03:
d3:d0:46:b2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQiH6NmdQt2CQFT8/7ex2gGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3YzQ4Yjc4OWNjN2ZmZTdiZTA5NDQ0NjQzZmRiODZiZGI1
NzNmN2QwHhcNMjUwMTAxMTM0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzQ5NTZmNjcwNTIxMWU3ZDdkMjc1NjIyMmM2YWIxNTAzYzI5MTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAor4mL/tNz6pWHPeHoOkiyV9ryhsu
IEMaOgKhSrrkjCfAvKNPjAvjjFCxo9v3gMifdx2+qmS9ny7jcWyFecA6xkg77s8d
CbVSh1b6zVl3Ai8YlfdxXHcV5sMQUcrrowKKBwgn5qCtwwdKQGVAZoS1TqTsA9+p
tw7XFkTLKYlDaxbkUQPA5FE8hOHh3SI3RSaeyKDVhtcaBPQ//fa6jB//R4lsQMN7
4GtNRruiEsMrmb4+bbrrWQjQiJUr7NTQAAO5hcCxOrhsHE02ncvqJocjO62E1xdy
DnlTdfrq5phLwyhS6H1iSNyoEFeNTO/3RDeFdAcwvO4PyxgHCi0P7S/V8QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMxJVvZwUhHn19J1YiLGqxUDwpGbMB8GA1UdIwQY
MBaAFDfEi3icx//nvglERkP9uGvbVz99MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjhTTGVKekhfLWUtQ1VSR1FfMjRhOXRYUDMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8xZDU3NWQtN2IyMi00N2M3LWExN2Ut
OGExMzZjYjBkZDVjLzEvekVsVzluQlNFZWZYMG5WaUlzYXJGUVBDa1pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8xZDU3NWQtN2IyMi00N2M3LWExN2UtOGExMzZjYjBkZDVj
LzEvTjhTTGVKekhfLWUtQ1VSR1FfMjRhOXRYUDMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBVCZMAwQC
wjdgMA0EAgACMAcDBQMqDMrAMA0GCSqGSIb3DQEBCwUAA4IBAQAwU2jKq4l/bi1N
c/+c4pzB2TR146go4jkl88EbKfMRqO7ABtGUTHfttLUgB1r//eC1ud5r2e7+EcMp
t4hT6odkEVe5E/OsJOyFWK1MvB0BCIOJTL6YgLETudRtWGbldzag/BnnBho/LSCH
MCbAbdV81bJj51YqL0YCxWBphBFBtGEwlW5RqoZ85ZJRq9bZgf9qdCMvNPIDNYAP
kAgiRzMrLmJiFUglmKM/kTPYkqr8AzzBWbriXh+S6WeXjJJoIKZQRak9dRPea9YC
Lmt+JOC/AqqVYlsf5GNX5Zf/C1+po89MYrpViJFI02EG4jVMB/Sk6MQKJfGaLMQ2
nwPT0Eay
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:18:42 2025 by rpki-client