Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/2ZUjsbofTFi-7eQ5tMGiF_G3Upk.roa
File: 2ZUjsbofTFi-7eQ5tMGiF_G3Upk.roa (raw, json)
Hash identifier: mn/OglfhNFHqLwQCitAF2xigx/s/YRIOHH/9qwVh9Qs=
Subject key identifier: D9:95:23:B1:BA:1F:4C:58:BE:ED:E4:39:B4:C1:A2:17:F1:B7:52:99
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258FE7F51D1F5831A1573F3A3CBCC77B
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/2ZUjsbofTFi-7eQ5tMGiF_G3Upk.roa
Signing time: Thu 02 Jan 2025 05:49:35 +0000
ROA not before: Thu 02 Jan 2025 05:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200123
IP address blocks: 93.170.9.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:e7:f5:1d:1f:58:31:a1:57:3f:3a:3c:bc:c7:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d99523b1ba1f4c58beede439b4c1a217f1b75299
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:41:1f:7d:85:91:35:ce:c1:03:67:ff:db:9a:
bd:38:c5:e2:6e:d2:fd:92:03:a4:a0:7d:3d:ae:38:
d2:98:d5:ec:df:8c:28:7c:a1:4e:a0:56:cb:39:e9:
b9:27:28:68:e8:ee:24:b3:2e:9e:6e:a2:65:f4:a4:
03:30:d7:bb:b3:3f:bc:b5:8f:69:db:33:18:31:3e:
e2:ac:19:10:87:86:cd:5e:7a:a5:19:a6:9f:27:3c:
22:76:4c:a7:dd:6a:98:c9:62:a2:5e:08:02:cb:46:
91:74:2d:c3:d9:ac:39:cc:cc:db:55:84:f9:0d:bd:
cb:17:fa:f1:9b:4b:84:6f:34:4d:76:26:11:ac:98:
51:dd:b7:42:0e:65:29:5a:d9:6d:fd:b0:2b:23:b7:
c5:b6:8a:21:b0:72:52:2b:5a:d2:48:c4:1c:af:5c:
eb:0b:ed:61:57:17:05:99:d5:da:cf:6c:40:97:56:
d8:00:39:0f:8b:ae:2f:c5:e7:04:02:ff:e2:35:d9:
bf:d0:5c:c4:c7:89:8f:56:a5:40:32:17:10:fe:e5:
a5:20:a8:7e:77:0f:ff:e5:3a:ce:13:7d:37:cb:b0:
b6:89:ac:21:7e:eb:30:21:6b:90:5f:1f:d8:86:b4:
e7:40:5f:db:f6:f6:fa:97:86:36:06:18:ee:a7:a4:
5a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:95:23:B1:BA:1F:4C:58:BE:ED:E4:39:B4:C1:A2:17:F1:B7:52:99
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/2ZUjsbofTFi-7eQ5tMGiF_G3Upk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.9.0/24
Signature Algorithm: sha256WithRSAEncryption
24:8e:fe:4a:1a:aa:f5:b9:22:cf:27:c4:ce:c8:89:55:de:08:
e3:82:e5:9f:a7:28:bb:23:06:77:b5:d3:27:40:fd:92:0a:92:
a1:1e:63:d7:19:e7:96:7f:d0:63:09:0d:4d:59:0f:6c:ab:e9:
af:49:1f:b8:1d:b1:e1:35:cd:67:61:98:37:b9:88:22:7e:12:
53:0f:8f:1b:fd:a9:f7:33:5c:61:ed:bc:8b:f0:29:3f:54:f8:
59:de:6f:df:84:0c:95:93:59:3e:b5:b1:d8:7a:f2:8d:4e:b4:
0a:ba:b7:12:f7:a0:f6:d6:39:7b:8b:ce:82:c0:ec:98:a7:55:
29:b8:e4:1e:0b:a5:b1:d1:b6:26:77:08:1d:14:c0:de:8a:42:
db:f4:e4:f1:f7:33:00:63:7b:68:78:44:6f:ba:84:97:6a:f5:
92:08:70:a9:f3:30:7a:3f:90:a3:0c:08:e9:a2:f7:e8:2c:03:
f9:47:e8:88:92:dd:23:b3:49:40:e0:0f:c3:09:fd:25:71:75:
02:c1:e8:3b:46:3e:81:23:61:bc:20:d9:aa:3a:50:62:cb:2c:
04:65:55:1e:1f:e0:54:b7:c4:49:5f:29:a0:49:47:39:58:8c:
38:4e:2f:0f:c2:fd:c0:b9:fe:83:30:36:7f:13:34:08:ff:cb:
fb:61:e3:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj+f1HR9YMaFXPzo8vMd7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTk1MjNiMWJhMWY0YzU4YmVlZGU0MzliNGMxYTIxN2YxYjc1Mjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUEffYWRNc7BA2f/25q9OMXibtL9
kgOkoH09rjjSmNXs34wofKFOoFbLOem5Jyho6O4ksy6ebqJl9KQDMNe7sz+8tY9p
2zMYMT7irBkQh4bNXnqlGaafJzwidkyn3WqYyWKiXggCy0aRdC3D2aw5zMzbVYT5
Db3LF/rxm0uEbzRNdiYRrJhR3bdCDmUpWtlt/bArI7fFtoohsHJSK1rSSMQcr1zr
C+1hVxcFmdXaz2xAl1bYADkPi64vxecEAv/iNdm/0FzEx4mPVqVAMhcQ/uWlIKh+
dw//5TrOE303y7C2iawhfuswIWuQXx/YhrTnQF/b9vb6l4Y2Bhjup6RaFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNmVI7G6H0xYvu3kObTBohfxt1KZMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvMlpVanNib2ZURmktN2VRNXRNR2lGX0czVXBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXaoJMA0G
CSqGSIb3DQEBCwUAA4IBAQAkjv5KGqr1uSLPJ8TOyIlV3gjjguWfpyi7IwZ3tdMn
QP2SCpKhHmPXGeeWf9BjCQ1NWQ9sq+mvSR+4HbHhNc1nYZg3uYgifhJTD48b/an3
M1xh7byL8Ck/VPhZ3m/fhAyVk1k+tbHYevKNTrQKurcS96D21jl7i86CwOyYp1Up
uOQeC6Wx0bYmdwgdFMDeikLb9OTx9zMAY3toeERvuoSXavWSCHCp8zB6P5CjDAjp
ovfoLAP5R+iIkt0js0lA4A/DCf0lcXUCweg7Rj6BI2G8INmqOlBiyywEZVUeH+BU
t8RJXymgSUc5WIw4Ti8Pwv3Auf6DMDZ/EzQI/8v7YeMf
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:05:53 2025 by rpki-client