Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/zw1raLzJkOzuLdWVP5BWRU84p2o.roa
File: zw1raLzJkOzuLdWVP5BWRU84p2o.roa (raw, json)
Hash identifier: XIzDwzNdh9cyZCy+DakAR8zEkFIdZM7IKTxs2TBKsWM=
Subject key identifier: CF:0D:6B:68:BC:C9:90:EC:EE:2D:D5:95:3F:90:56:45:4F:38:A7:6A
Certificate issuer: /CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Certificate serial: 019422FC4052A3CEC2FAA82FC0D6FAD8ED91
Authority key identifier: E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/zw1raLzJkOzuLdWVP5BWRU84p2o.roa
Signing time: Wed 01 Jan 2025 17:49:04 +0000
ROA not before: Wed 01 Jan 2025 17:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208088
IP address blocks: 94.188.184.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:40:52:a3:ce:c2:fa:a8:2f:c0:d6:fa:d8:ed:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Validity
Not Before: Jan 1 17:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf0d6b68bcc990ecee2dd5953f9056454f38a76a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:17:1f:64:df:ba:64:b7:3a:8a:ef:56:e5:99:
a5:3b:0a:f5:c8:13:3c:50:1e:f5:08:32:91:09:41:
33:90:f0:1f:ac:c7:d3:1e:15:80:3a:1c:ee:b1:a7:
60:af:83:22:a7:35:e3:fc:7a:db:91:21:72:72:23:
42:82:1c:48:8d:f1:9e:d0:4b:61:f8:b9:fc:f8:3c:
48:79:a1:82:0f:14:bd:60:c2:29:9e:c9:03:4e:45:
0e:59:62:3b:dd:d5:16:cd:56:8d:5f:15:5d:d9:32:
cb:cb:39:af:b2:55:d8:1d:a4:13:4a:9c:33:8f:17:
e5:ef:9a:ac:cc:07:ad:fb:8e:60:40:8d:d4:57:cb:
2d:2c:d9:4d:44:6d:1c:04:a6:01:29:23:9b:e1:b3:
9e:bd:24:d1:30:e8:25:9b:24:8f:32:a0:f0:0b:8f:
58:c9:11:3f:61:48:b7:b6:96:ad:a5:1c:d4:e6:26:
1f:2b:c8:79:05:d8:a4:8f:2a:c8:f7:49:61:ae:bf:
c2:2c:08:71:79:9d:c8:b3:2c:84:bd:5a:fb:f0:9c:
67:25:81:fd:da:f8:ee:09:e6:e4:93:3f:ab:0e:5e:
d7:43:b3:f2:16:71:e2:76:40:99:bb:20:8e:a0:6b:
b1:1a:7c:f2:df:a7:58:d4:1b:e4:e3:d1:e7:1e:f8:
78:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:0D:6B:68:BC:C9:90:EC:EE:2D:D5:95:3F:90:56:45:4F:38:A7:6A
X509v3 Authority Key Identifier:
keyid:E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/zw1raLzJkOzuLdWVP5BWRU84p2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.188.184.0/24
Signature Algorithm: sha256WithRSAEncryption
24:52:c5:d1:f3:08:a8:57:1d:db:4d:d3:7e:83:1c:37:1b:b2:
82:2d:3b:e2:cd:38:a3:64:46:e3:f1:5f:16:a6:4c:a9:f6:4e:
67:37:6f:dc:49:27:3b:d9:2a:38:78:f2:db:0c:01:20:1d:70:
a3:48:fd:f4:b2:b9:f0:20:9c:eb:b4:0a:14:bb:83:9f:4b:32:
4d:33:3b:0e:16:c1:f0:1c:71:3f:e1:4d:41:a6:51:40:59:b8:
d8:91:8c:1c:fb:cd:87:b6:b6:aa:f3:dc:c2:ef:5c:ab:76:d5:
31:cf:fb:00:9b:bf:99:08:ec:77:90:5a:44:08:47:7e:bd:83:
ff:87:22:00:62:82:75:2f:9f:44:bd:b1:30:91:bb:ac:25:bc:
ae:6a:78:bb:8c:a4:cf:32:cf:ab:24:ad:68:d9:53:b7:96:ca:
a5:0c:ba:c7:e8:78:2b:65:23:47:77:f1:3b:6a:f6:ad:f5:fc:
71:d7:3a:30:3e:8c:23:73:74:eb:23:1c:dc:79:6e:d0:ad:c5:
da:e0:71:11:10:c1:ea:fd:d9:f4:da:8e:3f:b7:8e:05:cd:03:
5e:dc:0e:a5:c9:20:07:91:63:f8:74:ae:30:01:ca:61:b1:42:
26:1c:e8:58:8b:8d:85:18:72:d7:77:fc:3e:b8:1e:14:7b:90:
31:e9:da:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/EBSo87C+qgvwNb62O2RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDViYjQwMTE4MGU1NWY1YzE2NWQ0NzkwOGRmZjRmZTI5
YTBkODYwHhcNMjUwMTAxMTc0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjBkNmI2OGJjYzk5MGVjZWUyZGQ1OTUzZjkwNTY0NTRmMzhhNzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxcfZN+6ZLc6iu9W5ZmlOwr1yBM8
UB71CDKRCUEzkPAfrMfTHhWAOhzusadgr4MipzXj/HrbkSFyciNCghxIjfGe0Eth
+Ln8+DxIeaGCDxS9YMIpnskDTkUOWWI73dUWzVaNXxVd2TLLyzmvslXYHaQTSpwz
jxfl75qszAet+45gQI3UV8stLNlNRG0cBKYBKSOb4bOevSTRMOglmySPMqDwC49Y
yRE/YUi3tpatpRzU5iYfK8h5BdikjyrI90lhrr/CLAhxeZ3IsyyEvVr78JxnJYH9
2vjuCebkkz+rDl7XQ7PyFnHidkCZuyCOoGuxGnzy36dY1Bvk49HnHvh4HwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM8Na2i8yZDs7i3VlT+QVkVPOKdqMB8GA1UdIwQY
MBaAFOLVu0ARgOVfXBZdR5CN/0/img2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEt
NDIxZTZiYzdlMmU4LzEvencxcmFMekprT3p1TGRXVlA1QldSVTg0cDJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEtNDIxZTZiYzdlMmU4
LzEvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXry4MA0G
CSqGSIb3DQEBCwUAA4IBAQAkUsXR8wioVx3bTdN+gxw3G7KCLTvizTijZEbj8V8W
pkyp9k5nN2/cSSc72So4ePLbDAEgHXCjSP30srnwIJzrtAoUu4OfSzJNMzsOFsHw
HHE/4U1BplFAWbjYkYwc+82Htraq89zC71yrdtUxz/sAm7+ZCOx3kFpECEd+vYP/
hyIAYoJ1L59EvbEwkbusJbyuani7jKTPMs+rJK1o2VO3lsqlDLrH6HgrZSNHd/E7
avat9fxx1zowPowjc3TrIxzceW7QrcXa4HEREMHq/dn02o4/t44FzQNe3A6lySAH
kWP4dK4wAcphsUImHOhYi42FGHLXd/w+uB4Ue5Ax6dp3
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:22:32 2025 by rpki-client