Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1374c0-4bd4-4156-a77f-653a70bf0925/1/ZBxjHGvH2kwcceSwpaXPTulCLbM.roa
File: ZBxjHGvH2kwcceSwpaXPTulCLbM.roa (raw, json)
Hash identifier: z0F7ErenMaCxRJsl0cu2hh8z1Y1RZ1NvQtZLkBOOwzo=
Subject key identifier: 64:1C:63:1C:6B:C7:DA:4C:1C:71:E4:B0:A5:A5:CF:4E:E9:42:2D:B3
Certificate issuer: /CN=3ad77fe68fa9dab644fd0a3dfb3a02566a809590
Certificate serial: 07A2DDD4
Authority key identifier: 3A:D7:7F:E6:8F:A9:DA:B6:44:FD:0A:3D:FB:3A:02:56:6A:80:95:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Otd_5o-p2rZE_Qo9-zoCVmqAlZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/1374c0-4bd4-4156-a77f-653a70bf0925/1/ZBxjHGvH2kwcceSwpaXPTulCLbM.roa
Signing time: Sat 01 Jan 2022 14:03:35 +0000
ROA not before: Sat 01 Jan 2022 14:03:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208678
IP address blocks: 185.141.4.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 128114132 (0x7a2ddd4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ad77fe68fa9dab644fd0a3dfb3a02566a809590
Validity
Not Before: Jan 1 14:03:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=641c631c6bc7da4c1c71e4b0a5a5cf4ee9422db3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:7c:ec:cd:a4:da:83:b9:96:78:c4:8c:61:ab:
eb:04:2e:4d:78:19:ee:29:73:eb:8a:03:62:28:c7:
e2:87:f0:17:4f:c7:b0:62:d2:c9:fb:0f:33:16:8e:
87:d4:11:d9:b4:28:9e:48:5b:a6:11:b9:a0:44:3c:
dc:c1:4e:37:68:0f:dd:37:fe:a7:fb:3c:51:7a:70:
ac:92:9c:6b:2e:f6:aa:80:8a:22:d0:fe:0b:f4:03:
10:62:f6:70:24:94:2d:1c:90:61:f8:6a:08:2a:a6:
80:d2:73:1d:19:58:6a:ed:2d:50:83:f0:4d:2d:3c:
75:33:98:60:19:2b:e2:b7:00:4a:df:0e:33:5c:02:
42:e1:ae:a9:1f:5b:ba:a8:76:50:d5:b9:ef:9c:d6:
87:04:d9:25:47:9c:0a:99:15:94:11:a2:7e:84:cb:
73:80:1b:32:5d:8b:35:d6:58:6b:61:9a:0f:21:4b:
53:c6:1b:7f:ed:82:5b:64:8b:3b:17:21:fe:4f:54:
0c:3a:ad:04:c3:e0:8c:7a:f6:e3:31:bf:4d:1b:fc:
b3:df:c8:3c:50:43:59:a4:40:b6:ab:9b:4c:74:7d:
8a:f6:57:8d:bf:0c:9b:fa:2a:08:f6:6f:73:a4:b4:
df:ec:c2:a6:09:f2:99:7e:ba:45:03:b2:2e:2c:d2:
85:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:1C:63:1C:6B:C7:DA:4C:1C:71:E4:B0:A5:A5:CF:4E:E9:42:2D:B3
X509v3 Authority Key Identifier:
keyid:3A:D7:7F:E6:8F:A9:DA:B6:44:FD:0A:3D:FB:3A:02:56:6A:80:95:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Otd_5o-p2rZE_Qo9-zoCVmqAlZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1374c0-4bd4-4156-a77f-653a70bf0925/1/ZBxjHGvH2kwcceSwpaXPTulCLbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1374c0-4bd4-4156-a77f-653a70bf0925/1/Otd_5o-p2rZE_Qo9-zoCVmqAlZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.4.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:f1:8a:d7:c3:98:93:46:6f:77:57:43:ca:c4:a5:3f:57:14:
6e:ec:93:f1:ea:7d:18:93:22:dd:04:33:96:d4:25:a9:2a:2a:
33:29:be:44:14:ea:5f:4a:53:4b:78:1c:fd:bf:1f:8f:e9:e0:
b5:dc:4e:21:6a:89:fa:34:48:0b:74:ed:7a:63:42:82:f9:01:
35:d5:29:c2:97:62:5a:62:f0:57:d8:1c:da:e3:e1:ac:6c:1a:
d8:07:f0:4e:cb:2e:1f:cc:94:0d:e5:72:e2:75:50:fa:00:58:
54:e3:1b:f7:b4:16:77:31:01:7d:f9:38:93:d9:15:07:69:d9:
bd:47:55:12:90:66:17:6a:59:3f:e4:b2:66:86:b9:4e:e9:b5:
35:34:63:7c:61:d3:3f:bd:71:4e:60:58:c6:b5:63:02:75:dd:
46:8a:e6:19:e4:8b:45:54:77:70:1f:b6:44:a8:d7:c8:e5:4d:
2e:7e:88:09:c7:90:f0:96:3c:72:4e:fa:e3:10:4c:8e:ae:20:
3f:70:ac:57:20:fc:2a:a5:ad:89:cb:58:d9:35:b2:3e:2e:dd:
70:2d:f1:2d:bd:42:ee:66:cd:28:9e:66:02:27:6c:55:3a:52:
d1:40:64:da:93:cd:f2:65:d1:e8:bf:07:8f:97:4d:78:c4:af:
03:0d:18:f6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB6Ld1DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YWQ3N2ZlNjhmYTlkYWI2NDRmZDBhM2RmYjNhMDI1NjZhODA5NTkwMB4XDTIyMDEw
MTE0MDMzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjQxYzYzMWM2YmM3
ZGE0YzFjNzFlNGIwYTVhNWNmNGVlOTQyMmRiMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMZ87M2k2oO5lnjEjGGr6wQuTXgZ7ilz64oDYijH4ofwF0/H
sGLSyfsPMxaOh9QR2bQonkhbphG5oEQ83MFON2gP3Tf+p/s8UXpwrJKcay72qoCK
ItD+C/QDEGL2cCSULRyQYfhqCCqmgNJzHRlYau0tUIPwTS08dTOYYBkr4rcASt8O
M1wCQuGuqR9buqh2UNW575zWhwTZJUecCpkVlBGifoTLc4AbMl2LNdZYa2GaDyFL
U8Ybf+2CW2SLOxch/k9UDDqtBMPgjHr24zG/TRv8s9/IPFBDWaRAtqubTHR9ivZX
jb8Mm/oqCPZvc6S03+zCpgnymX66RQOyLizShY0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRkHGMca8faTBxx5LClpc9O6UItszAfBgNVHSMEGDAWgBQ613/mj6natkT9
Cj37OgJWaoCVkDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L090ZF81by1wMnJaRV9Rbzktem9DVm1xQWxaQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjQvMTM3NGMwLTRiZDQtNDE1Ni1hNzdmLTY1M2E3MGJmMDkyNS8x
L1pCeGpIR3ZIMmt3Y2NlU3dwYVhQVHVsQ0xiTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjQv
MTM3NGMwLTRiZDQtNDE1Ni1hNzdmLTY1M2E3MGJmMDkyNS8xL090ZF81by1wMnJa
RV9Rbzktem9DVm1xQWxaQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmNBDANBgkqhkiG9w0BAQsFAAOC
AQEAfvGK18OYk0Zvd1dDysSlP1cUbuyT8ep9GJMi3QQzltQlqSoqMym+RBTqX0pT
S3gc/b8fj+ngtdxOIWqJ+jRIC3TtemNCgvkBNdUpwpdiWmLwV9gc2uPhrGwa2Afw
TssuH8yUDeVy4nVQ+gBYVOMb97QWdzEBffk4k9kVB2nZvUdVEpBmF2pZP+SyZoa5
Tum1NTRjfGHTP71xTmBYxrVjAnXdRormGeSLRVR3cB+2RKjXyOVNLn6ICceQ8JY8
ck764xBMjq4gP3CsVyD8KqWtictY2TWyPi7dcC3xLb1C7mbNKJ5mAidsVTpS0UBk
2pPN8mXR6L8Hj5dNeMSvAw0Y9g==
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:15:47 2025 by rpki-client