Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1fa945-50e7-479a-9d92-ddcd4d935030/1/8ZzZOsoNxzqTVnkbin6ybKbW_iE.roa
File: 8ZzZOsoNxzqTVnkbin6ybKbW_iE.roa (raw, json)
Hash identifier: aAypFjIsrcqNgC1vOm+2cpCa72iCH5FHjzjsazdxuwE=
Subject key identifier: F1:9C:D9:3A:CA:0D:C7:3A:93:56:79:1B:8A:7E:B2:6C:A6:D6:FE:21
Certificate issuer: /CN=78d636c505d56af42a414c167d52407d356b3d0b
Certificate serial: 0191E7E549061FEAB36D3EABBD6DF33C2D81
Authority key identifier: 78:D6:36:C5:05:D5:6A:F4:2A:41:4C:16:7D:52:40:7D:35:6B:3D:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eNY2xQXVavQqQUwWfVJAfTVrPQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/1fa945-50e7-479a-9d92-ddcd4d935030/1/8ZzZOsoNxzqTVnkbin6ybKbW_iE.roa
Signing time: Thu 12 Sep 2024 20:20:48 +0000
ROA not before: Thu 12 Sep 2024 20:20:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209480
IP address blocks: 91.204.168.0/22 maxlen: 24
188.65.144.0/21 maxlen: 24
2a00:1aa0::/29 maxlen: 29
2a00:1aa0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e7:e5:49:06:1f:ea:b3:6d:3e:ab:bd:6d:f3:3c:2d:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78d636c505d56af42a414c167d52407d356b3d0b
Validity
Not Before: Sep 12 20:20:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f19cd93aca0dc73a9356791b8a7eb26ca6d6fe21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ef:0d:03:14:68:1f:e3:54:04:1d:3e:4d:79:
23:74:ab:ce:63:55:cf:28:0a:88:7e:c5:66:62:9c:
f6:52:f2:1e:f8:37:26:79:27:dd:b8:57:0f:e8:b1:
82:39:37:e6:6a:fd:7d:d9:84:58:f9:f5:4e:f4:2f:
1f:51:b4:17:6c:97:b6:a5:6c:73:2e:3d:b2:8a:ab:
c3:a4:f7:6f:3d:89:fd:07:03:80:51:23:da:47:17:
59:72:70:69:90:91:b1:25:9c:27:d6:3c:4a:72:e7:
cb:eb:4c:8d:18:33:3a:09:14:11:dc:b7:26:d8:77:
59:f4:77:9a:d7:ab:cd:32:75:ec:d4:a1:2a:a7:eb:
85:06:53:c4:20:de:b0:5e:b6:24:c4:18:c0:5f:91:
ae:80:db:3e:fd:22:b9:af:f7:bf:a7:91:d5:a5:2e:
29:7d:51:65:00:7c:d3:77:15:35:85:1b:30:b3:46:
76:fa:5e:7a:00:03:43:37:19:f8:ea:fc:a1:af:26:
57:14:54:8d:ec:bd:ea:ed:a2:fc:4d:83:5a:dc:42:
b6:92:b0:8a:8a:4f:cb:a3:75:8d:1e:d9:e1:7d:4c:
84:b1:78:4f:43:2b:84:b8:89:31:ef:e2:dd:6d:7d:
f5:dc:d0:23:34:8e:7d:52:92:8e:96:72:1d:2c:a1:
0c:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:9C:D9:3A:CA:0D:C7:3A:93:56:79:1B:8A:7E:B2:6C:A6:D6:FE:21
X509v3 Authority Key Identifier:
keyid:78:D6:36:C5:05:D5:6A:F4:2A:41:4C:16:7D:52:40:7D:35:6B:3D:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eNY2xQXVavQqQUwWfVJAfTVrPQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1fa945-50e7-479a-9d92-ddcd4d935030/1/8ZzZOsoNxzqTVnkbin6ybKbW_iE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1fa945-50e7-479a-9d92-ddcd4d935030/1/eNY2xQXVavQqQUwWfVJAfTVrPQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.168.0/22
188.65.144.0/21
IPv6:
2a00:1aa0::/29
Signature Algorithm: sha256WithRSAEncryption
43:cf:2a:da:cb:0a:94:79:85:ba:f0:05:b9:2c:26:c2:90:c8:
ee:d8:3d:ec:ee:03:1f:91:3e:10:79:ca:77:57:c3:39:e8:25:
fa:01:b5:9b:86:0b:74:0a:52:04:83:bc:5d:c4:25:ff:e8:19:
0d:c2:c0:72:a2:d5:50:b2:15:db:ae:e3:76:a5:f1:92:01:c1:
0a:e1:ba:2a:0d:f7:c5:cb:7d:df:98:b3:02:91:b2:77:a3:49:
72:59:b9:2f:37:c9:85:fb:c4:84:0a:ab:ad:17:99:fa:d4:38:
6a:a8:36:98:27:42:2f:17:02:98:c0:6c:bf:70:64:0c:86:4a:
f1:6c:9d:96:84:79:3f:7e:d5:77:9f:89:92:25:17:c5:7b:f8:
16:30:09:30:a3:70:eb:c9:ae:9d:80:e4:97:d5:40:e1:e2:46:
69:2a:98:4f:88:1b:d1:a3:22:cb:47:ff:49:49:67:d5:59:11:
4a:63:4b:12:88:1c:f2:13:3e:e8:94:86:e9:6e:73:91:5e:5c:
be:39:85:b9:4e:e5:12:d1:a9:88:4d:f6:1c:d3:a6:f8:a3:aa:
da:b1:a5:22:cf:a6:e7:6c:86:8a:bf:23:5f:53:d9:bc:28:df:
82:b3:62:25:fa:6b:a0:52:c8:72:d6:1f:12:f3:79:d4:f5:89:
91:91:6f:7d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZHn5UkGH+qzbT6rvW3zPC2BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4ZDYzNmM1MDVkNTZhZjQyYTQxNGMxNjdkNTI0MDdkMzU2
YjNkMGIwHhcNMjQwOTEyMjAyMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTljZDkzYWNhMGRjNzNhOTM1Njc5MWI4YTdlYjI2Y2E2ZDZmZTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+8NAxRoH+NUBB0+TXkjdKvOY1XP
KAqIfsVmYpz2UvIe+DcmeSfduFcP6LGCOTfmav192YRY+fVO9C8fUbQXbJe2pWxz
Lj2yiqvDpPdvPYn9BwOAUSPaRxdZcnBpkJGxJZwn1jxKcufL60yNGDM6CRQR3Lcm
2HdZ9Hea16vNMnXs1KEqp+uFBlPEIN6wXrYkxBjAX5GugNs+/SK5r/e/p5HVpS4p
fVFlAHzTdxU1hRsws0Z2+l56AANDNxn46vyhryZXFFSN7L3q7aL8TYNa3EK2krCK
ik/Lo3WNHtnhfUyEsXhPQyuEuIkx7+LdbX313NAjNI59UpKOlnIdLKEMSwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPGc2TrKDcc6k1Z5G4p+smym1v4hMB8GA1UdIwQY
MBaAFHjWNsUF1Wr0KkFMFn1SQH01az0LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZU5ZMnhRWFZhdlFxUVV3V2ZWSkFmVFZyUFFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xZmE5NDUtNTBlNy00NzlhLTlkOTIt
ZGRjZDRkOTM1MDMwLzEvOFp6Wk9zb054enFUVm5rYmluNnliS2JXX2lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xZmE5NDUtNTBlNy00NzlhLTlkOTItZGRjZDRkOTM1MDMw
LzEvZU5ZMnhRWFZhdlFxUVV3V2ZWSkFmVFZyUFFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW8yoAwQD
vEGQMA0EAgACMAcDBQMqABqgMA0GCSqGSIb3DQEBCwUAA4IBAQBDzyraywqUeYW6
8AW5LCbCkMju2D3s7gMfkT4Qecp3V8M56CX6AbWbhgt0ClIEg7xdxCX/6BkNwsBy
otVQshXbruN2pfGSAcEK4boqDffFy33fmLMCkbJ3o0lyWbkvN8mF+8SECqutF5n6
1DhqqDaYJ0IvFwKYwGy/cGQMhkrxbJ2WhHk/ftV3n4mSJRfFe/gWMAkwo3Drya6d
gOSX1UDh4kZpKphPiBvRoyLLR/9JSWfVWRFKY0sSiBzyEz7olIbpbnORXly+OYW5
TuUS0amITfYc06b4o6rasaUiz6bnbIaKvyNfU9m8KN+Cs2Il+mugUshy1h8S83nU
9YmRkW99
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:30:07 2025 by rpki-client