Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/b27203-9d48-49a5-af25-49d40a13cbc2/1/zSfZVih6hBceUixRgoQRbTOqrPs.roa
File: zSfZVih6hBceUixRgoQRbTOqrPs.roa (raw, json)
Hash identifier: azI0MEflNFx/avYXf2xzg+zXEruqyuhKpmbLg+R7a0o=
Subject key identifier: CD:27:D9:56:28:7A:84:17:1E:52:2C:51:82:84:11:6D:33:AA:AC:FB
Certificate issuer: /CN=c25cb7132c19f7d51f002ed4ad811aecf5b20f57
Certificate serial: 01942444AA773F6BE89700D7F0302D6BF5CE
Authority key identifier: C2:5C:B7:13:2C:19:F7:D5:1F:00:2E:D4:AD:81:1A:EC:F5:B2:0F:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wly3EywZ99UfAC7UrYEa7PWyD1c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/b27203-9d48-49a5-af25-49d40a13cbc2/1/zSfZVih6hBceUixRgoQRbTOqrPs.roa
Signing time: Wed 01 Jan 2025 23:47:47 +0000
ROA not before: Wed 01 Jan 2025 23:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49699
IP address blocks: 193.68.112.0/24 maxlen: 24
193.68.113.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:aa:77:3f:6b:e8:97:00:d7:f0:30:2d:6b:f5:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c25cb7132c19f7d51f002ed4ad811aecf5b20f57
Validity
Not Before: Jan 1 23:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd27d956287a84171e522c518284116d33aaacfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:5d:48:e2:8d:5c:2a:2e:fc:2e:33:9b:f3:0e:
92:e8:0f:55:f2:76:c6:94:e3:1b:30:3f:7d:07:99:
ba:f8:02:7b:c1:7d:06:fd:7f:2d:ea:13:67:7c:a5:
75:c7:87:c3:8f:72:38:65:2e:7e:56:08:5a:53:2a:
75:f0:18:a0:63:d2:2a:f4:e7:27:96:94:69:02:20:
e6:75:e1:44:f5:60:bb:7b:18:43:1d:a4:22:b0:83:
d6:1b:12:96:da:de:57:2f:d5:14:1a:46:92:c9:bd:
c3:b4:f7:ed:eb:86:dc:cb:b6:96:6b:90:22:a1:b2:
d9:a7:17:9e:a1:c1:77:02:43:fa:8e:38:ee:45:ea:
c4:1d:e6:28:47:36:7e:92:fd:ab:dc:dd:74:09:63:
3f:fc:6d:b3:97:a0:a3:66:90:33:5a:3e:82:0d:c5:
48:b9:6b:1f:d5:67:7c:06:d7:ca:1d:15:0a:7d:27:
34:6c:ea:40:6b:13:77:be:0e:96:5e:b8:6e:85:fe:
d0:95:68:aa:f6:ce:53:41:98:81:af:77:7d:f2:96:
6f:8b:f1:1c:cf:0f:4b:f9:83:ff:f7:25:89:e8:74:
99:58:da:bd:c1:93:6b:4a:c3:ad:74:9e:24:08:29:
5e:0e:75:af:10:2c:a6:a4:e1:68:f1:dc:7c:b2:97:
8c:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:27:D9:56:28:7A:84:17:1E:52:2C:51:82:84:11:6D:33:AA:AC:FB
X509v3 Authority Key Identifier:
keyid:C2:5C:B7:13:2C:19:F7:D5:1F:00:2E:D4:AD:81:1A:EC:F5:B2:0F:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wly3EywZ99UfAC7UrYEa7PWyD1c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/b27203-9d48-49a5-af25-49d40a13cbc2/1/zSfZVih6hBceUixRgoQRbTOqrPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/b27203-9d48-49a5-af25-49d40a13cbc2/1/wly3EywZ99UfAC7UrYEa7PWyD1c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.68.112.0/23
Signature Algorithm: sha256WithRSAEncryption
b7:35:62:c5:1b:2a:dc:9f:ec:bd:79:6e:e6:0b:d1:a0:93:21:
c9:65:bb:ab:59:c9:15:1a:22:73:fc:b4:32:bb:9f:60:56:b7:
3f:68:45:40:ef:7b:0d:59:27:d3:23:fa:27:59:7b:29:9b:5c:
03:c5:58:66:58:d2:07:08:0d:52:27:cb:61:e8:5f:9d:2e:71:
55:26:a2:72:e5:47:9b:0d:db:e0:34:00:76:27:c9:1d:16:e7:
75:48:0b:37:62:da:41:0e:76:18:77:bc:80:0e:01:b3:02:ad:
28:85:bc:76:52:3e:21:d2:0e:f6:df:b4:65:80:b6:33:40:86:
96:22:e6:f2:d7:ca:c2:6f:4c:b0:3a:8c:ce:ae:8c:ca:74:29:
60:5f:a1:27:f4:23:cd:36:5a:72:fa:31:54:58:2b:08:b0:23:
c9:ef:72:9e:3d:65:37:9e:9a:b0:06:78:d6:84:9d:23:ba:b9:
31:1a:4e:67:30:96:0e:a2:cb:78:46:09:d4:5a:2f:f9:fd:6e:
fe:f8:62:a1:50:37:03:7d:bf:48:32:c9:ca:fa:1c:28:97:06:
4d:c6:76:60:14:9e:40:b2:1f:c9:d3:5d:af:fa:c7:cc:86:c0:
18:04:56:27:a7:74:e0:2c:f5:6a:70:e2:68:e8:4f:2d:ed:b3:
4f:3b:68:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRKp3P2volwDX8DAta/XOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNWNiNzEzMmMxOWY3ZDUxZjAwMmVkNGFkODExYWVjZjVi
MjBmNTcwHhcNMjUwMTAxMjM0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDI3ZDk1NjI4N2E4NDE3MWU1MjJjNTE4Mjg0MTE2ZDMzYWFhY2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnV1I4o1cKi78LjOb8w6S6A9V8nbG
lOMbMD99B5m6+AJ7wX0G/X8t6hNnfKV1x4fDj3I4ZS5+VghaUyp18BigY9Iq9Ocn
lpRpAiDmdeFE9WC7exhDHaQisIPWGxKW2t5XL9UUGkaSyb3DtPft64bcy7aWa5Ai
obLZpxeeocF3AkP6jjjuRerEHeYoRzZ+kv2r3N10CWM//G2zl6CjZpAzWj6CDcVI
uWsf1Wd8BtfKHRUKfSc0bOpAaxN3vg6WXrhuhf7QlWiq9s5TQZiBr3d98pZvi/Ec
zw9L+YP/9yWJ6HSZWNq9wZNrSsOtdJ4kCCleDnWvECympOFo8dx8speMQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM0n2VYoeoQXHlIsUYKEEW0zqqz7MB8GA1UdIwQY
MBaAFMJctxMsGffVHwAu1K2BGuz1sg9XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2x5M0V5d1o5OVVmQUM3VXJZRWE3UFd5RDFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9iMjcyMDMtOWQ0OC00OWE1LWFmMjUt
NDlkNDBhMTNjYmMyLzEvelNmWlZpaDZoQmNlVWl4UmdvUVJiVE9xclBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9iMjcyMDMtOWQ0OC00OWE1LWFmMjUtNDlkNDBhMTNjYmMy
LzEvd2x5M0V5d1o5OVVmQUM3VXJZRWE3UFd5RDFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwURwMA0G
CSqGSIb3DQEBCwUAA4IBAQC3NWLFGyrcn+y9eW7mC9GgkyHJZburWckVGiJz/LQy
u59gVrc/aEVA73sNWSfTI/onWXspm1wDxVhmWNIHCA1SJ8th6F+dLnFVJqJy5Ueb
DdvgNAB2J8kdFud1SAs3YtpBDnYYd7yADgGzAq0ohbx2Uj4h0g7237RlgLYzQIaW
Iuby18rCb0ywOozOrozKdClgX6En9CPNNlpy+jFUWCsIsCPJ73KePWU3npqwBnjW
hJ0jurkxGk5nMJYOost4RgnUWi/5/W7++GKhUDcDfb9IMsnK+hwolwZNxnZgFJ5A
sh/J012v+sfMhsAYBFYnp3TgLPVqcOJo6E8t7bNPO2io
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:21:32 2025 by rpki-client