Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/dzdKYFqFa-gCbzqIsb7QW9_fF-A.roa
File: dzdKYFqFa-gCbzqIsb7QW9_fF-A.roa (raw, json)
Hash identifier: fP5KO6O4WWU77uONDOP+TZIC496wt8TruukPtZSwRps=
Subject key identifier: 77:37:4A:60:5A:85:6B:E8:02:6F:3A:88:B1:BE:D0:5B:DF:DF:17:E0
Certificate issuer: /CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Certificate serial: 0194DFA6EE7D8BB0D0E5ED6FF1BA5C475F75
Authority key identifier: 97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/dzdKYFqFa-gCbzqIsb7QW9_fF-A.roa
Signing time: Fri 07 Feb 2025 09:04:06 +0000
ROA not before: Fri 07 Feb 2025 09:04:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13347
IP address blocks: 82.206.96.0/20 maxlen: 24
82.206.112.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:df:a6:ee:7d:8b:b0:d0:e5:ed:6f:f1:ba:5c:47:5f:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Validity
Not Before: Feb 7 09:04:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=77374a605a856be8026f3a88b1bed05bdfdf17e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d5:52:c6:2d:80:e9:71:b0:a7:56:a5:0b:76:
13:15:f2:fb:41:23:7f:be:25:be:4c:ab:75:b7:dd:
8c:eb:54:a1:ad:a7:f5:8d:60:bc:e9:06:b9:6c:5f:
20:1e:95:a8:d3:05:aa:82:2c:2b:4e:5a:3c:00:3c:
b3:6b:cc:4c:e9:d7:1f:b9:ab:c8:03:26:44:f5:48:
e4:b4:ce:cc:19:f1:98:19:54:42:2c:91:03:01:d7:
27:9e:69:3d:56:aa:76:6a:6e:61:68:27:b1:50:b2:
11:44:fb:dc:73:ee:55:1a:ef:57:75:01:97:e3:68:
57:ae:ef:8d:f1:54:27:46:d0:2d:7f:5d:51:43:f4:
c2:d9:97:3f:73:97:62:8a:08:d1:6f:95:9b:71:50:
57:3e:ec:87:91:95:79:60:c4:92:56:d5:6a:fc:fe:
0f:8d:9c:08:4b:04:e7:fe:72:9c:8f:40:1c:65:f7:
43:73:91:c0:98:c4:92:3f:38:09:e1:bb:4b:2f:eb:
f8:9b:d8:d8:0c:91:c6:9d:95:59:5e:00:ca:f6:b1:
39:b9:ac:12:28:bf:f9:aa:0b:3a:42:4f:bc:d9:be:
34:ef:fc:e2:59:cb:cf:3d:35:2a:42:d2:52:84:c8:
99:41:a9:e6:1b:90:41:e6:13:88:62:a1:c4:8b:25:
c6:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:37:4A:60:5A:85:6B:E8:02:6F:3A:88:B1:BE:D0:5B:DF:DF:17:E0
X509v3 Authority Key Identifier:
keyid:97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/dzdKYFqFa-gCbzqIsb7QW9_fF-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.206.96.0/19
Signature Algorithm: sha256WithRSAEncryption
82:20:c9:9b:80:3e:39:e5:6d:0c:f0:58:ef:67:d9:41:b5:97:
82:5b:d9:84:82:b2:e7:3b:cf:86:f0:80:b8:0b:88:0f:79:b6:
ff:7c:94:cd:7f:d4:b5:56:fb:b8:28:92:38:94:d0:7f:f6:d6:
df:13:f7:0c:42:69:ae:7b:6c:0c:74:f8:bc:cc:82:2e:e4:93:
0a:5c:87:93:20:40:81:ab:66:45:86:6c:b1:79:2d:9a:c5:19:
ff:34:e5:de:86:b0:f8:ab:23:d0:5d:68:7a:b1:2d:28:ce:05:
1b:c5:b4:e1:62:ee:e1:ce:1d:49:bf:d6:22:ca:7c:ae:a2:69:
27:df:9b:25:24:ac:ec:32:65:2d:86:6a:fe:9f:78:65:5e:0f:
ca:01:6e:51:22:aa:ae:59:9a:fb:c9:e6:d0:c4:cd:5f:6d:d2:
4a:b1:de:06:e3:10:60:9c:1b:36:17:57:7c:e5:02:41:54:06:
1c:31:c1:ec:94:86:c4:be:d3:5a:0e:51:9d:4d:a3:75:55:c0:
70:46:5a:7c:87:1e:85:3e:a7:d5:f0:ad:43:92:51:bd:07:71:
34:92:9c:a2:de:0f:0e:63:a0:85:bb:fa:16:16:15:20:e0:cf:
1a:bf:4c:3d:53:5f:de:8e:1f:02:8d:98:de:e6:8e:85:c0:a0:
89:cf:50:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTfpu59i7DQ5e1v8bpcR191MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OTkxNDBiNDJkYjZjYjZiZjhjNmRkNDEzNzQ3ZmNmNGE2
ZmQ5YjUwHhcNMjUwMjA3MDkwNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzM3NGE2MDVhODU2YmU4MDI2ZjNhODhiMWJlZDA1YmRmZGYxN2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNVSxi2A6XGwp1alC3YTFfL7QSN/
viW+TKt1t92M61Shraf1jWC86Qa5bF8gHpWo0wWqgiwrTlo8ADyza8xM6dcfuavI
AyZE9UjktM7MGfGYGVRCLJEDAdcnnmk9Vqp2am5haCexULIRRPvcc+5VGu9XdQGX
42hXru+N8VQnRtAtf11RQ/TC2Zc/c5diigjRb5WbcVBXPuyHkZV5YMSSVtVq/P4P
jZwISwTn/nKcj0AcZfdDc5HAmMSSPzgJ4btLL+v4m9jYDJHGnZVZXgDK9rE5uawS
KL/5qgs6Qk+82b407/ziWcvPPTUqQtJShMiZQanmG5BB5hOIYqHEiyXGhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHc3SmBahWvoAm86iLG+0Fvf3xfgMB8GA1UdIwQY
MBaAFJeZFAtC22y2v4xt1BN0f89Kb9m1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2Qt
NTk1OTE5YmUwZjUyLzEvZHpkS1lGcUZhLWdDYnpxSXNiN1FXOV9mRi1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2QtNTk1OTE5YmUwZjUy
LzEvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFUs5gMA0G
CSqGSIb3DQEBCwUAA4IBAQCCIMmbgD455W0M8FjvZ9lBtZeCW9mEgrLnO8+G8IC4
C4gPebb/fJTNf9S1Vvu4KJI4lNB/9tbfE/cMQmmue2wMdPi8zIIu5JMKXIeTIECB
q2ZFhmyxeS2axRn/NOXehrD4qyPQXWh6sS0ozgUbxbThYu7hzh1Jv9Yiynyuomkn
35slJKzsMmUthmr+n3hlXg/KAW5RIqquWZr7yebQxM1fbdJKsd4G4xBgnBs2F1d8
5QJBVAYcMcHslIbEvtNaDlGdTaN1VcBwRlp8hx6FPqfV8K1DklG9B3E0kpyi3g8O
Y6CFu/oWFhUg4M8av0w9U1/ejh8CjZje5o6FwKCJz1AE
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:46:07 2025 by rpki-client