Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/zIkYDjAgxxXfmGqeiHySE-4CfpQ.roa
File: zIkYDjAgxxXfmGqeiHySE-4CfpQ.roa (raw, json)
Hash identifier: JMrdKEGyF+gN/Oh+Ei1H7mtURz4VHpnCwcUkEF20kN0=
Subject key identifier: CC:89:18:0E:30:20:C7:15:DF:98:6A:9E:88:7C:92:13:EE:02:7E:94
Certificate issuer: /CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Certificate serial: 0194E04725738E60939FC36EFA8677CC49E1
Authority key identifier: 97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/zIkYDjAgxxXfmGqeiHySE-4CfpQ.roa
Signing time: Fri 07 Feb 2025 11:59:06 +0000
ROA not before: Fri 07 Feb 2025 11:59:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 82.206.2.0/23 maxlen: 23
82.206.4.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:e0:47:25:73:8e:60:93:9f:c3:6e:fa:86:77:cc:49:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Validity
Not Before: Feb 7 11:59:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc89180e3020c715df986a9e887c9213ee027e94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:53:4d:9a:2a:4f:00:59:68:57:4c:45:84:79:
2f:d4:04:e6:70:90:33:4e:14:ff:24:12:82:20:3e:
ea:0a:ce:c4:ec:fd:13:d6:9b:8e:f1:4f:cd:05:a0:
11:81:be:e7:8b:4f:ed:a0:99:90:9f:c2:59:fd:aa:
b2:8f:29:04:ca:e1:0a:bd:f2:49:7c:30:9b:8b:4d:
79:a8:ab:5c:d3:e9:a1:dd:12:16:68:d1:21:86:5c:
13:b8:d7:01:eb:ba:b1:73:84:1f:f6:4b:e1:fc:fb:
6b:1f:9f:99:39:f0:49:94:37:47:2d:7b:20:b7:3e:
38:db:69:e4:63:ff:9b:06:bc:48:1c:e7:41:68:5c:
8a:24:aa:7e:fb:b1:5e:d7:a6:2f:58:a6:b0:7f:7d:
82:7d:3e:47:96:b4:bc:09:7e:7a:bd:dd:2c:fb:6c:
cb:ac:a9:96:89:ce:4f:09:88:80:4f:18:bc:79:c5:
f1:b4:f1:45:a9:89:b4:ed:62:af:7b:3b:ca:7e:c9:
98:31:1f:04:c0:13:f7:28:ef:cb:ac:15:d5:2a:d9:
8f:31:88:6c:31:0e:73:30:3f:df:10:72:3a:68:ca:
12:e3:f3:56:a5:0d:eb:16:28:be:61:76:e1:8b:e2:
5a:1a:44:c9:86:68:bc:3c:ff:ce:b1:94:ec:8a:cd:
dd:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:89:18:0E:30:20:C7:15:DF:98:6A:9E:88:7C:92:13:EE:02:7E:94
X509v3 Authority Key Identifier:
keyid:97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/zIkYDjAgxxXfmGqeiHySE-4CfpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.206.2.0-82.206.7.255
Signature Algorithm: sha256WithRSAEncryption
07:93:14:19:4d:28:6f:26:02:e7:b7:82:57:a8:70:5b:04:67:
fb:92:b9:54:b2:b8:59:68:1d:dd:05:db:5b:1d:6d:49:6f:7c:
c4:d4:b0:00:13:ec:a0:96:90:6c:d2:bf:9a:93:66:7a:46:86:
3f:1e:68:10:43:d9:25:22:b7:8b:f4:6e:0f:36:3b:2c:ce:37:
ef:eb:01:6c:81:b6:c5:39:cc:ef:3f:ab:10:d1:51:c1:d8:bf:
a0:1c:72:cf:1e:7d:16:66:39:4f:ac:6c:7f:41:12:a7:c5:43:
f9:78:95:cb:a7:e4:f9:7e:77:c3:4f:5a:bf:bf:7a:78:e4:09:
c9:09:2c:7b:ab:65:6f:af:1f:ef:91:d4:f2:4c:63:7d:d8:e1:
50:d0:f1:9b:5a:41:fa:7c:7e:11:ee:22:cb:e6:20:4c:76:98:
84:f5:ca:fe:73:be:6f:db:d9:c4:64:df:c4:71:90:01:28:d9:
d1:78:f4:2d:36:d7:8f:95:f9:46:a5:6d:1b:f2:af:cf:21:f9:
7b:d2:44:b1:a4:53:92:41:56:86:e2:48:6a:b3:3d:93:62:35:
cd:3a:43:26:67:b2:14:34:6e:a6:30:88:7a:4b:23:f9:e1:fb:
6c:89:15:bc:94:38:33:5f:55:e3:b7:c4:9e:c3:b9:d4:19:4d:
b0:fd:29:d9
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZTgRyVzjmCTn8Nu+oZ3zEnhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OTkxNDBiNDJkYjZjYjZiZjhjNmRkNDEzNzQ3ZmNmNGE2
ZmQ5YjUwHhcNMjUwMjA3MTE1OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzg5MTgwZTMwMjBjNzE1ZGY5ODZhOWU4ODdjOTIxM2VlMDI3ZTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1NNmipPAFloV0xFhHkv1ATmcJAz
ThT/JBKCID7qCs7E7P0T1puO8U/NBaARgb7ni0/toJmQn8JZ/aqyjykEyuEKvfJJ
fDCbi015qKtc0+mh3RIWaNEhhlwTuNcB67qxc4Qf9kvh/PtrH5+ZOfBJlDdHLXsg
tz4422nkY/+bBrxIHOdBaFyKJKp++7Fe16YvWKawf32CfT5HlrS8CX56vd0s+2zL
rKmWic5PCYiATxi8ecXxtPFFqYm07WKvezvKfsmYMR8EwBP3KO/LrBXVKtmPMYhs
MQ5zMD/fEHI6aMoS4/NWpQ3rFii+YXbhi+JaGkTJhmi8PP/OsZTsis3dnwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMyJGA4wIMcV35hqnoh8khPuAn6UMB8GA1UdIwQY
MBaAFJeZFAtC22y2v4xt1BN0f89Kb9m1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2Qt
NTk1OTE5YmUwZjUyLzEveklrWURqQWd4eFhmbUdxZWlIeVNFLTRDZnBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2QtNTk1OTE5YmUwZjUy
LzEvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAFSzgID
BANSzgAwDQYJKoZIhvcNAQELBQADggEBAAeTFBlNKG8mAue3gleocFsEZ/uSuVSy
uFloHd0F21sdbUlvfMTUsAAT7KCWkGzSv5qTZnpGhj8eaBBD2SUit4v0bg82OyzO
N+/rAWyBtsU5zO8/qxDRUcHYv6Accs8efRZmOU+sbH9BEqfFQ/l4lcun5Pl+d8NP
Wr+/enjkCckJLHurZW+vH++R1PJMY33Y4VDQ8ZtaQfp8fhHuIsvmIEx2mIT1yv5z
vm/b2cRk38RxkAEo2dF49C0214+V+UalbRvyr88h+XvSRLGkU5JBVobiSGqzPZNi
Nc06QyZnshQ0bqYwiHpLI/nh+2yJFbyUODNfVeO3xJ7DudQZTbD9Kdk=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:14 2025 by rpki-client