Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/9b9a6e-1784-4aa6-ba3b-ab8083932c60/1/zZEh5p6ev1M9xVmVa64-Azna88Q.roa
File: zZEh5p6ev1M9xVmVa64-Azna88Q.roa (raw, json)
Hash identifier: 1ZaUb3WqAd9HDsmYTPSno+CI05DCz81D7u0ar/ZILOU=
Subject key identifier: CD:91:21:E6:9E:9E:BF:53:3D:C5:59:95:6B:AE:3E:03:39:DA:F3:C4
Certificate issuer: /CN=4034513d969482401a40976c9d1f0bbfc3df6146
Certificate serial: 1BEC5830
Authority key identifier: 40:34:51:3D:96:94:82:40:1A:40:97:6C:9D:1F:0B:BF:C3:DF:61:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QDRRPZaUgkAaQJdsnR8Lv8PfYUY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/9b9a6e-1784-4aa6-ba3b-ab8083932c60/1/zZEh5p6ev1M9xVmVa64-Azna88Q.roa
Signing time: Sat 01 Jan 2022 15:58:53 +0000
ROA not before: Sat 01 Jan 2022 15:58:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 196724
IP address blocks: 195.182.36.0/24 maxlen: 24
185.86.68.0/22 maxlen: 22
178.23.176.0/21 maxlen: 21
2a00:1cf0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 468473904 (0x1bec5830)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4034513d969482401a40976c9d1f0bbfc3df6146
Validity
Not Before: Jan 1 15:58:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cd9121e69e9ebf533dc559956bae3e0339daf3c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:6b:23:bf:ad:7e:7f:11:31:9a:fd:01:cb:b1:
43:ef:c7:8f:ed:7f:9a:56:05:9d:3d:60:c6:82:7f:
f5:17:54:de:82:92:af:a8:6a:10:40:60:a0:90:a3:
c0:82:d2:66:e9:b9:91:12:06:b9:4a:fa:5c:62:e9:
82:37:3e:91:3c:25:b4:30:62:3a:1f:a3:8b:ac:1a:
08:86:e4:bb:67:76:fb:24:cf:f4:38:9d:90:67:34:
48:5b:75:6f:f1:43:1a:2c:71:b2:d7:2b:85:bf:30:
e7:e7:15:ff:f5:4f:72:d7:c8:d3:c8:75:9a:b7:c3:
1f:49:f8:37:a1:a0:98:07:07:1d:14:0f:0a:04:e9:
29:d4:5b:d9:b1:b0:77:22:68:97:4b:bd:1f:53:49:
50:5d:ee:05:fa:61:ac:38:5c:52:d6:c8:b1:16:c0:
6d:0d:c3:02:80:e9:69:67:42:72:3d:b8:4f:a3:4d:
68:21:a0:6f:da:39:e1:cc:2a:c9:5e:1f:f6:d4:db:
a3:1d:bb:bf:5f:68:ad:b2:ae:00:87:e5:d6:ab:98:
6b:72:92:ae:a2:7e:3e:ec:31:f8:67:fa:30:93:87:
b8:9c:a6:ee:73:6f:35:74:5b:89:dd:e5:5a:a2:37:
de:e6:62:42:60:78:a0:a9:65:3e:75:67:0b:af:d0:
75:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:91:21:E6:9E:9E:BF:53:3D:C5:59:95:6B:AE:3E:03:39:DA:F3:C4
X509v3 Authority Key Identifier:
keyid:40:34:51:3D:96:94:82:40:1A:40:97:6C:9D:1F:0B:BF:C3:DF:61:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QDRRPZaUgkAaQJdsnR8Lv8PfYUY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/9b9a6e-1784-4aa6-ba3b-ab8083932c60/1/zZEh5p6ev1M9xVmVa64-Azna88Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/9b9a6e-1784-4aa6-ba3b-ab8083932c60/1/QDRRPZaUgkAaQJdsnR8Lv8PfYUY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.23.176.0/21
185.86.68.0/22
195.182.36.0/24
IPv6:
2a00:1cf0::/32
Signature Algorithm: sha256WithRSAEncryption
51:cc:20:97:53:45:b0:2f:fa:0e:74:76:43:59:24:c5:c2:f0:
c3:91:8e:f2:5e:9c:94:f4:74:a6:45:93:05:7b:fa:b3:8e:7e:
b9:2b:5a:9c:49:6b:4f:ba:0c:16:a6:08:e8:c3:ec:51:81:cb:
95:6f:46:81:3b:91:5c:f5:5c:89:52:6f:4b:41:51:14:d0:3c:
69:ac:db:4a:9d:43:a2:73:3f:fe:1c:92:61:8d:59:a9:a2:a8:
23:7c:f0:9c:36:f4:14:32:89:2e:21:47:0b:2d:60:d9:ae:a5:
2b:8f:0d:8b:00:eb:6b:30:fd:86:f5:a2:06:f6:f9:d0:ce:0e:
ff:95:2a:e2:57:3e:17:f6:ed:c8:6d:41:40:86:a8:58:66:ee:
88:2a:44:b9:46:e9:8c:5a:0d:2d:9d:11:bd:69:de:a4:eb:9f:
ef:2a:cb:fe:e6:d0:2f:cc:80:38:e3:df:79:ed:6c:f3:91:5b:
c7:1d:14:5d:20:dd:57:0f:bf:91:7f:1e:15:e9:b2:14:a1:bd:
60:88:50:4d:00:2f:61:e6:26:37:44:f1:9f:c0:b3:af:6b:88:
d1:7d:31:93:e9:a8:a8:d9:3d:29:5f:de:13:a6:a2:cf:a3:32:
a5:75:20:ba:04:e3:8a:bc:b9:39:7e:58:35:b7:31:08:46:fa:
cf:7c:16:40
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEG+xYMDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MDM0NTEzZDk2OTQ4MjQwMWE0MDk3NmM5ZDFmMGJiZmMzZGY2MTQ2MB4XDTIyMDEw
MTE1NTg1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2Q5MTIxZTY5ZTll
YmY1MzNkYzU1OTk1NmJhZTNlMDMzOWRhZjNjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKdrI7+tfn8RMZr9AcuxQ+/Hj+1/mlYFnT1gxoJ/9RdU3oKS
r6hqEEBgoJCjwILSZum5kRIGuUr6XGLpgjc+kTwltDBiOh+ji6waCIbku2d2+yTP
9DidkGc0SFt1b/FDGixxstcrhb8w5+cV//VPctfI08h1mrfDH0n4N6GgmAcHHRQP
CgTpKdRb2bGwdyJol0u9H1NJUF3uBfphrDhcUtbIsRbAbQ3DAoDpaWdCcj24T6NN
aCGgb9o54cwqyV4f9tTbox27v19orbKuAIfl1quYa3KSrqJ+Puwx+Gf6MJOHuJym
7nNvNXRbid3lWqI33uZiQmB4oKllPnVnC6/QddcCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBTNkSHmnp6/Uz3FWZVrrj4DOdrzxDAfBgNVHSMEGDAWgBRANFE9lpSCQBpA
l2ydHwu/w99hRjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FEUlJQWmFVZ2tBYVFKZHNuUjhMdjhQZllVWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmQvOWI5YTZlLTE3ODQtNGFhNi1iYTNiLWFiODA4MzkzMmM2MC8x
L3paRWg1cDZldjFNOXhWbVZhNjQtQXpuYTg4US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmQv
OWI5YTZlLTE3ODQtNGFhNi1iYTNiLWFiODA4MzkzMmM2MC8xL1FEUlJQWmFVZ2tB
YVFKZHNuUjhMdjhQZllVWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA7IXsAMEArlWRAMEAMO2JDANBAIA
AjAHAwUAKgAc8DANBgkqhkiG9w0BAQsFAAOCAQEAUcwgl1NFsC/6DnR2Q1kkxcLw
w5GO8l6clPR0pkWTBXv6s45+uStanElrT7oMFqYI6MPsUYHLlW9GgTuRXPVciVJv
S0FRFNA8aazbSp1DonM//hySYY1ZqaKoI3zwnDb0FDKJLiFHCy1g2a6lK48NiwDr
azD9hvWiBvb50M4O/5Uq4lc+F/btyG1BQIaoWGbuiCpEuUbpjFoNLZ0RvWnepOuf
7yrL/ubQL8yAOOPfee1s85Fbxx0UXSDdVw+/kX8eFemyFKG9YIhQTQAvYeYmN0Tx
n8Czr2uI0X0xk+moqNk9KV/eE6aiz6MypXUgugTjiry5OX5YNbcxCEb6z3wWQA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:40 2025 by rpki-client