Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7cba62-77d0-4118-a4c5-a1076d127ec6/1/1zNycYjY6Gzs9x7s_4EXRLwLV8s.roa
File: 1zNycYjY6Gzs9x7s_4EXRLwLV8s.roa (raw, json)
Hash identifier: yWnaP0AYIfeVcWkVCLIB8261+KsbXfSVg9r849MWe2k=
Subject key identifier: D7:33:72:71:88:D8:E8:6C:EC:F7:1E:EC:FF:81:17:44:BC:0B:57:CB
Certificate issuer: /CN=d2c17db099bd419eba552a37704deeed3b2e303b
Certificate serial: 0193868E41712C70B5A3870EEB596C89FCE4
Authority key identifier: D2:C1:7D:B0:99:BD:41:9E:BA:55:2A:37:70:4D:EE:ED:3B:2E:30:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0sF9sJm9QZ66VSo3cE3u7TsuMDs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/7cba62-77d0-4118-a4c5-a1076d127ec6/1/1zNycYjY6Gzs9x7s_4EXRLwLV8s.roa
Signing time: Mon 02 Dec 2024 08:48:10 +0000
ROA not before: Mon 02 Dec 2024 08:48:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202719
IP address blocks: 185.156.120.0/22 maxlen: 22
2a03:61a0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:86:8e:41:71:2c:70:b5:a3:87:0e:eb:59:6c:89:fc:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2c17db099bd419eba552a37704deeed3b2e303b
Validity
Not Before: Dec 2 08:48:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d733727188d8e86cecf71eecff811744bc0b57cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:82:ff:cd:0d:3f:a4:e3:d9:5b:ae:80:1e:09:
14:55:8a:11:5b:47:13:9f:bc:de:0e:96:ca:92:01:
73:5f:25:37:35:7b:e7:24:69:c9:00:9f:62:bc:8a:
b4:46:94:9e:0c:62:63:bf:93:03:75:88:1e:e2:b4:
fd:61:68:30:f6:37:7e:2a:8c:b5:6d:bf:b0:c4:7f:
6c:0a:9b:11:18:46:f4:0f:eb:62:7c:94:c3:c7:5d:
c4:d8:c2:95:8a:5e:59:37:41:eb:d6:2f:e2:df:36:
ea:53:1b:22:61:5e:98:a8:63:18:c0:79:4d:31:ff:
9b:af:97:bb:13:45:34:81:49:2e:b4:dc:a5:6a:fa:
c9:24:40:bc:41:3d:d7:bf:61:e6:7c:14:d7:0b:60:
80:a4:31:59:3c:90:a9:44:15:84:87:bd:81:ff:95:
8a:02:b7:30:3e:de:b3:26:f5:9c:f5:2a:d3:e3:d9:
70:5c:5a:a1:61:d6:0d:fe:2a:02:54:e6:c6:01:f2:
58:c6:7d:22:ab:19:5c:84:ad:f3:db:e8:6e:ea:d0:
32:9a:ad:8a:c7:e5:7a:36:47:06:1f:0a:72:0d:0e:
08:6f:75:6e:9b:b4:40:be:5a:c7:14:ce:10:f5:23:
23:ce:07:69:cc:ca:f5:d9:90:68:f9:7d:20:6f:ad:
e4:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:33:72:71:88:D8:E8:6C:EC:F7:1E:EC:FF:81:17:44:BC:0B:57:CB
X509v3 Authority Key Identifier:
keyid:D2:C1:7D:B0:99:BD:41:9E:BA:55:2A:37:70:4D:EE:ED:3B:2E:30:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0sF9sJm9QZ66VSo3cE3u7TsuMDs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7cba62-77d0-4118-a4c5-a1076d127ec6/1/1zNycYjY6Gzs9x7s_4EXRLwLV8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7cba62-77d0-4118-a4c5-a1076d127ec6/1/0sF9sJm9QZ66VSo3cE3u7TsuMDs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.120.0/22
IPv6:
2a03:61a0::/32
Signature Algorithm: sha256WithRSAEncryption
08:d0:0a:e2:f5:4e:ab:cd:b3:57:9d:51:75:62:fa:74:6d:05:
ac:ba:7d:f3:1f:dc:a2:53:6b:d3:47:7a:c9:ba:cf:a8:e8:18:
33:39:2c:84:0e:61:a5:f7:4a:6c:01:11:77:a5:30:b6:be:24:
cd:39:db:67:43:8c:f3:54:be:4d:e8:c7:14:e1:24:ee:0a:4e:
4d:fe:07:91:cf:36:dd:ec:c6:0c:aa:ec:83:63:fb:c7:b3:27:
98:92:6f:4f:c6:38:64:07:93:1c:c5:cc:60:36:36:e8:6e:d1:
e4:13:20:08:6c:3d:6e:4e:f2:1e:13:1d:48:ab:13:6c:6d:d5:
55:d7:f4:16:04:46:ab:50:4b:8c:fc:db:c1:d4:0d:8c:e5:90:
71:15:40:e5:83:88:58:17:aa:b5:c8:8f:33:0e:26:cd:24:e3:
91:9f:75:d5:55:90:98:fa:d2:0a:9a:5e:a8:ff:cf:bb:a6:3d:
24:a1:a8:e2:e2:c5:45:d2:30:f6:e1:73:4f:cd:a0:37:18:fe:
a7:c1:e6:ba:58:52:c3:37:dd:d5:d5:1f:ee:55:5b:bf:83:59:
01:29:c5:ad:64:18:39:4f:8e:d0:7a:bb:28:53:33:4e:80:54:
b3:f9:6b:25:76:b9:40:74:4a:f1:70:be:d1:8e:99:11:ef:89:
ac:a0:88:ab
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZOGjkFxLHC1o4cO61lsifzkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYzE3ZGIwOTliZDQxOWViYTU1MmEzNzcwNGRlZWVkM2Iy
ZTMwM2IwHhcNMjQxMjAyMDg0ODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzMzNzI3MTg4ZDhlODZjZWNmNzFlZWNmZjgxMTc0NGJjMGI1N2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYL/zQ0/pOPZW66AHgkUVYoRW0cT
n7zeDpbKkgFzXyU3NXvnJGnJAJ9ivIq0RpSeDGJjv5MDdYge4rT9YWgw9jd+Koy1
bb+wxH9sCpsRGEb0D+tifJTDx13E2MKVil5ZN0Hr1i/i3zbqUxsiYV6YqGMYwHlN
Mf+br5e7E0U0gUkutNylavrJJEC8QT3Xv2HmfBTXC2CApDFZPJCpRBWEh72B/5WK
ArcwPt6zJvWc9SrT49lwXFqhYdYN/ioCVObGAfJYxn0iqxlchK3z2+hu6tAymq2K
x+V6NkcGHwpyDQ4Ib3Vum7RAvlrHFM4Q9SMjzgdpzMr12ZBo+X0gb63kSwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNczcnGI2Ohs7Pce7P+BF0S8C1fLMB8GA1UdIwQY
MBaAFNLBfbCZvUGeulUqN3BN7u07LjA7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHNGOXNKbTlRWjY2VlNvM2NFM3U3VHN1TURzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83Y2JhNjItNzdkMC00MTE4LWE0YzUt
YTEwNzZkMTI3ZWM2LzEvMXpOeWNZalk2R3pzOXg3c180RVhSTHdMVjhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83Y2JhNjItNzdkMC00MTE4LWE0YzUtYTEwNzZkMTI3ZWM2
LzEvMHNGOXNKbTlRWjY2VlNvM2NFM3U3VHN1TURzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZx4MA0E
AgACMAcDBQAqA2GgMA0GCSqGSIb3DQEBCwUAA4IBAQAI0Ari9U6rzbNXnVF1Yvp0
bQWsun3zH9yiU2vTR3rJus+o6BgzOSyEDmGl90psARF3pTC2viTNOdtnQ4zzVL5N
6McU4STuCk5N/geRzzbd7MYMquyDY/vHsyeYkm9PxjhkB5McxcxgNjbobtHkEyAI
bD1uTvIeEx1IqxNsbdVV1/QWBEarUEuM/NvB1A2M5ZBxFUDlg4hYF6q1yI8zDibN
JOORn3XVVZCY+tIKml6o/8+7pj0koaji4sVF0jD24XNPzaA3GP6nwea6WFLDN93V
1R/uVVu/g1kBKcWtZBg5T47QersoUzNOgFSz+WsldrlAdErxcL7RjpkR74msoIir
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:32:14 2025 by rpki-client