Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/99be80-152c-4b65-8b32-0718aa8dd9a7/1/zPF4x0oGonmnLqBwjC_eoWGjyhI.roa
File: zPF4x0oGonmnLqBwjC_eoWGjyhI.roa (raw, json)
Hash identifier: HiEGDwqkj3CGZN4XY40Q0+8KdYtbDOsqtHO8lQuY6xI=
Subject key identifier: CC:F1:78:C7:4A:06:A2:79:A7:2E:A0:70:8C:2F:DE:A1:61:A3:CA:12
Certificate issuer: /CN=af934ec694af68134b7514c10dcd13857b459e38
Certificate serial: 01569F47
Authority key identifier: AF:93:4E:C6:94:AF:68:13:4B:75:14:C1:0D:CD:13:85:7B:45:9E:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r5NOxpSvaBNLdRTBDc0ThXtFnjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/99be80-152c-4b65-8b32-0718aa8dd9a7/1/zPF4x0oGonmnLqBwjC_eoWGjyhI.roa
Signing time: Sat 01 Jan 2022 12:55:47 +0000
ROA not before: Sat 01 Jan 2022 12:55:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61193
IP address blocks: 213.232.198.0/24 maxlen: 24
2a10:dc00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22454087 (0x1569f47)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af934ec694af68134b7514c10dcd13857b459e38
Validity
Not Before: Jan 1 12:55:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ccf178c74a06a279a72ea0708c2fdea161a3ca12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:7a:f8:72:3c:49:92:53:b3:23:c7:25:f9:cc:
d9:d4:96:68:b4:e8:05:19:72:d7:74:00:06:b5:c0:
e0:68:4a:27:14:60:2a:b7:b0:88:97:e3:3f:b5:6c:
ce:66:cb:38:2f:e3:59:80:d3:49:a5:15:39:d8:f8:
75:df:b2:c0:e3:7d:23:4c:e6:85:ef:06:61:ed:93:
5c:dd:72:b9:0c:e8:57:be:59:32:18:34:3d:20:51:
aa:33:99:ee:8f:fa:95:37:03:26:63:5f:69:85:4f:
c5:c1:69:c0:c2:f8:5b:17:e3:20:b6:74:78:a3:0b:
c6:b4:15:c0:32:15:e3:4b:38:29:03:ce:1b:e6:e7:
13:ed:86:ff:30:52:34:23:c6:e9:b9:bb:f2:68:00:
aa:09:73:a9:21:7d:f5:3f:36:ef:a0:ec:a2:bc:80:
14:eb:77:73:0a:c9:7d:ea:26:29:bf:8f:62:71:bc:
4e:65:d6:86:f1:b0:79:51:9a:56:79:d5:4c:15:1c:
04:b7:0a:6d:11:ee:c2:74:93:94:c0:e2:75:5b:c6:
2d:05:82:b8:26:4c:6a:e9:42:55:46:75:0f:a5:c1:
70:fe:5f:d3:64:73:21:b5:13:0b:ae:4a:e0:5d:77:
24:88:8f:98:e0:b1:d2:cd:39:44:42:27:b2:4e:c0:
53:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:F1:78:C7:4A:06:A2:79:A7:2E:A0:70:8C:2F:DE:A1:61:A3:CA:12
X509v3 Authority Key Identifier:
keyid:AF:93:4E:C6:94:AF:68:13:4B:75:14:C1:0D:CD:13:85:7B:45:9E:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r5NOxpSvaBNLdRTBDc0ThXtFnjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/99be80-152c-4b65-8b32-0718aa8dd9a7/1/zPF4x0oGonmnLqBwjC_eoWGjyhI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/99be80-152c-4b65-8b32-0718aa8dd9a7/1/r5NOxpSvaBNLdRTBDc0ThXtFnjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.232.198.0/24
IPv6:
2a10:dc00::/29
Signature Algorithm: sha256WithRSAEncryption
36:4b:4d:24:d2:c3:12:72:50:a4:b2:b4:09:dd:ae:75:9d:27:
b1:23:7f:9f:92:81:8e:f2:9d:e7:8e:3f:7f:e5:41:15:ec:7a:
68:aa:29:fc:01:04:36:2b:4b:8a:87:72:fa:33:d3:a5:c0:d1:
f3:e7:58:26:8d:34:09:d0:57:74:a4:be:44:57:6a:67:fb:89:
53:27:f5:01:af:4c:61:f0:8a:52:88:d3:9e:42:3a:f7:3b:af:
a5:56:01:2a:94:38:36:f2:96:29:68:56:b5:46:de:bb:41:21:
4f:0a:e4:e5:36:6a:85:9d:24:a5:8e:4a:f9:c0:a2:cd:8f:e1:
b3:15:93:63:a3:dc:d8:45:30:a1:05:22:24:2a:bc:ad:b1:49:
5f:80:12:21:d7:cb:9f:af:54:e6:fe:18:21:a0:28:23:e0:da:
45:13:c4:5d:47:44:09:9d:41:e2:3b:df:43:5e:f7:49:9d:f2:
a8:fc:c0:b5:de:fa:7b:b9:a4:b3:ef:01:ea:c9:27:43:35:b8:
71:9c:4e:e1:3e:37:5f:e5:f1:79:3e:b5:f3:00:55:ad:9e:d1:
8b:ff:a8:66:df:40:a5:c3:86:f7:1c:c7:a9:85:72:45:19:bc:
bb:f2:82:24:f7:0a:1c:08:41:5d:53:3f:83:64:8b:9a:26:14:
59:62:b4:20
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAVafRzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZjkzNGVjNjk0YWY2ODEzNGI3NTE0YzEwZGNkMTM4NTdiNDU5ZTM4MB4XDTIyMDEw
MTEyNTU0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2NmMTc4Yzc0YTA2
YTI3OWE3MmVhMDcwOGMyZmRlYTE2MWEzY2ExMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMV6+HI8SZJTsyPHJfnM2dSWaLToBRly13QABrXA4GhKJxRg
KrewiJfjP7VszmbLOC/jWYDTSaUVOdj4dd+ywON9I0zmhe8GYe2TXN1yuQzoV75Z
Mhg0PSBRqjOZ7o/6lTcDJmNfaYVPxcFpwML4WxfjILZ0eKMLxrQVwDIV40s4KQPO
G+bnE+2G/zBSNCPG6bm78mgAqglzqSF99T8276DsoryAFOt3cwrJfeomKb+PYnG8
TmXWhvGweVGaVnnVTBUcBLcKbRHuwnSTlMDidVvGLQWCuCZMaulCVUZ1D6XBcP5f
02RzIbUTC65K4F13JIiPmOCx0s05REInsk7AUzMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTM8XjHSgaieacuoHCML96hYaPKEjAfBgNVHSMEGDAWgBSvk07GlK9oE0t1
FMENzROFe0WeODAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3I1Tk94cFN2YUJOTGRSVEJEYzBUaFh0Rm5qZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzcvOTliZTgwLTE1MmMtNGI2NS04YjMyLTA3MThhYThkZDlhNy8x
L3pQRjR4MG9Hb25tbkxxQndqQ19lb1dHanloSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzcv
OTliZTgwLTE1MmMtNGI2NS04YjMyLTA3MThhYThkZDlhNy8xL3I1Tk94cFN2YUJO
TGRSVEJEYzBUaFh0Rm5qZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEANXoxjANBAIAAjAHAwUDKhDcADAN
BgkqhkiG9w0BAQsFAAOCAQEANktNJNLDEnJQpLK0Cd2udZ0nsSN/n5KBjvKd544/
f+VBFex6aKop/AEENitLiody+jPTpcDR8+dYJo00CdBXdKS+RFdqZ/uJUyf1Aa9M
YfCKUojTnkI69zuvpVYBKpQ4NvKWKWhWtUbeu0EhTwrk5TZqhZ0kpY5K+cCizY/h
sxWTY6Pc2EUwoQUiJCq8rbFJX4ASIdfLn69U5v4YIaAoI+DaRRPEXUdECZ1B4jvf
Q173SZ3yqPzAtd76e7mks+8B6sknQzW4cZxO4T43X+XxeT618wBVrZ7Ri/+oZt9A
pcOG9xzHqYVyRRm8u/KCJPcKHAhBXVM/g2SLmiYUWWK0IA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:01:57 2025 by rpki-client