Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/zTw4UgDwTum-l_h9WbH_dREg6CQ.roa
File: zTw4UgDwTum-l_h9WbH_dREg6CQ.roa (raw, json)
Hash identifier: b7idLBgnKlFBdz/jKpa7Hm7iiMdE241Sp7LHy9Qhpzk=
Subject key identifier: CD:3C:38:52:00:F0:4E:E9:BE:97:F8:7D:59:B1:FF:75:11:20:E8:24
Certificate issuer: /CN=f98a02d20c6b7de357125f38b1735ca1b91f87b3
Certificate serial: 01941FFA5A2154AC6EFE51A44894E0F45882
Authority key identifier: F9:8A:02:D2:0C:6B:7D:E3:57:12:5F:38:B1:73:5C:A1:B9:1F:87:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/zTw4UgDwTum-l_h9WbH_dREg6CQ.roa
Signing time: Wed 01 Jan 2025 03:48:08 +0000
ROA not before: Wed 01 Jan 2025 03:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212330
IP address blocks: 185.21.139.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:5a:21:54:ac:6e:fe:51:a4:48:94:e0:f4:58:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f98a02d20c6b7de357125f38b1735ca1b91f87b3
Validity
Not Before: Jan 1 03:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd3c385200f04ee9be97f87d59b1ff751120e824
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e8:73:cd:38:49:63:81:6b:17:b2:d8:ff:75:
2a:74:56:46:0b:5f:89:c0:a8:81:86:04:00:59:96:
3c:21:ba:27:34:2c:e0:e3:92:58:79:2d:7a:6b:a1:
c7:6e:38:b9:48:fa:e8:01:2d:66:26:01:d9:d9:79:
22:bb:a1:f5:e1:54:23:ac:2e:12:b7:03:8d:c0:61:
69:a8:de:9a:16:37:62:a5:d9:0e:f3:85:b5:99:e2:
10:21:7d:de:10:c1:19:e5:12:14:a2:54:98:d5:7a:
b8:4e:00:0a:71:4e:cf:3d:0f:f9:6a:17:31:4a:a9:
39:51:76:1f:db:a8:ae:aa:c1:3c:8a:74:3a:9a:35:
23:cc:e1:f0:51:2f:fb:94:2b:f4:f6:e5:68:7a:6a:
45:fe:3c:02:fd:14:ed:bb:5b:39:14:a5:fa:1e:35:
71:1d:0f:d5:c7:f3:3e:1c:09:31:92:04:96:cf:f6:
d1:bc:84:d5:c4:db:3a:75:a9:d1:fe:ab:31:38:94:
04:be:2d:f1:1d:e1:2f:5e:d5:4c:d8:e4:79:14:d0:
30:a1:cd:05:c1:50:89:ff:fa:73:f4:94:d6:dc:eb:
8b:14:24:01:47:98:85:81:05:70:0b:2d:07:1e:80:
d6:dc:84:fd:6d:e3:83:1e:2d:44:12:16:01:97:14:
85:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:3C:38:52:00:F0:4E:E9:BE:97:F8:7D:59:B1:FF:75:11:20:E8:24
X509v3 Authority Key Identifier:
keyid:F9:8A:02:D2:0C:6B:7D:E3:57:12:5F:38:B1:73:5C:A1:B9:1F:87:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/zTw4UgDwTum-l_h9WbH_dREg6CQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/1-YoC0gxrfeNXEl84sXNcobkfh7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.139.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:90:e8:92:7b:3e:75:c9:8f:40:e4:42:8c:16:af:c8:51:f7:
7f:64:fa:c4:45:0a:4c:19:7c:1c:1b:11:fc:9e:21:c8:d7:2d:
cf:e0:2a:dd:ab:3c:eb:b5:1a:aa:45:8e:c4:cf:41:8d:dd:ca:
ce:19:42:c9:66:e1:ce:bf:65:e6:cb:71:0c:b8:ae:3d:e2:8d:
32:20:bc:1b:98:ef:73:2c:0b:79:d6:19:df:02:1c:0f:ef:23:
7a:53:63:0d:dc:77:17:ce:74:2d:e8:e0:a9:6b:6b:5f:83:2e:
45:20:06:d9:74:b9:98:e0:8d:c7:07:a9:88:19:5c:1e:36:e1:
0b:00:fb:4c:db:6f:66:c1:88:ae:50:a9:5d:e9:b2:ca:3f:23:
e4:d7:c0:f9:6c:04:01:bb:ec:8e:76:25:0c:af:54:18:8f:36:
22:77:a2:bf:bc:bf:8d:fe:f7:3d:a1:7d:36:29:77:80:97:22:
c2:79:82:1e:9f:74:04:92:22:62:db:37:35:7b:32:5e:c8:30:
b1:12:55:75:44:6b:54:e1:00:31:ad:1a:29:7e:ee:a4:8a:c5:
d5:b4:ac:12:4a:ba:2f:4e:71:ef:4a:2c:08:ad:50:af:29:2a:
88:8f:c6:2b:d9:fb:ef:81:ee:f1:c8:36:1e:7c:68:63:10:48:
92:32:7b:ca
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQf+lohVKxu/lGkSJTg9FiCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5OGEwMmQyMGM2YjdkZTM1NzEyNWYzOGIxNzM1Y2ExYjkx
Zjg3YjMwHhcNMjUwMTAxMDM0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDNjMzg1MjAwZjA0ZWU5YmU5N2Y4N2Q1OWIxZmY3NTExMjBlODI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxuhzzThJY4FrF7LY/3UqdFZGC1+J
wKiBhgQAWZY8IbonNCzg45JYeS16a6HHbji5SProAS1mJgHZ2Xkiu6H14VQjrC4S
twONwGFpqN6aFjdipdkO84W1meIQIX3eEMEZ5RIUolSY1Xq4TgAKcU7PPQ/5ahcx
Sqk5UXYf26iuqsE8inQ6mjUjzOHwUS/7lCv09uVoempF/jwC/RTtu1s5FKX6HjVx
HQ/Vx/M+HAkxkgSWz/bRvITVxNs6danR/qsxOJQEvi3xHeEvXtVM2OR5FNAwoc0F
wVCJ//pz9JTW3OuLFCQBR5iFgQVwCy0HHoDW3IT9beODHi1EEhYBlxSF0wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFM08OFIA8E7pvpf4fVmx/3URIOgkMB8GA1UdIwQY
MBaAFPmKAtIMa33jVxJfOLFzXKG5H4ezMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Zb0MwZ3hyZmVOWEVsODRzWE5jb2JrZmg3TS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2IvYTkyMDZlLWMxZTEtNGMxNS05NTMz
LWFjZTNkNjc1ZDNjZC8xL3pUdzRVZ0R3VHVtLWxfaDlXYkhfZFJFZzZDUS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2IvYTkyMDZlLWMxZTEtNGMxNS05NTMzLWFjZTNkNjc1ZDNj
ZC8xLzEtWW9DMGd4cmZlTlhFbDg0c1hOY29ia2ZoN00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC5FYsw
DQYJKoZIhvcNAQELBQADggEBAH6Q6JJ7PnXJj0DkQowWr8hR939k+sRFCkwZfBwb
EfyeIcjXLc/gKt2rPOu1GqpFjsTPQY3dys4ZQslm4c6/ZebLcQy4rj3ijTIgvBuY
73MsC3nWGd8CHA/vI3pTYw3cdxfOdC3o4Klra1+DLkUgBtl0uZjgjccHqYgZXB42
4QsA+0zbb2bBiK5QqV3psso/I+TXwPlsBAG77I52JQyvVBiPNiJ3or+8v43+9z2h
fTYpd4CXIsJ5gh6fdASSImLbNzV7Ml7IMLESVXVEa1ThADGtGil+7qSKxdW0rBJK
ui9Oce9KLAitUK8pKoiPxivZ+++B7vHINh58aGMQSJIye8o=
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:31:18 2025 by rpki-client