Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/f96900-cf17-41f5-ae28-2b00ea32937b/1/RZyQ3g5g7zuG16eyI7N7VTiVYeo.roa
File: RZyQ3g5g7zuG16eyI7N7VTiVYeo.roa (raw, json)
Hash identifier: pABm/L2G4WF4L9E0WWntxajX9lZ/BNiG5ak/WEtZL3g=
Subject key identifier: 45:9C:90:DE:0E:60:EF:3B:86:D7:A7:B2:23:B3:7B:55:38:95:61:EA
Certificate issuer: /CN=ff32d6463621b13f78e530d144feac023e1e4582
Certificate serial: 0194C8846224A153BCD0420A887F14771E38
Authority key identifier: FF:32:D6:46:36:21:B1:3F:78:E5:30:D1:44:FE:AC:02:3E:1E:45:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_zLWRjYhsT945TDRRP6sAj4eRYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/f96900-cf17-41f5-ae28-2b00ea32937b/1/RZyQ3g5g7zuG16eyI7N7VTiVYeo.roa
Signing time: Sun 02 Feb 2025 21:15:06 +0000
ROA not before: Sun 02 Feb 2025 21:15:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 185.84.158.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c8:84:62:24:a1:53:bc:d0:42:0a:88:7f:14:77:1e:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff32d6463621b13f78e530d144feac023e1e4582
Validity
Not Before: Feb 2 21:15:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=459c90de0e60ef3b86d7a7b223b37b55389561ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:99:97:0d:2b:15:cb:ba:67:71:32:49:c6:d4:
97:90:63:64:32:2c:6c:06:77:07:c0:ab:9b:31:82:
ed:b8:ca:b4:68:94:19:0c:87:be:da:9a:ac:e4:84:
bf:99:f6:fc:7f:34:94:a9:7b:fd:ad:b1:3c:b6:69:
4f:40:fc:87:24:a3:1f:b7:64:fa:30:ad:06:fd:6d:
64:96:20:de:78:00:f7:4d:72:c5:6b:38:6d:d9:91:
7f:02:8a:d9:a3:3a:bb:96:90:8b:41:7a:5e:39:2a:
a1:e2:89:85:7c:e2:38:bc:04:26:69:19:ba:b5:8b:
4e:fb:63:84:45:92:61:f4:cd:fb:a6:03:ef:7e:5b:
e4:c4:0f:08:5c:62:6f:62:a3:5e:ea:a4:89:3b:80:
5a:dd:86:4c:f6:b1:61:a0:46:f5:18:84:b9:ae:36:
64:fa:af:00:9b:90:8b:37:ea:ac:50:53:bb:a9:bf:
3e:a3:1b:6c:05:5b:15:c4:bc:13:cc:c4:78:21:74:
fd:22:b0:47:47:7e:06:36:20:a2:8c:d9:6a:e3:8d:
56:a0:bd:5e:6b:36:17:3a:ed:25:ff:30:8e:22:64:
fa:83:ce:64:f5:e8:e4:4b:5b:ae:8f:8e:b8:3b:82:
e4:04:b3:bd:d5:53:d9:cc:a3:7a:20:81:53:57:ea:
f2:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:9C:90:DE:0E:60:EF:3B:86:D7:A7:B2:23:B3:7B:55:38:95:61:EA
X509v3 Authority Key Identifier:
keyid:FF:32:D6:46:36:21:B1:3F:78:E5:30:D1:44:FE:AC:02:3E:1E:45:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_zLWRjYhsT945TDRRP6sAj4eRYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/f96900-cf17-41f5-ae28-2b00ea32937b/1/RZyQ3g5g7zuG16eyI7N7VTiVYeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/f96900-cf17-41f5-ae28-2b00ea32937b/1/_zLWRjYhsT945TDRRP6sAj4eRYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.158.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:ff:26:b9:8f:59:47:89:94:e3:86:76:83:fc:c0:dc:7b:db:
f4:24:03:78:5d:71:c3:b2:b7:7f:d1:b3:2b:9a:62:c7:94:ec:
9c:79:38:7f:99:b2:ff:54:6f:5c:19:2e:e9:29:68:ed:64:ad:
d6:c4:29:09:f3:64:4c:16:48:c8:2e:ab:5a:ea:d7:70:70:26:
52:48:61:ab:63:78:97:62:ab:6c:df:7d:7e:0c:4d:ff:1b:78:
97:d6:95:32:ac:a9:ce:20:6b:52:a5:1b:bb:04:8e:62:bf:bf:
75:a3:12:32:6f:27:61:e6:e1:8b:5c:df:5f:c4:04:71:81:6a:
ff:e0:b1:0f:25:c6:8f:ee:9c:35:be:3d:d2:1f:9f:70:66:1b:
14:f7:ca:aa:8c:32:53:e2:fd:f5:04:9f:7e:14:25:09:3d:93:
ff:eb:3c:aa:be:2b:3c:39:21:87:af:08:a0:45:f2:17:7b:00:
df:4f:69:a0:7f:5d:1a:05:9d:82:fa:7d:eb:0f:76:3b:35:4d:
04:76:92:86:48:bf:7f:43:34:78:98:02:57:d6:97:08:3a:cd:
fa:a4:db:cb:d9:19:d3:e9:a5:52:5e:2c:54:fa:09:18:45:98:
61:ed:d9:ea:93:1f:66:42:d2:5e:06:9d:00:1c:57:14:64:62:
10:a3:53:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTIhGIkoVO80EIKiH8Udx44MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMzJkNjQ2MzYyMWIxM2Y3OGU1MzBkMTQ0ZmVhYzAyM2Ux
ZTQ1ODIwHhcNMjUwMjAyMjExNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTljOTBkZTBlNjBlZjNiODZkN2E3YjIyM2IzN2I1NTM4OTU2MWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5mXDSsVy7pncTJJxtSXkGNkMixs
BncHwKubMYLtuMq0aJQZDIe+2pqs5IS/mfb8fzSUqXv9rbE8tmlPQPyHJKMft2T6
MK0G/W1kliDeeAD3TXLFazht2ZF/AorZozq7lpCLQXpeOSqh4omFfOI4vAQmaRm6
tYtO+2OERZJh9M37pgPvflvkxA8IXGJvYqNe6qSJO4Ba3YZM9rFhoEb1GIS5rjZk
+q8Am5CLN+qsUFO7qb8+oxtsBVsVxLwTzMR4IXT9IrBHR34GNiCijNlq441WoL1e
azYXOu0l/zCOImT6g85k9ejkS1uuj464O4LkBLO91VPZzKN6IIFTV+ryPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEWckN4OYO87htensiOze1U4lWHqMB8GA1UdIwQY
MBaAFP8y1kY2IbE/eOUw0UT+rAI+HkWCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3pMV1JqWWhzVDk0NVREUlJQNnNBajRlUllJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9mOTY5MDAtY2YxNy00MWY1LWFlMjgt
MmIwMGVhMzI5MzdiLzEvUlp5UTNnNWc3enVHMTZleUk3TjdWVGlWWWVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9mOTY5MDAtY2YxNy00MWY1LWFlMjgtMmIwMGVhMzI5Mzdi
LzEvX3pMV1JqWWhzVDk0NVREUlJQNnNBajRlUllJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVSeMA0G
CSqGSIb3DQEBCwUAA4IBAQCa/ya5j1lHiZTjhnaD/MDce9v0JAN4XXHDsrd/0bMr
mmLHlOyceTh/mbL/VG9cGS7pKWjtZK3WxCkJ82RMFkjILqta6tdwcCZSSGGrY3iX
Yqts331+DE3/G3iX1pUyrKnOIGtSpRu7BI5iv791oxIybydh5uGLXN9fxARxgWr/
4LEPJcaP7pw1vj3SH59wZhsU98qqjDJT4v31BJ9+FCUJPZP/6zyqvis8OSGHrwig
RfIXewDfT2mgf10aBZ2C+n3rD3Y7NU0EdpKGSL9/QzR4mAJX1pcIOs36pNvL2RnT
6aVSXixU+gkYRZhh7dnqkx9mQtJeBp0AHFcUZGIQo1NP
-----END CERTIFICATE-----
Generated at Wed Apr 9 05:37:22 2025 by rpki-client