Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/541434-879d-4e55-a47f-190b06dee4dc/1/zD8lanFfCKcjzXb5ZLkO_uI8Eww.roa
File: zD8lanFfCKcjzXb5ZLkO_uI8Eww.roa (raw, json)
Hash identifier: FP/b4ehPHpPPt6ISCHNjh4J5r42QMToe0aZbLviIqX8=
Subject key identifier: CC:3F:25:6A:71:5F:08:A7:23:CD:76:F9:64:B9:0E:FE:E2:3C:13:0C
Certificate issuer: /CN=0e856801bef8ed3ae810e7e67a31fd012b44d30c
Certificate serial: 01941F8C3822567DDFC665ABA182B7BF9540
Authority key identifier: 0E:85:68:01:BE:F8:ED:3A:E8:10:E7:E6:7A:31:FD:01:2B:44:D3:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DoVoAb747TroEOfmejH9AStE0ww.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/541434-879d-4e55-a47f-190b06dee4dc/1/zD8lanFfCKcjzXb5ZLkO_uI8Eww.roa
Signing time: Wed 01 Jan 2025 01:47:50 +0000
ROA not before: Wed 01 Jan 2025 01:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13127
IP address blocks: 176.117.57.0/24 maxlen: 24
2001:67c:17ec::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:38:22:56:7d:df:c6:65:ab:a1:82:b7:bf:95:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e856801bef8ed3ae810e7e67a31fd012b44d30c
Validity
Not Before: Jan 1 01:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc3f256a715f08a723cd76f964b90efee23c130c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:e7:1d:54:34:f5:64:6e:9c:c8:62:9a:80:c1:
0a:53:52:99:95:c8:19:4b:e9:b9:a2:61:27:3e:16:
ad:1a:5e:f7:a7:a5:0a:3a:e6:d4:a5:c2:b9:80:0b:
07:3c:a2:07:1a:40:03:2a:3e:7f:02:4f:32:9f:49:
91:49:2a:ce:07:17:7d:af:dc:1d:06:27:e6:a4:e9:
bf:f4:a8:e0:37:72:e6:5e:e2:aa:4b:ce:75:0d:5d:
63:a7:29:aa:c6:e9:cd:7f:8b:9d:65:c6:8a:6b:44:
5d:ed:98:52:45:b2:a8:ac:44:1e:4a:6b:8d:16:a5:
9e:0c:6d:71:cd:99:f2:7b:73:eb:28:2a:f7:fd:97:
e4:b8:48:7a:4b:b2:e7:7b:7f:a3:57:9f:ab:a4:be:
d0:00:9e:ca:3d:f1:19:a2:03:ca:97:d1:d0:a3:7d:
da:38:7c:82:b7:59:d6:77:e7:11:35:be:96:40:8e:
15:63:01:cd:a2:b5:4b:bc:4f:a2:82:01:87:bb:63:
a2:87:89:33:f2:be:ac:44:d6:d8:8f:ed:d5:c3:2b:
d8:24:76:41:5e:e0:f4:45:cb:ec:fe:ff:30:6c:b7:
d7:b4:e0:7f:0a:c9:93:46:d8:6f:e5:44:32:34:54:
1d:18:a3:3d:db:50:f3:43:25:f8:1c:ed:bc:ae:d9:
b6:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:3F:25:6A:71:5F:08:A7:23:CD:76:F9:64:B9:0E:FE:E2:3C:13:0C
X509v3 Authority Key Identifier:
keyid:0E:85:68:01:BE:F8:ED:3A:E8:10:E7:E6:7A:31:FD:01:2B:44:D3:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DoVoAb747TroEOfmejH9AStE0ww.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/541434-879d-4e55-a47f-190b06dee4dc/1/zD8lanFfCKcjzXb5ZLkO_uI8Eww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/541434-879d-4e55-a47f-190b06dee4dc/1/DoVoAb747TroEOfmejH9AStE0ww.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.117.57.0/24
IPv6:
2001:67c:17ec::/48
Signature Algorithm: sha256WithRSAEncryption
87:b4:28:bd:9c:c8:65:3e:0d:67:ce:fd:bd:e2:12:fc:bf:5b:
ea:09:4c:e8:1e:a2:d3:20:56:c4:45:a3:4b:2b:d4:0b:6c:17:
a0:d4:c8:8f:fc:1f:21:79:36:fb:ba:33:9c:ba:38:dc:78:57:
6e:a4:f1:8e:5e:e9:0b:e7:05:0c:ae:12:d6:b9:f8:af:aa:f5:
2b:a2:d5:94:f5:50:2d:3c:6e:0c:c2:45:67:d6:a5:67:70:d6:
99:fa:fc:21:4b:ce:fa:1d:aa:e6:7e:d0:6c:ef:fb:fb:0b:ea:
ee:57:f1:e5:83:ea:e1:5c:51:4c:b2:be:8f:7f:47:13:9e:1c:
b9:2d:39:9a:18:f8:b2:cf:80:9c:f1:69:f0:33:38:84:c9:f2:
8a:65:5e:48:f8:ea:02:09:c2:4b:97:b5:c0:d2:50:74:c6:ad:
7b:e8:1a:08:6d:09:da:e8:e5:a6:89:cb:72:12:86:df:dd:65:
27:93:b0:9f:3c:2b:6f:53:b4:2c:50:6f:ae:dc:ef:31:03:17:
8e:4a:0b:24:61:80:fb:c9:cb:f2:01:5b:32:ba:1a:59:88:66:
7e:8a:c4:60:f2:09:20:15:1f:56:73:4f:a1:c4:38:d2:3c:87:
bd:0e:e5:fc:1e:3a:50:0a:f9:2c:a8:d3:33:7c:84:96:4d:6f:
88:bb:f5:2b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQfjDgiVn3fxmWroYK3v5VAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlODU2ODAxYmVmOGVkM2FlODEwZTdlNjdhMzFmZDAxMmI0
NGQzMGMwHhcNMjUwMTAxMDE0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzNmMjU2YTcxNWYwOGE3MjNjZDc2Zjk2NGI5MGVmZWUyM2MxMzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzOcdVDT1ZG6cyGKagMEKU1KZlcgZ
S+m5omEnPhatGl73p6UKOubUpcK5gAsHPKIHGkADKj5/Ak8yn0mRSSrOBxd9r9wd
BifmpOm/9KjgN3LmXuKqS851DV1jpymqxunNf4udZcaKa0Rd7ZhSRbKorEQeSmuN
FqWeDG1xzZnye3PrKCr3/ZfkuEh6S7Lne3+jV5+rpL7QAJ7KPfEZogPKl9HQo33a
OHyCt1nWd+cRNb6WQI4VYwHNorVLvE+iggGHu2Oih4kz8r6sRNbYj+3VwyvYJHZB
XuD0Rcvs/v8wbLfXtOB/CsmTRthv5UQyNFQdGKM921DzQyX4HO28rtm2rQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMw/JWpxXwinI812+WS5Dv7iPBMMMB8GA1UdIwQY
MBaAFA6FaAG++O066BDn5nox/QErRNMMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG9Wb0FiNzQ3VHJvRU9mbWVqSDlBU3RFMHd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC81NDE0MzQtODc5ZC00ZTU1LWE0N2Yt
MTkwYjA2ZGVlNGRjLzEvekQ4bGFuRmZDS2NqelhiNVpMa09fdUk4RXd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC81NDE0MzQtODc5ZC00ZTU1LWE0N2YtMTkwYjA2ZGVlNGRj
LzEvRG9Wb0FiNzQ3VHJvRU9mbWVqSDlBU3RFMHd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAsHU5MA8E
AgACMAkDBwAgAQZ8F+wwDQYJKoZIhvcNAQELBQADggEBAIe0KL2cyGU+DWfO/b3i
Evy/W+oJTOgeotMgVsRFo0sr1AtsF6DUyI/8HyF5Nvu6M5y6ONx4V26k8Y5e6Qvn
BQyuEta5+K+q9Sui1ZT1UC08bgzCRWfWpWdw1pn6/CFLzvodquZ+0Gzv+/sL6u5X
8eWD6uFcUUyyvo9/RxOeHLktOZoY+LLPgJzxafAzOITJ8oplXkj46gIJwkuXtcDS
UHTGrXvoGghtCdro5aaJy3ISht/dZSeTsJ88K29TtCxQb67c7zEDF45KCyRhgPvJ
y/IBWzK6GlmIZn6KxGDyCSAVH1ZzT6HEONI8h70O5fweOlAK+Syo0zN8hJZNb4i7
9Ss=
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:11:34 2025 by rpki-client