Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/4b90d6-87e6-473e-b36d-6e54215b24e7/1/ZaVl-mS9QGEv-KGxP-gS4VnI3l0.roa
File: ZaVl-mS9QGEv-KGxP-gS4VnI3l0.roa (raw, json)
Hash identifier: rLdcC4Fu6v8ftpqjWb/R+Awf42uJdXAtsKhIZ+HZWJ4=
Subject key identifier: 65:A5:65:FA:64:BD:40:61:2F:F8:A1:B1:3F:E8:12:E1:59:C8:DE:5D
Certificate issuer: /CN=891d6101d729bc95597da528604ec0b0b7e0042c
Certificate serial: 0181ED3FCB295A41889C836854838D884D1C
Authority key identifier: 89:1D:61:01:D7:29:BC:95:59:7D:A5:28:60:4E:C0:B0:B7:E0:04:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iR1hAdcpvJVZfaUoYE7AsLfgBCw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/4b90d6-87e6-473e-b36d-6e54215b24e7/1/ZaVl-mS9QGEv-KGxP-gS4VnI3l0.roa
Signing time: Mon 11 Jul 2022 12:33:09 +0000
ROA not before: Mon 11 Jul 2022 12:33:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 86.104.192.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:ed:3f:cb:29:5a:41:88:9c:83:68:54:83:8d:88:4d:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=891d6101d729bc95597da528604ec0b0b7e0042c
Validity
Not Before: Jul 11 12:33:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=65a565fa64bd40612ff8a1b13fe812e159c8de5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e8:e1:a2:92:6b:49:df:52:1c:ef:b4:cc:ae:
94:2e:10:b1:99:bc:57:56:f1:42:07:d5:44:0f:de:
1e:13:40:4e:a0:08:77:c2:8a:0b:fe:4a:9a:21:cb:
82:78:65:4c:5f:78:11:7c:3c:7b:2a:43:07:77:6d:
14:ce:4c:1f:a2:fd:16:b1:8e:2d:34:fa:f7:0c:97:
89:cd:38:d4:cb:19:61:07:d1:b4:e1:76:d0:3c:80:
e2:cd:3b:90:5d:8a:36:e6:a6:5d:e5:df:89:d3:76:
dd:88:6d:e5:e6:22:7f:f7:79:02:db:17:3e:8d:ca:
13:1c:8b:8d:d5:a6:e2:a8:0f:60:93:08:84:f8:04:
b2:65:04:08:40:c8:c3:a7:00:41:ae:25:e1:5a:65:
d4:96:eb:ab:6f:76:6a:c1:97:d4:b9:75:ba:59:0f:
79:6e:70:d4:06:3f:9f:80:8c:f9:df:53:37:cf:3d:
df:77:52:e8:78:37:06:bf:52:40:34:16:7d:40:0d:
da:99:96:c0:e5:1e:90:60:d1:6f:c4:6e:d9:fe:85:
69:35:53:0f:e4:19:9e:2c:c1:ec:ae:5d:70:da:77:
49:46:58:3c:73:05:33:f4:29:7e:31:d0:b2:24:df:
a5:ed:20:6e:56:b0:a2:a2:f2:74:9e:b9:44:bc:26:
2e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:A5:65:FA:64:BD:40:61:2F:F8:A1:B1:3F:E8:12:E1:59:C8:DE:5D
X509v3 Authority Key Identifier:
keyid:89:1D:61:01:D7:29:BC:95:59:7D:A5:28:60:4E:C0:B0:B7:E0:04:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iR1hAdcpvJVZfaUoYE7AsLfgBCw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/4b90d6-87e6-473e-b36d-6e54215b24e7/1/ZaVl-mS9QGEv-KGxP-gS4VnI3l0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/4b90d6-87e6-473e-b36d-6e54215b24e7/1/iR1hAdcpvJVZfaUoYE7AsLfgBCw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.192.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:4f:ba:50:b2:d5:63:45:bb:cd:a4:08:9d:81:ca:60:58:b0:
cc:f3:03:88:8e:a6:4d:43:9a:48:aa:6e:ac:6b:8f:db:e6:b8:
d7:b6:8c:e9:42:a2:b9:ec:7e:b8:73:0f:69:cb:9f:67:97:3f:
9e:5b:cc:4b:26:d2:07:07:d4:62:4b:94:dc:d2:bd:ba:8b:8f:
53:f1:52:9f:30:34:33:e9:02:93:9d:50:0d:a3:7b:53:5d:26:
be:61:1b:94:5a:51:08:fd:e5:04:ab:a9:5c:22:2b:a5:b7:57:
da:01:ca:30:31:fa:ae:94:7a:de:38:0e:17:f2:7a:30:1f:ad:
e9:a0:01:e3:4c:d7:d4:5e:e0:04:98:56:9b:25:75:bc:9d:83:
07:94:5b:95:03:0e:6e:f9:c9:73:cf:bf:f5:8c:6a:c3:8c:8e:
a2:94:82:8c:63:34:00:50:34:d5:6c:07:46:45:37:95:b6:b6:
f2:52:be:90:c8:a6:cb:2d:78:ea:ed:92:c6:73:9e:c2:a4:29:
c5:43:ad:d6:c1:96:d7:53:58:cd:a9:cc:3f:25:e8:9a:4d:5c:
cb:70:48:15:cc:66:bd:06:93:24:52:0c:49:01:25:c7:e5:56:
68:9c:9d:a4:55:05:47:51:27:90:b2:18:15:73:ba:23:54:5a:
47:85:31:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHtP8spWkGInINoVIONiE0cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MWQ2MTAxZDcyOWJjOTU1OTdkYTUyODYwNGVjMGIwYjdl
MDA0MmMwHhcNMjIwNzExMTIzMzA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWE1NjVmYTY0YmQ0MDYxMmZmOGExYjEzZmU4MTJlMTU5YzhkZTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApujhopJrSd9SHO+0zK6ULhCxmbxX
VvFCB9VED94eE0BOoAh3wooL/kqaIcuCeGVMX3gRfDx7KkMHd20Uzkwfov0WsY4t
NPr3DJeJzTjUyxlhB9G04XbQPIDizTuQXYo25qZd5d+J03bdiG3l5iJ/93kC2xc+
jcoTHIuN1abiqA9gkwiE+ASyZQQIQMjDpwBBriXhWmXUluurb3ZqwZfUuXW6WQ95
bnDUBj+fgIz531M3zz3fd1LoeDcGv1JANBZ9QA3amZbA5R6QYNFvxG7Z/oVpNVMP
5BmeLMHsrl1w2ndJRlg8cwUz9Cl+MdCyJN+l7SBuVrCiovJ0nrlEvCYuAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGWlZfpkvUBhL/ihsT/oEuFZyN5dMB8GA1UdIwQY
MBaAFIkdYQHXKbyVWX2lKGBOwLC34AQsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVIxaEFkY3B2SlZaZmFVb1lFN0FzTGZnQkN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS80YjkwZDYtODdlNi00NzNlLWIzNmQt
NmU1NDIxNWIyNGU3LzEvWmFWbC1tUzlRR0V2LUtHeFAtZ1M0Vm5JM2wwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS80YjkwZDYtODdlNi00NzNlLWIzNmQtNmU1NDIxNWIyNGU3
LzEvaVIxaEFkY3B2SlZaZmFVb1lFN0FzTGZnQkN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVmjAMA0G
CSqGSIb3DQEBCwUAA4IBAQC4T7pQstVjRbvNpAidgcpgWLDM8wOIjqZNQ5pIqm6s
a4/b5rjXtozpQqK57H64cw9py59nlz+eW8xLJtIHB9RiS5Tc0r26i49T8VKfMDQz
6QKTnVANo3tTXSa+YRuUWlEI/eUEq6lcIiult1faAcowMfqulHreOA4X8nowH63p
oAHjTNfUXuAEmFabJXW8nYMHlFuVAw5u+clzz7/1jGrDjI6ilIKMYzQAUDTVbAdG
RTeVtrbyUr6QyKbLLXjq7ZLGc57CpCnFQ63WwZbXU1jNqcw/JeiaTVzLcEgVzGa9
BpMkUgxJASXH5VZonJ2kVQVHUSeQshgVc7ojVFpHhTFX
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:41:08 2025 by rpki-client