Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/caeeb6-8017-4c22-a81c-64075c2ae463/1/a-zhZjuXDc_FsfQbRuaEtluPpHA.roa
File: a-zhZjuXDc_FsfQbRuaEtluPpHA.roa (raw, json)
Hash identifier: 5+3esVT/zzC55YQOAsi2tnDDnrmv1Y7c5U2ef5q3Qdw=
Subject key identifier: 6B:EC:E1:66:3B:97:0D:CF:C5:B1:F4:1B:46:E6:84:B6:5B:8F:A4:70
Certificate issuer: /CN=f26681caa1d37e5899ba27dfbc36960e06b5d3f2
Certificate serial: 01942369A1BB4E195646C5DF3DE74E45488D
Authority key identifier: F2:66:81:CA:A1:D3:7E:58:99:BA:27:DF:BC:36:96:0E:06:B5:D3:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8maByqHTfliZuiffvDaWDga10_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/caeeb6-8017-4c22-a81c-64075c2ae463/1/a-zhZjuXDc_FsfQbRuaEtluPpHA.roa
Signing time: Wed 01 Jan 2025 19:48:32 +0000
ROA not before: Wed 01 Jan 2025 19:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57595
IP address blocks: 176.221.72.0/21 maxlen: 21
176.221.72.0/24 maxlen: 24
176.221.73.0/24 maxlen: 24
176.221.74.0/24 maxlen: 24
176.221.75.0/24 maxlen: 24
176.221.76.0/24 maxlen: 24
176.221.77.0/24 maxlen: 24
176.221.78.0/24 maxlen: 24
176.221.79.0/24 maxlen: 24
185.22.144.0/22 maxlen: 22
185.22.144.0/24 maxlen: 24
185.22.145.0/24 maxlen: 24
185.22.146.0/24 maxlen: 24
185.22.147.0/24 maxlen: 24
2a00:4440::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:a1:bb:4e:19:56:46:c5:df:3d:e7:4e:45:48:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f26681caa1d37e5899ba27dfbc36960e06b5d3f2
Validity
Not Before: Jan 1 19:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6bece1663b970dcfc5b1f41b46e684b65b8fa470
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:e5:73:66:70:4b:7a:4b:94:c7:7e:bb:61:c9:
f8:92:59:c6:0a:29:ad:83:56:94:69:64:a4:1c:06:
43:f3:6d:9d:ce:06:a9:fb:70:f2:cd:32:86:e4:1f:
5d:30:ba:19:0a:ec:28:37:6b:ee:7c:5f:e5:4c:2c:
56:9b:e2:c6:95:57:d2:e1:fd:ba:6a:21:0b:0a:38:
77:72:11:94:57:d8:c1:85:94:80:99:20:d5:5a:2c:
1c:32:8e:0e:f2:b8:d7:7b:26:a6:0d:0a:21:26:33:
07:36:81:06:30:43:74:69:ef:bb:a8:93:db:41:3c:
d3:e7:a3:e9:3b:25:15:5a:37:99:cc:ac:f2:05:45:
b4:d6:81:36:25:67:cd:e9:88:08:54:ba:21:31:0b:
b4:de:75:43:aa:a4:cd:9c:8d:9e:3d:fa:19:23:9e:
db:a6:4a:ae:0b:40:ca:cb:d2:b2:6f:48:2e:01:cd:
e6:90:64:00:2b:25:2b:32:d7:06:b4:54:22:42:4f:
62:01:cd:f7:4d:fa:a3:23:89:7f:a7:b1:0e:2b:f0:
50:a8:12:d1:3f:41:bc:99:fc:f9:fd:1a:fe:74:17:
28:f2:7c:1d:77:3d:bc:bf:53:8e:72:6e:cc:33:0f:
c4:e4:63:27:14:d7:ff:f1:73:9c:18:30:1f:c5:08:
bb:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:EC:E1:66:3B:97:0D:CF:C5:B1:F4:1B:46:E6:84:B6:5B:8F:A4:70
X509v3 Authority Key Identifier:
keyid:F2:66:81:CA:A1:D3:7E:58:99:BA:27:DF:BC:36:96:0E:06:B5:D3:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8maByqHTfliZuiffvDaWDga10_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/caeeb6-8017-4c22-a81c-64075c2ae463/1/a-zhZjuXDc_FsfQbRuaEtluPpHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/caeeb6-8017-4c22-a81c-64075c2ae463/1/8maByqHTfliZuiffvDaWDga10_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.221.72.0/21
185.22.144.0/22
IPv6:
2a00:4440::/32
Signature Algorithm: sha256WithRSAEncryption
d6:e0:14:5a:e1:73:b4:8f:c4:f7:c6:51:fb:2f:c5:a4:96:7f:
26:8f:80:fc:3d:e9:c3:ce:3f:0f:99:3a:72:34:d3:ef:60:9a:
95:62:ef:21:33:60:f3:54:3f:ac:3a:64:44:9e:4f:69:af:e3:
50:17:6d:c9:10:26:fc:9c:6e:09:96:a6:40:f7:eb:1a:37:f6:
4b:b7:6d:a4:dc:ea:a9:02:59:39:6c:27:83:ee:12:19:52:2a:
5d:21:13:c5:1c:e5:27:90:c2:19:36:1a:75:2a:0c:ef:28:e8:
2b:52:88:92:fc:82:98:f0:7a:c9:b2:20:95:c3:40:ca:2f:9a:
92:1e:27:ec:51:4c:71:05:0e:e0:51:b6:d6:77:6b:f7:75:b0:
2e:ff:21:21:2c:10:75:b3:91:8a:1c:37:45:c8:ad:de:58:62:
88:1a:35:ea:c5:40:b1:79:af:ee:9f:bd:bc:f9:36:1c:76:a7:
ad:53:25:b8:7c:c3:22:17:14:0c:a7:ca:e2:d7:63:6d:77:8f:
1e:d2:c7:31:db:72:f0:d7:ee:cd:f8:f5:a6:c9:aa:cb:33:fc:
29:59:d6:df:56:fc:d0:bf:6e:92:d1:b1:5f:cb:f9:4a:6d:a8:
f7:f8:c5:d2:f8:fd:3d:30:ac:be:fa:11:4e:93:1a:e8:8c:fa:
aa:bc:af:8e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQjaaG7ThlWRsXfPedORUiNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyNjY4MWNhYTFkMzdlNTg5OWJhMjdkZmJjMzY5NjBlMDZi
NWQzZjIwHhcNMjUwMTAxMTk0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmVjZTE2NjNiOTcwZGNmYzViMWY0MWI0NmU2ODRiNjViOGZhNDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+eVzZnBLekuUx367Ycn4klnGCimt
g1aUaWSkHAZD822dzgap+3DyzTKG5B9dMLoZCuwoN2vufF/lTCxWm+LGlVfS4f26
aiELCjh3chGUV9jBhZSAmSDVWiwcMo4O8rjXeyamDQohJjMHNoEGMEN0ae+7qJPb
QTzT56PpOyUVWjeZzKzyBUW01oE2JWfN6YgIVLohMQu03nVDqqTNnI2ePfoZI57b
pkquC0DKy9Kyb0guAc3mkGQAKyUrMtcGtFQiQk9iAc33TfqjI4l/p7EOK/BQqBLR
P0G8mfz5/Rr+dBco8nwddz28v1OOcm7MMw/E5GMnFNf/8XOcGDAfxQi7rQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGvs4WY7lw3PxbH0G0bmhLZbj6RwMB8GA1UdIwQY
MBaAFPJmgcqh035Ymbon37w2lg4GtdPyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOG1hQnlxSFRmbGladWlmZnZEYVdEZ2ExMF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jYWVlYjYtODAxNy00YzIyLWE4MWMt
NjQwNzVjMmFlNDYzLzEvYS16aFpqdVhEY19Gc2ZRYlJ1YUV0bHVQcEhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9jYWVlYjYtODAxNy00YzIyLWE4MWMtNjQwNzVjMmFlNDYz
LzEvOG1hQnlxSFRmbGladWlmZnZEYVdEZ2ExMF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDsN1IAwQC
uRaQMA0EAgACMAcDBQAqAERAMA0GCSqGSIb3DQEBCwUAA4IBAQDW4BRa4XO0j8T3
xlH7L8Wkln8mj4D8PenDzj8PmTpyNNPvYJqVYu8hM2DzVD+sOmREnk9pr+NQF23J
ECb8nG4JlqZA9+saN/ZLt22k3OqpAlk5bCeD7hIZUipdIRPFHOUnkMIZNhp1Kgzv
KOgrUoiS/IKY8HrJsiCVw0DKL5qSHifsUUxxBQ7gUbbWd2v3dbAu/yEhLBB1s5GK
HDdFyK3eWGKIGjXqxUCxea/un728+TYcdqetUyW4fMMiFxQMp8ri12Ntd48e0scx
23Lw1+7N+PWmyarLM/wpWdbfVvzQv26S0bFfy/lKbaj3+MXS+P09MKy++hFOkxro
jPqqvK+O
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:57:02 2025 by rpki-client