Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/Zx6ocUXZPv9ugDaKE48DGBMLF6A.roa
File: Zx6ocUXZPv9ugDaKE48DGBMLF6A.roa (raw, json)
Hash identifier: eczAYV352bps9e0uDy2+UhD17VUmZRomZx5rDCvyLpE=
Subject key identifier: 67:1E:A8:71:45:D9:3E:FF:6E:80:36:8A:13:8F:03:18:13:0B:17:A0
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 01861288608ABBC5AAE1DD88141BF5210940
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/Zx6ocUXZPv9ugDaKE48DGBMLF6A.roa
Signing time: Thu 02 Feb 2023 14:29:32 +0000
ROA not before: Thu 02 Feb 2023 14:29:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212157
IP address blocks: 185.52.4.0/22 maxlen: 24
147.181.1.0/24 maxlen: 24
147.181.3.0/24 maxlen: 24
2a04:9a00:1010::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:12:88:60:8a:bb:c5:aa:e1:dd:88:14:1b:f5:21:09:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Feb 2 14:29:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=671ea87145d93eff6e80368a138f0318130b17a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:60:0d:21:2b:bc:c6:c2:49:61:a1:3c:a1:52:
bf:91:ff:a5:c1:e2:aa:4c:75:78:a8:0c:9a:9f:03:
ad:90:11:27:6a:c7:80:17:4c:8a:65:21:27:4d:24:
07:d9:06:25:62:fd:90:dd:48:b5:c3:a5:f5:79:d1:
f7:3f:73:0b:bf:63:71:24:60:1f:51:b7:c9:13:0f:
84:66:a2:af:1a:ca:61:58:d1:a7:cb:8a:73:f9:a2:
d5:2d:85:40:b3:6f:ed:c8:a3:39:fe:33:55:d7:d0:
bc:f0:59:31:4d:a5:fb:5f:84:b8:48:f4:b1:ab:c2:
10:42:f2:5a:5e:44:ea:82:46:a9:6c:cd:13:24:ea:
60:92:6b:41:9c:c6:50:76:76:a5:5f:8e:a9:ee:88:
00:2c:20:88:72:b6:94:96:38:60:89:4a:31:46:71:
83:29:5c:7b:1b:f4:0e:35:b6:e7:fe:79:a6:aa:98:
5c:de:1b:ea:51:41:8e:94:bf:d9:b5:2a:5b:5a:fe:
8c:ed:8c:42:bf:73:eb:04:a8:c6:de:bc:cc:48:f2:
db:10:73:2f:5e:0c:30:c1:9f:50:86:e1:7e:5d:25:
b3:d7:f8:7a:e7:9c:91:a7:97:b8:5b:8a:ef:c8:46:
09:24:93:f3:ea:4c:9b:ec:35:22:fb:45:bd:21:02:
e9:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:1E:A8:71:45:D9:3E:FF:6E:80:36:8A:13:8F:03:18:13:0B:17:A0
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/Zx6ocUXZPv9ugDaKE48DGBMLF6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.181.1.0/24
147.181.3.0/24
185.52.4.0/22
IPv6:
2a04:9a00:1010::/44
Signature Algorithm: sha256WithRSAEncryption
c2:42:48:9f:a8:51:00:35:c6:a4:5b:47:cb:c4:27:ea:21:98:
c6:67:c9:30:1c:68:35:34:1a:d3:03:e5:c7:d0:7b:ab:71:f4:
c7:49:f1:a9:b6:4d:ef:d9:26:de:60:47:50:31:1a:96:57:48:
95:56:59:d8:ff:e2:5c:10:09:76:38:64:31:e4:7c:cf:e7:d5:
63:2d:83:11:8c:e9:fb:24:91:62:28:fb:f0:19:73:71:7d:bc:
80:bb:9a:87:17:9d:0b:7c:5f:43:c7:6c:86:32:49:c1:ce:e8:
9f:97:8d:f7:d7:54:15:ab:43:2a:3d:5f:bd:a9:ad:41:11:88:
1a:67:cb:ca:97:cb:fd:22:f0:76:ab:7c:14:85:84:11:07:df:
19:21:bb:1e:66:51:ed:45:67:24:c5:e8:54:61:61:51:f4:66:
68:81:49:fe:bf:66:44:ff:69:a2:31:ed:18:76:27:07:cb:ba:
61:18:67:f4:90:31:ea:2b:ee:4e:47:ea:ad:77:80:7c:ec:44:
14:6b:f5:0a:cc:41:93:2e:37:f1:df:db:77:3a:27:5d:27:45:
f5:be:02:a5:63:92:58:5f:2e:b4:40:e5:7e:2f:8e:4c:4b:39:
34:0c:7d:a8:fc:b7:c3:51:46:26:fd:c1:ca:b9:79:ec:4f:fe:
59:24:11:55
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYYSiGCKu8Wq4d2IFBv1IQlAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjMwMjAyMTQyOTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzFlYTg3MTQ1ZDkzZWZmNmU4MDM2OGExMzhmMDMxODEzMGIxN2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGANISu8xsJJYaE8oVK/kf+lweKq
THV4qAyanwOtkBEnaseAF0yKZSEnTSQH2QYlYv2Q3Ui1w6X1edH3P3MLv2NxJGAf
UbfJEw+EZqKvGsphWNGny4pz+aLVLYVAs2/tyKM5/jNV19C88FkxTaX7X4S4SPSx
q8IQQvJaXkTqgkapbM0TJOpgkmtBnMZQdnalX46p7ogALCCIcraUljhgiUoxRnGD
KVx7G/QONbbn/nmmqphc3hvqUUGOlL/ZtSpbWv6M7YxCv3PrBKjG3rzMSPLbEHMv
XgwwwZ9QhuF+XSWz1/h655yRp5e4W4rvyEYJJJPz6kyb7DUi+0W9IQLpxwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFGceqHFF2T7/boA2ihOPAxgTCxegMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvWng2b2NVWFpQdjl1Z0RhS0U0OERHQk1MRjZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAk7UBAwQA
k7UDAwQCuTQEMA8EAgACMAkDBwQqBJoAEBAwDQYJKoZIhvcNAQELBQADggEBAMJC
SJ+oUQA1xqRbR8vEJ+ohmMZnyTAcaDU0GtMD5cfQe6tx9MdJ8am2Te/ZJt5gR1Ax
GpZXSJVWWdj/4lwQCXY4ZDHkfM/n1WMtgxGM6fskkWIo+/AZc3F9vIC7mocXnQt8
X0PHbIYyScHO6J+XjffXVBWrQyo9X72prUERiBpny8qXy/0i8HarfBSFhBEH3xkh
ux5mUe1FZyTF6FRhYVH0ZmiBSf6/ZkT/aaIx7Rh2JwfLumEYZ/SQMeor7k5H6q13
gHzsRBRr9QrMQZMuN/Hf23c6J10nRfW+AqVjklhfLrRA5X4vjkxLOTQMfaj8t8NR
Rib9wcq5eexP/lkkEVU=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:45:20 2025 by rpki-client