Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/796823-6d81-4d91-b664-e0abd4d84571/1/pzYaLDX-85nYF2riSdG9v-AKZYM.roa
File: pzYaLDX-85nYF2riSdG9v-AKZYM.roa (raw, json)
Hash identifier: EygpfdGwPkKz8M66wN+etr5plBuJkHzB1mglzx/9MuQ=
Subject key identifier: A7:36:1A:2C:35:FE:F3:99:D8:17:6A:E2:49:D1:BD:BF:E0:0A:65:83
Certificate issuer: /CN=04268ae40737536a464c28493eaf503db9a18f20
Certificate serial: 0194221F6B2706185365F033D29D59EC8E01
Authority key identifier: 04:26:8A:E4:07:37:53:6A:46:4C:28:49:3E:AF:50:3D:B9:A1:8F:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BCaK5Ac3U2pGTChJPq9QPbmhjyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/796823-6d81-4d91-b664-e0abd4d84571/1/pzYaLDX-85nYF2riSdG9v-AKZYM.roa
Signing time: Wed 01 Jan 2025 13:47:51 +0000
ROA not before: Wed 01 Jan 2025 13:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50754
IP address blocks: 185.134.76.0/22 maxlen: 24
2a06:ebc0::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:6b:27:06:18:53:65:f0:33:d2:9d:59:ec:8e:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04268ae40737536a464c28493eaf503db9a18f20
Validity
Not Before: Jan 1 13:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a7361a2c35fef399d8176ae249d1bdbfe00a6583
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0c:df:f3:47:0c:a8:e4:10:72:77:57:17:3d:
23:13:ef:ed:74:ed:e6:c4:b5:6b:75:39:bc:5d:56:
25:7b:cf:9a:24:59:47:7e:c2:20:98:e3:20:91:fe:
15:a5:89:ff:41:8a:64:81:dc:37:c6:20:1e:86:f3:
91:1b:6b:30:8b:de:e3:9f:e2:b5:ee:64:1c:5c:29:
48:08:3e:07:25:98:9e:b9:a7:98:ef:34:f2:f2:cc:
2e:3f:bd:8a:a4:0f:52:7e:c5:93:37:48:dd:de:61:
c6:e1:b2:d0:d6:66:f4:03:98:cb:2c:2e:78:c4:34:
b8:47:4d:59:bd:b1:79:36:9b:72:82:69:71:fa:8d:
01:8d:0d:b8:d6:c8:1d:50:c7:f8:7c:2a:1a:c6:57:
0a:32:48:6a:90:b1:8c:ce:85:04:08:fa:41:28:2a:
01:32:33:7b:40:0c:52:59:7a:35:30:67:98:48:d0:
4d:f3:3a:3c:03:f6:eb:27:fe:48:bd:9a:a8:fe:68:
8a:90:05:8b:28:1f:54:6d:64:c3:1a:89:06:4e:b1:
22:f4:bc:23:a7:bb:85:db:05:57:e3:d9:a6:5c:6f:
4d:ae:53:d7:1e:9a:48:b7:0e:55:a0:14:ba:cf:cb:
f0:4f:34:a6:03:ba:b3:d9:72:14:6b:bb:71:00:37:
20:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:36:1A:2C:35:FE:F3:99:D8:17:6A:E2:49:D1:BD:BF:E0:0A:65:83
X509v3 Authority Key Identifier:
keyid:04:26:8A:E4:07:37:53:6A:46:4C:28:49:3E:AF:50:3D:B9:A1:8F:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BCaK5Ac3U2pGTChJPq9QPbmhjyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/796823-6d81-4d91-b664-e0abd4d84571/1/pzYaLDX-85nYF2riSdG9v-AKZYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/796823-6d81-4d91-b664-e0abd4d84571/1/BCaK5Ac3U2pGTChJPq9QPbmhjyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.134.76.0/22
IPv6:
2a06:ebc0::/29
Signature Algorithm: sha256WithRSAEncryption
24:5c:28:e6:42:29:be:46:e1:32:0a:6f:ca:c5:d6:46:c1:dd:
26:1f:5e:bb:32:bd:39:5d:0e:b7:1d:00:06:22:8c:ca:21:7b:
eb:ee:10:b6:97:bf:ca:1e:3a:7f:2c:fb:92:4b:0d:ee:33:44:
99:26:82:45:d3:ba:33:03:2e:77:64:c6:f2:cf:c1:65:b4:84:
d8:0f:1b:a6:6a:15:eb:b2:7a:c2:c1:55:23:71:fe:cb:cb:2e:
9f:51:7c:24:86:c0:83:ed:0d:0b:4a:8d:23:0b:65:9d:8d:50:
a9:02:3b:43:2e:34:15:7f:55:86:a2:43:a0:be:7c:3d:b2:6e:
d3:21:28:d8:87:d7:ee:5a:a1:fe:18:73:06:66:dc:47:ea:48:
3f:ab:63:7e:40:49:8c:b9:3b:9e:eb:76:ad:c0:a1:dc:7e:71:
c9:22:76:88:84:1b:38:ad:2a:5e:9f:d9:8c:7e:20:f2:92:e7:
82:3d:23:1f:48:0e:a7:1f:79:47:9f:f8:fb:05:d5:cd:f5:e6:
9d:a8:9e:ae:49:49:57:61:96:13:18:c0:5a:d9:69:17:d5:6b:
22:fb:2f:a0:a0:d8:c3:0d:89:86:77:3d:8b:83:45:13:be:a8:
be:b4:85:0d:98:43:e8:38:3e:f6:f9:6c:d7:c1:9c:b9:3e:1e:
c3:93:ff:50
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQiH2snBhhTZfAz0p1Z7I4BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0MjY4YWU0MDczNzUzNmE0NjRjMjg0OTNlYWY1MDNkYjlh
MThmMjAwHhcNMjUwMTAxMTM0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzM2MWEyYzM1ZmVmMzk5ZDgxNzZhZTI0OWQxYmRiZmUwMGE2NTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAzf80cMqOQQcndXFz0jE+/tdO3m
xLVrdTm8XVYle8+aJFlHfsIgmOMgkf4VpYn/QYpkgdw3xiAehvORG2swi97jn+K1
7mQcXClICD4HJZieuaeY7zTy8swuP72KpA9SfsWTN0jd3mHG4bLQ1mb0A5jLLC54
xDS4R01ZvbF5Nptygmlx+o0BjQ241sgdUMf4fCoaxlcKMkhqkLGMzoUECPpBKCoB
MjN7QAxSWXo1MGeYSNBN8zo8A/brJ/5IvZqo/miKkAWLKB9UbWTDGokGTrEi9Lwj
p7uF2wVX49mmXG9NrlPXHppItw5VoBS6z8vwTzSmA7qz2XIUa7txADcgrQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKc2Giw1/vOZ2Bdq4knRvb/gCmWDMB8GA1UdIwQY
MBaAFAQmiuQHN1NqRkwoST6vUD25oY8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkNhSzVBYzNVMnBHVENoSlBxOVFQYm1oanlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy83OTY4MjMtNmQ4MS00ZDkxLWI2NjQt
ZTBhYmQ0ZDg0NTcxLzEvcHpZYUxEWC04NW5ZRjJyaVNkRzl2LUFLWllNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy83OTY4MjMtNmQ4MS00ZDkxLWI2NjQtZTBhYmQ0ZDg0NTcx
LzEvQkNhSzVBYzNVMnBHVENoSlBxOVFQYm1oanlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYZMMA0E
AgACMAcDBQMqBuvAMA0GCSqGSIb3DQEBCwUAA4IBAQAkXCjmQim+RuEyCm/KxdZG
wd0mH167Mr05XQ63HQAGIozKIXvr7hC2l7/KHjp/LPuSSw3uM0SZJoJF07ozAy53
ZMbyz8FltITYDxumahXrsnrCwVUjcf7Lyy6fUXwkhsCD7Q0LSo0jC2WdjVCpAjtD
LjQVf1WGokOgvnw9sm7TISjYh9fuWqH+GHMGZtxH6kg/q2N+QEmMuTue63atwKHc
fnHJInaIhBs4rSpen9mMfiDykueCPSMfSA6nH3lHn/j7BdXN9eadqJ6uSUlXYZYT
GMBa2WkX1Wsi+y+goNjDDYmGdz2Lg0UTvqi+tIUNmEPoOD72+WzXwZy5Ph7Dk/9Q
-----END CERTIFICATE-----
Generated at Mon Apr 7 12:06:26 2025 by rpki-client