Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/zyYFRHKcIrTD9dtbNer5GUgk4uk.roa
File: zyYFRHKcIrTD9dtbNer5GUgk4uk.roa (raw, json)
Hash identifier: j/jB5+az+sxCe92XxmcMBTNdT2rTViq3Gn9CJHgWFM8=
Subject key identifier: CF:26:05:44:72:9C:22:B4:C3:F5:DB:5B:35:EA:F9:19:48:24:E2:E9
Certificate issuer: /CN=b467367967dc763349fd0b50e31f75b823028590
Certificate serial: 0195B2E50AC0C50E668FC0EDFA64102442C0
Authority key identifier: B4:67:36:79:67:DC:76:33:49:FD:0B:50:E3:1F:75:B8:23:02:85:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/zyYFRHKcIrTD9dtbNer5GUgk4uk.roa
Signing time: Thu 20 Mar 2025 09:31:49 +0000
ROA not before: Thu 20 Mar 2025 09:31:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201178
IP address blocks: 37.75.8.0/21 maxlen: 24
185.28.0.0/22 maxlen: 24
185.28.0.0/24 maxlen: 24
185.81.236.0/22 maxlen: 24
185.81.236.0/24 maxlen: 24
185.81.237.0/24 maxlen: 24
185.81.238.0/24 maxlen: 24
185.81.239.0/24 maxlen: 24
185.153.248.0/22 maxlen: 24
185.155.148.0/22 maxlen: 24
185.155.148.0/24 maxlen: 24
185.155.149.0/24 maxlen: 24
185.155.150.0/24 maxlen: 24
185.155.151.0/24 maxlen: 24
195.142.0.0/22 maxlen: 24
195.142.104.0/21 maxlen: 24
195.142.132.0/22 maxlen: 24
2a05:8a00::/29 maxlen: 48
2a05:8a00:6::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b2:e5:0a:c0:c5:0e:66:8f:c0:ed:fa:64:10:24:42:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b467367967dc763349fd0b50e31f75b823028590
Validity
Not Before: Mar 20 09:31:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf260544729c22b4c3f5db5b35eaf9194824e2e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:bb:46:72:59:cc:3a:25:79:a5:01:dd:d8:d3:
9f:4a:68:70:b3:04:81:9e:37:53:f2:41:b8:83:c4:
37:45:a1:26:67:39:18:4f:06:b5:ae:d5:d9:1d:d7:
23:c9:2e:5d:f3:09:ad:cc:21:6b:6d:92:16:df:40:
d0:61:2b:00:58:5a:d9:d9:95:07:11:b7:81:9b:4f:
5e:6a:54:b1:cc:9d:b4:d5:2a:4c:4f:38:ea:72:68:
21:6f:2f:92:ad:bf:87:bb:80:cb:38:08:ac:b6:15:
d0:90:29:b3:94:e8:26:b0:b0:33:14:3e:6b:29:b7:
3c:05:83:b6:5b:6a:11:aa:9d:96:4d:d9:4f:5b:69:
45:fb:88:a5:79:2e:17:02:3b:88:d5:f0:b2:9f:62:
d6:39:3e:b9:1e:b1:55:8f:58:da:fc:f9:78:c9:1c:
9d:c9:67:d3:1f:db:78:a3:ea:3c:ee:26:89:b5:ce:
f5:59:e8:06:b3:8e:fa:27:b5:3f:26:15:38:2b:e6:
e7:7c:1e:91:23:eb:da:c5:f7:bc:31:f2:78:44:9a:
d1:a1:16:6d:82:21:98:9a:1f:e7:79:cf:02:a2:2f:
96:8e:02:61:62:aa:f9:aa:a2:9e:5b:99:38:da:d8:
f1:2f:08:5c:7f:f8:ec:53:68:16:ee:11:2d:b7:dc:
1b:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:26:05:44:72:9C:22:B4:C3:F5:DB:5B:35:EA:F9:19:48:24:E2:E9
X509v3 Authority Key Identifier:
keyid:B4:67:36:79:67:DC:76:33:49:FD:0B:50:E3:1F:75:B8:23:02:85:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/zyYFRHKcIrTD9dtbNer5GUgk4uk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/tGc2eWfcdjNJ_QtQ4x91uCMChZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.75.8.0/21
185.28.0.0/22
185.81.236.0/22
185.153.248.0/22
185.155.148.0/22
195.142.0.0/22
195.142.104.0/21
195.142.132.0/22
IPv6:
2a05:8a00::/29
Signature Algorithm: sha256WithRSAEncryption
6d:1d:e7:7e:e4:32:b0:73:e5:a1:11:fa:f2:54:7e:2f:5c:f0:
05:62:61:30:86:ff:d2:3b:5d:83:e4:a8:54:93:22:45:e2:c6:
93:c1:12:30:d6:b8:e9:29:16:15:6d:a7:97:ee:ee:76:77:33:
f4:fe:af:be:4c:81:b5:0f:18:03:b6:b5:93:f8:7d:a9:46:a0:
f0:55:5f:8b:7f:67:20:da:7f:2f:2a:26:ab:4a:d9:a1:2f:6f:
80:89:40:ca:0b:96:18:ef:45:91:a9:b3:f9:09:2b:e0:ae:a4:
1e:49:2e:d0:e1:28:a9:04:61:ba:c4:7f:d2:2f:20:54:a9:5a:
37:bc:e8:3e:57:ae:8c:1e:c6:83:8c:b8:96:95:e7:ed:57:fa:
1d:40:e7:f0:8a:c3:fa:50:78:f1:92:77:ec:27:ff:80:da:f8:
3d:d4:e8:a8:06:39:1d:29:d9:d2:5f:c6:d3:5d:78:3f:93:ec:
da:fe:21:43:9e:bf:ca:3a:65:51:27:26:3f:a9:3b:f9:10:29:
ee:23:f5:30:43:54:8e:c6:77:56:43:c1:cb:aa:10:d5:d5:de:
58:75:63:4a:98:2f:df:f5:27:23:54:d3:e0:b8:ac:29:93:e6:
b6:e0:81:27:b2:9f:c3:8a:54:cc:9d:74:58:74:0f:c5:3f:ba:
c9:d7:b5:98
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZWy5QrAxQ5mj8Dt+mQQJELAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NjczNjc5NjdkYzc2MzM0OWZkMGI1MGUzMWY3NWI4MjMw
Mjg1OTAwHhcNMjUwMzIwMDkzMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjI2MDU0NDcyOWMyMmI0YzNmNWRiNWIzNWVhZjkxOTQ4MjRlMmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4LtGclnMOiV5pQHd2NOfSmhwswSB
njdT8kG4g8Q3RaEmZzkYTwa1rtXZHdcjyS5d8wmtzCFrbZIW30DQYSsAWFrZ2ZUH
EbeBm09ealSxzJ201SpMTzjqcmghby+Srb+Hu4DLOAisthXQkCmzlOgmsLAzFD5r
Kbc8BYO2W2oRqp2WTdlPW2lF+4ileS4XAjuI1fCyn2LWOT65HrFVj1ja/Pl4yRyd
yWfTH9t4o+o87iaJtc71WegGs476J7U/JhU4K+bnfB6RI+vaxfe8MfJ4RJrRoRZt
giGYmh/nec8Coi+WjgJhYqr5qqKeW5k42tjxLwhcf/jsU2gW7hEtt9wb7QIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFM8mBURynCK0w/XbWzXq+RlIJOLpMB8GA1UdIwQY
MBaAFLRnNnln3HYzSf0LUOMfdbgjAoWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEdjMmVXZmNkak5KX1F0UTR4OTF1Q01DaFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kZmM0ZjItZWQ3ZC00NjEwLTg2MGMt
YjgxMzczYzQwZGM5LzEvenlZRlJIS2NJclREOWR0Yk5lcjVHVWdrNHVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kZmM0ZjItZWQ3ZC00NjEwLTg2MGMtYjgxMzczYzQwZGM5
LzEvdEdjMmVXZmNkak5KX1F0UTR4OTF1Q01DaFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDJUsIAwQC
uRwAAwQCuVHsAwQCuZn4AwQCuZuUAwQCw44AAwQDw45oAwQCw46EMA0EAgACMAcD
BQMqBYoAMA0GCSqGSIb3DQEBCwUAA4IBAQBtHed+5DKwc+WhEfryVH4vXPAFYmEw
hv/SO12D5KhUkyJF4saTwRIw1rjpKRYVbaeX7u52dzP0/q++TIG1DxgDtrWT+H2p
RqDwVV+Lf2cg2n8vKiarStmhL2+AiUDKC5YY70WRqbP5CSvgrqQeSS7Q4SipBGG6
xH/SLyBUqVo3vOg+V66MHsaDjLiWleftV/odQOfwisP6UHjxknfsJ/+A2vg91Oio
BjkdKdnSX8bTXXg/k+za/iFDnr/KOmVRJyY/qTv5ECnuI/UwQ1SOxndWQ8HLqhDV
1d5YdWNKmC/f9ScjVNPguKwpk+a24IEnsp/DilTMnXRYdA/FP7rJ17WY
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:01:45 2025 by rpki-client