Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/910f67-1ffc-41c4-a2ea-f1e65f97c89a/1/zwZQF0vycCjVTXKGPdvngCC8DiM.roa
File: zwZQF0vycCjVTXKGPdvngCC8DiM.roa (raw, json)
Hash identifier: 3IwNNQnob+DFL0Pb8HdxIF5jocGgq3KKZc4IEORySTg=
Subject key identifier: CF:06:50:17:4B:F2:70:28:D5:4D:72:86:3D:DB:E7:80:20:BC:0E:23
Certificate issuer: /CN=fa307821230e7ba81a4d471a591e78ea759c6934
Certificate serial: 019420D5B6FCD63050D752270EE4F628A359
Authority key identifier: FA:30:78:21:23:0E:7B:A8:1A:4D:47:1A:59:1E:78:EA:75:9C:69:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-jB4ISMOe6gaTUcaWR546nWcaTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/910f67-1ffc-41c4-a2ea-f1e65f97c89a/1/zwZQF0vycCjVTXKGPdvngCC8DiM.roa
Signing time: Wed 01 Jan 2025 07:47:44 +0000
ROA not before: Wed 01 Jan 2025 07:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203034
IP address blocks: 185.147.20.0/22 maxlen: 22
2a07:5480::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:b6:fc:d6:30:50:d7:52:27:0e:e4:f6:28:a3:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa307821230e7ba81a4d471a591e78ea759c6934
Validity
Not Before: Jan 1 07:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf0650174bf27028d54d72863ddbe78020bc0e23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:2f:06:01:64:8a:69:72:a3:7a:a6:f4:c1:10:
36:ce:a6:89:41:e5:34:9e:35:30:7c:70:68:53:44:
53:a0:ed:0a:7e:9d:0e:c2:0d:55:6b:89:6e:8b:bf:
ee:43:ff:1d:51:59:f3:b6:c3:9d:7a:44:89:06:e1:
ec:38:0a:e7:6c:39:d5:76:d6:cf:d9:c3:aa:10:5d:
be:d9:42:ea:ad:43:65:bc:f5:9e:48:9a:f7:06:de:
51:9f:89:5b:0a:22:26:68:86:d2:58:a7:2e:6c:00:
e8:ec:bc:b6:1e:61:7c:05:e2:95:9f:ea:68:03:73:
e8:32:4b:70:2a:aa:e1:8f:6d:ea:53:51:d1:7e:a7:
5c:89:a1:40:8a:9b:24:bd:6e:31:74:56:55:8e:d1:
38:43:d8:0c:3d:73:ee:34:12:17:dc:74:1d:7f:e0:
f3:cf:cc:52:6e:45:bf:1c:8d:f4:80:d7:28:28:5f:
86:6c:3d:1e:16:2a:14:06:f9:ce:7d:e6:29:b1:9d:
2e:27:c6:83:07:4d:3b:b9:1a:e9:a3:60:01:a4:f9:
f3:e5:fd:42:3d:93:1b:37:81:d6:08:3f:31:49:20:
10:7a:1e:ec:5c:77:04:e6:d3:53:98:60:33:63:b0:
2c:83:77:ae:38:db:14:b2:e6:9a:65:d6:18:de:60:
c9:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:06:50:17:4B:F2:70:28:D5:4D:72:86:3D:DB:E7:80:20:BC:0E:23
X509v3 Authority Key Identifier:
keyid:FA:30:78:21:23:0E:7B:A8:1A:4D:47:1A:59:1E:78:EA:75:9C:69:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-jB4ISMOe6gaTUcaWR546nWcaTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/910f67-1ffc-41c4-a2ea-f1e65f97c89a/1/zwZQF0vycCjVTXKGPdvngCC8DiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/910f67-1ffc-41c4-a2ea-f1e65f97c89a/1/1-jB4ISMOe6gaTUcaWR546nWcaTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.147.20.0/22
IPv6:
2a07:5480::/29
Signature Algorithm: sha256WithRSAEncryption
1c:f0:6c:41:c4:41:60:df:3e:10:a6:9e:7c:52:ea:f8:32:34:
24:86:a6:f8:7e:32:40:ac:f8:49:a8:00:7e:1b:2e:78:49:11:
1f:c6:d9:e1:72:93:26:35:6e:85:b8:63:c3:a7:f3:93:0b:29:
92:26:a7:4b:95:81:20:36:28:66:3e:76:bd:86:f1:b7:d0:f7:
c6:05:b7:65:ef:97:92:40:ae:c4:9d:6c:10:8d:ae:d7:8d:7f:
04:c2:d5:e7:8d:34:ac:36:e1:cf:fa:3d:2d:9d:73:61:dc:c1:
72:76:52:c6:af:95:77:b3:e6:a6:2c:94:de:e6:fc:69:1b:52:
16:73:9d:b8:36:1a:1a:86:cc:cd:96:c4:b7:f4:b4:35:a8:24:
ae:7a:df:8b:86:a2:37:c1:da:6c:73:05:4e:b2:e8:2b:8f:da:
cf:07:1f:74:7a:4b:a7:b6:f0:96:4a:d1:68:2b:9d:9e:d6:20:
c3:84:99:83:f7:a5:07:5d:c5:09:f2:6f:5a:51:3c:d5:3e:31:
aa:c5:e4:24:3e:e6:81:f9:ba:b5:76:29:52:7e:ae:15:f8:7b:
d4:f3:45:27:38:60:f6:78:89:c8:92:4d:3f:75:f8:dc:2e:f9:
78:80:b3:fe:79:28:fa:3a:30:3a:3d:06:6f:d3:34:e9:7c:8b:
f4:9f:61:76
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQg1bb81jBQ11InDuT2KKNZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhMzA3ODIxMjMwZTdiYTgxYTRkNDcxYTU5MWU3OGVhNzU5
YzY5MzQwHhcNMjUwMTAxMDc0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjA2NTAxNzRiZjI3MDI4ZDU0ZDcyODYzZGRiZTc4MDIwYmMwZTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxC8GAWSKaXKjeqb0wRA2zqaJQeU0
njUwfHBoU0RToO0Kfp0Owg1Va4lui7/uQ/8dUVnztsOdekSJBuHsOArnbDnVdtbP
2cOqEF2+2ULqrUNlvPWeSJr3Bt5Rn4lbCiImaIbSWKcubADo7Ly2HmF8BeKVn+po
A3PoMktwKqrhj23qU1HRfqdciaFAipskvW4xdFZVjtE4Q9gMPXPuNBIX3HQdf+Dz
z8xSbkW/HI30gNcoKF+GbD0eFioUBvnOfeYpsZ0uJ8aDB007uRrpo2ABpPnz5f1C
PZMbN4HWCD8xSSAQeh7sXHcE5tNTmGAzY7Asg3euONsUsuaaZdYY3mDJrwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM8GUBdL8nAo1U1yhj3b54AgvA4jMB8GA1UdIwQY
MBaAFPoweCEjDnuoGk1HGlkeeOp1nGk0MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1qQjRJU01PZTZnYVRVY2FXUjU0Nm5XY2FUUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2UvOTEwZjY3LTFmZmMtNDFjNC1hMmVh
LWYxZTY1Zjk3Yzg5YS8xL3p3WlFGMHZ5Y0NqVlRYS0dQZHZuZ0NDOERpTS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2UvOTEwZjY3LTFmZmMtNDFjNC1hMmVhLWYxZTY1Zjk3Yzg5
YS8xLzEtakI0SVNNT2U2Z2FUVWNhV1I1NDZuV2NhVFEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAK5kxQw
DQQCAAIwBwMFAyoHVIAwDQYJKoZIhvcNAQELBQADggEBABzwbEHEQWDfPhCmnnxS
6vgyNCSGpvh+MkCs+EmoAH4bLnhJER/G2eFykyY1boW4Y8On85MLKZImp0uVgSA2
KGY+dr2G8bfQ98YFt2Xvl5JArsSdbBCNrteNfwTC1eeNNKw24c/6PS2dc2HcwXJ2
UsavlXez5qYslN7m/GkbUhZznbg2GhqGzM2WxLf0tDWoJK5634uGojfB2mxzBU6y
6CuP2s8HH3R6S6e28JZK0WgrnZ7WIMOEmYP3pQddxQnyb1pRPNU+MarF5CQ+5oH5
urV2KVJ+rhX4e9TzRSc4YPZ4iciSTT91+Nwu+XiAs/55KPo6MDo9Bm/TNOl8i/Sf
YXY=
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:31:41 2025 by rpki-client