Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/zEB37gXUrSTrdrMtSJeHqvNIC68.roa
File: zEB37gXUrSTrdrMtSJeHqvNIC68.roa (raw, json)
Hash identifier: KENt0h2kUU+p0oJoXC3LU6qIs8YSLarOrcEAzDbMNrU=
Subject key identifier: CC:40:77:EE:05:D4:AD:24:EB:76:B3:2D:48:97:87:AA:F3:48:0B:AF
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01953CC734BC297302003E8E756CF01207DC
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/zEB37gXUrSTrdrMtSJeHqvNIC68.roa
Signing time: Tue 25 Feb 2025 11:04:02 +0000
ROA not before: Tue 25 Feb 2025 11:04:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202673
IP address blocks: 185.221.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3c:c7:34:bc:29:73:02:00:3e:8e:75:6c:f0:12:07:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Feb 25 11:04:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc4077ee05d4ad24eb76b32d489787aaf3480baf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:21:24:6a:97:7d:e8:18:2f:13:66:06:d3:b5:
c4:8e:7c:d5:f8:09:72:ef:5a:b3:20:00:a2:5e:43:
0e:c9:53:03:4e:b9:1a:f7:66:97:24:e3:f7:13:ab:
33:bb:64:ae:d7:ec:7b:b1:da:17:cd:b2:b5:ea:7e:
84:d3:69:f9:fe:43:a2:b9:5d:e1:33:3c:c0:14:4a:
c5:96:35:7a:9f:75:77:1e:e9:5b:e6:15:b4:36:a8:
49:3e:29:28:32:69:9b:38:61:89:39:fc:6c:59:d6:
46:92:48:e5:d3:5e:3f:28:07:d9:29:d3:eb:bc:70:
7e:07:48:0b:b1:e2:55:97:6d:1a:6e:09:37:9a:ee:
58:e5:45:67:40:48:b2:ab:c1:46:74:4a:75:14:30:
b8:a4:b6:63:57:d9:a6:f9:77:37:ea:ef:9b:d6:41:
8e:ca:91:32:3f:cc:36:2b:21:ee:65:0b:3f:df:1a:
69:1f:5b:82:34:78:5e:3a:35:c2:a0:02:fc:29:82:
3c:5c:7d:65:21:8d:c6:ef:4f:be:f7:94:7c:25:c7:
c5:c8:e9:25:b0:21:ed:c4:62:bb:86:6e:dc:11:74:
98:5f:95:a2:ad:cb:3c:f4:ec:0e:30:06:3d:8f:77:
c8:06:3f:f8:57:62:9a:53:08:e9:c5:77:76:7f:9b:
2c:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:40:77:EE:05:D4:AD:24:EB:76:B3:2D:48:97:87:AA:F3:48:0B:AF
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/zEB37gXUrSTrdrMtSJeHqvNIC68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.20.0/24
Signature Algorithm: sha256WithRSAEncryption
67:bd:28:95:2c:ed:46:1c:75:03:9c:68:0c:b0:2a:07:a4:93:
06:75:78:0c:37:8e:ae:b2:f0:a5:6a:c9:d8:a8:43:34:b4:dd:
5c:d0:d1:86:bb:f9:35:c3:ca:ae:9f:88:39:0c:5e:a8:82:62:
5a:c0:6a:a2:b9:14:8b:7b:40:af:bc:5b:e2:03:cc:24:d8:34:
8b:84:97:f1:7b:97:39:a4:01:35:7e:45:dd:c0:2b:7d:c6:2d:
8b:4b:ca:3e:07:85:b9:f8:eb:c2:1e:bf:98:33:b0:a6:95:ab:
0f:da:f6:1b:b1:c6:f0:fc:19:ff:6a:00:ac:eb:e5:81:ff:d2:
8f:cb:cd:1b:30:1e:63:5e:fb:0a:fb:3a:c9:c8:07:fa:1e:04:
27:83:b5:08:ff:98:b9:34:19:70:48:01:c8:b2:5a:da:3a:9e:
5a:06:0f:38:39:7b:85:3e:c5:9f:bc:0b:6e:7b:b2:d0:76:37:
19:b7:e6:41:56:39:4e:41:ed:26:9a:a7:a5:de:5c:63:3a:2e:
1c:83:10:76:b6:da:36:71:1a:e0:0c:3c:50:0e:89:2e:5e:36:
ab:6a:57:e9:ef:a5:7f:8d:8c:9f:27:0e:63:93:bb:d3:21:22:
7b:86:6e:e6:95:14:a5:e9:7b:00:fd:68:fe:0c:64:44:43:51:
16:0f:d7:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZU8xzS8KXMCAD6OdWzwEgfcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMjI1MTEwNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzQwNzdlZTA1ZDRhZDI0ZWI3NmIzMmQ0ODk3ODdhYWYzNDgwYmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiEkapd96BgvE2YG07XEjnzV+Aly
71qzIACiXkMOyVMDTrka92aXJOP3E6szu2Su1+x7sdoXzbK16n6E02n5/kOiuV3h
MzzAFErFljV6n3V3Hulb5hW0NqhJPikoMmmbOGGJOfxsWdZGkkjl014/KAfZKdPr
vHB+B0gLseJVl20abgk3mu5Y5UVnQEiyq8FGdEp1FDC4pLZjV9mm+Xc36u+b1kGO
ypEyP8w2KyHuZQs/3xppH1uCNHheOjXCoAL8KYI8XH1lIY3G70++95R8JcfFyOkl
sCHtxGK7hm7cEXSYX5Wircs89OwOMAY9j3fIBj/4V2KaUwjpxXd2f5ss8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMxAd+4F1K0k63azLUiXh6rzSAuvMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvekVCMzdnWFVyU1RyZHJNdFNKZUhxdk5JQzY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud0UMA0G
CSqGSIb3DQEBCwUAA4IBAQBnvSiVLO1GHHUDnGgMsCoHpJMGdXgMN46usvClasnY
qEM0tN1c0NGGu/k1w8qun4g5DF6ogmJawGqiuRSLe0CvvFviA8wk2DSLhJfxe5c5
pAE1fkXdwCt9xi2LS8o+B4W5+OvCHr+YM7CmlasP2vYbscbw/Bn/agCs6+WB/9KP
y80bMB5jXvsK+zrJyAf6HgQng7UI/5i5NBlwSAHIslraOp5aBg84OXuFPsWfvAtu
e7LQdjcZt+ZBVjlOQe0mmqel3lxjOi4cgxB2tto2cRrgDDxQDokuXjaralfp76V/
jYyfJw5jk7vTISJ7hm7mlRSl6XsA/Wj+DGREQ1EWD9d3
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:09:18 2025 by rpki-client