Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/qZz3SvGEQxpS3h9_gMXpxETrxgg.roa
File: qZz3SvGEQxpS3h9_gMXpxETrxgg.roa (raw, json)
Hash identifier: o7KBM5jIAw/u4jD1JZUP7Uw22auRlxiRF8p8M6lKdIc=
Subject key identifier: A9:9C:F7:4A:F1:84:43:1A:52:DE:1F:7F:80:C5:E9:C4:44:EB:C6:08
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 01944A64BF57B3BA0E20B0CD730BB7635A98
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/qZz3SvGEQxpS3h9_gMXpxETrxgg.roa
Signing time: Thu 09 Jan 2025 09:28:24 +0000
ROA not before: Thu 09 Jan 2025 09:28:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202968
IP address blocks: 78.128.61.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4a:64:bf:57:b3:ba:0e:20:b0:cd:73:0b:b7:63:5a:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Jan 9 09:28:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a99cf74af184431a52de1f7f80c5e9c444ebc608
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f0:21:53:01:32:95:00:1a:17:dd:42:b3:03:
53:8d:6d:b8:0e:1d:15:35:20:3e:85:cc:3c:01:0e:
1b:63:ab:28:25:e3:f6:f2:7e:85:64:e8:ac:e1:67:
16:a1:db:64:7f:f9:9f:80:cc:59:5c:d9:4f:6d:ab:
55:e3:af:63:aa:5b:b2:5d:14:2a:5b:8b:36:64:b9:
f7:25:c6:3a:cc:25:b4:95:c1:78:04:8b:51:90:8b:
a5:8e:ef:90:09:cc:6c:94:72:15:ae:24:ce:c2:a9:
3a:0d:fd:a5:f9:a9:8b:e9:e8:3e:12:9b:c1:01:c4:
96:52:6c:50:b8:b8:a5:45:65:8f:96:3c:5c:8b:5d:
a8:86:a0:17:7b:f5:a8:74:69:46:02:09:2c:c5:0c:
83:7f:36:47:e9:84:93:07:fa:8f:fa:e2:c4:5d:eb:
85:da:1b:40:67:11:ac:15:db:c1:fa:9c:85:5f:94:
0b:0e:a0:14:cc:2c:b7:ec:5a:c2:ca:3b:df:96:52:
d4:16:ef:f8:4d:be:c2:d8:2b:d3:6c:cb:a4:c9:98:
d0:41:ec:3e:c1:56:ad:1f:55:77:a0:e3:a0:3b:d6:
b5:f6:1b:ab:e4:ef:c4:c3:ea:e4:81:48:94:fb:53:
04:b0:9e:2c:51:6d:54:20:78:a4:e5:c2:a7:f5:56:
5d:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:9C:F7:4A:F1:84:43:1A:52:DE:1F:7F:80:C5:E9:C4:44:EB:C6:08
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/qZz3SvGEQxpS3h9_gMXpxETrxgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.128.61.0/24
Signature Algorithm: sha256WithRSAEncryption
41:54:cb:65:57:a7:68:d5:9e:fa:b8:a1:a3:7b:c1:ba:a4:e6:
63:25:5b:7d:67:d2:4b:9e:df:3b:52:95:4b:bf:0c:fd:8f:c5:
74:82:01:11:73:6f:9d:c9:51:d5:5e:c2:a1:6e:0d:85:91:ab:
7e:54:4d:79:8f:18:1d:15:1a:e9:4d:21:e9:9b:88:9d:02:8f:
d8:0f:d1:34:83:22:da:65:71:70:2c:85:19:ab:21:08:6a:3c:
98:98:ac:76:fd:39:9d:2e:13:09:65:d2:a6:37:3f:6a:7a:34:
0b:41:7a:ae:1c:b9:2b:33:66:24:70:67:da:ba:06:80:d0:ba:
e6:6f:56:ae:45:09:ae:85:7a:c6:d1:77:23:15:c2:6f:42:3d:
d9:8c:42:62:55:21:21:cf:dd:04:2c:36:d5:c1:f5:15:aa:c8:
0f:af:00:bc:c4:81:c8:a1:c2:a8:c1:be:4c:92:7a:23:e7:81:
48:37:e9:de:41:6c:7f:01:a5:02:f3:1c:dd:55:4b:fa:12:f8:
24:99:42:17:0e:26:5b:e4:3f:31:dc:21:f1:d9:8d:61:6e:be:
80:3a:40:cc:df:4f:56:e0:ae:9e:11:5b:93:7f:5a:8d:0f:e8:
dd:eb:86:21:fe:b0:5f:d8:6e:1e:4e:df:9e:f8:ba:68:51:89:
07:3e:f2:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRKZL9Xs7oOILDNcwu3Y1qYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwMTA5MDkyODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTljZjc0YWYxODQ0MzFhNTJkZTFmN2Y4MGM1ZTljNDQ0ZWJjNjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/AhUwEylQAaF91CswNTjW24Dh0V
NSA+hcw8AQ4bY6soJeP28n6FZOis4WcWodtkf/mfgMxZXNlPbatV469jqluyXRQq
W4s2ZLn3JcY6zCW0lcF4BItRkIulju+QCcxslHIVriTOwqk6Df2l+amL6eg+EpvB
AcSWUmxQuLilRWWPljxci12ohqAXe/WodGlGAgksxQyDfzZH6YSTB/qP+uLEXeuF
2htAZxGsFdvB+pyFX5QLDqAUzCy37FrCyjvfllLUFu/4Tb7C2CvTbMukyZjQQew+
wVatH1V3oOOgO9a19hur5O/Ew+rkgUiU+1MEsJ4sUW1UIHik5cKn9VZd6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKmc90rxhEMaUt4ff4DF6cRE68YIMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvcVp6M1N2R0VReHBTM2g5X2dNWHB4RVRyeGdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAToA9MA0G
CSqGSIb3DQEBCwUAA4IBAQBBVMtlV6do1Z76uKGje8G6pOZjJVt9Z9JLnt87UpVL
vwz9j8V0ggERc2+dyVHVXsKhbg2Fkat+VE15jxgdFRrpTSHpm4idAo/YD9E0gyLa
ZXFwLIUZqyEIajyYmKx2/TmdLhMJZdKmNz9qejQLQXquHLkrM2YkcGfaugaA0Lrm
b1auRQmuhXrG0XcjFcJvQj3ZjEJiVSEhz90ELDbVwfUVqsgPrwC8xIHIocKowb5M
knoj54FIN+neQWx/AaUC8xzdVUv6EvgkmUIXDiZb5D8x3CHx2Y1hbr6AOkDM309W
4K6eEVuTf1qND+jd64Yh/rBf2G4eTt+e+LpoUYkHPvIw
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:07:14 2025 by rpki-client