Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/62343d-d924-4378-a121-2b68ab2ad2e9/1/ZdGz4CymhkogIUH46nB5-Cy7tiY.roa
File: ZdGz4CymhkogIUH46nB5-Cy7tiY.roa (raw, json)
Hash identifier: bNBZ1Ohs/IhYKFY+2QMMCj3APnbjBSukF3bbxBfUf6w=
Subject key identifier: 65:D1:B3:E0:2C:A6:86:4A:20:21:41:F8:EA:70:79:F8:2C:BB:B6:26
Certificate issuer: /CN=67cfd7fae20d1d34b779dab669b8f0f07c9c34f8
Certificate serial: 018A292D2842A144A5CD373A44D9E6CAD1DA
Authority key identifier: 67:CF:D7:FA:E2:0D:1D:34:B7:79:DA:B6:69:B8:F0:F0:7C:9C:34:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z8_X-uINHTS3edq2abjw8HycNPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/62343d-d924-4378-a121-2b68ab2ad2e9/1/ZdGz4CymhkogIUH46nB5-Cy7tiY.roa
Signing time: Thu 24 Aug 2023 20:12:19 +0000
ROA not before: Thu 24 Aug 2023 20:12:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57152
IP address blocks: 195.85.216.0/24 maxlen: 24
185.242.162.0/24 maxlen: 24
185.242.161.0/24 maxlen: 24
185.242.160.0/24 maxlen: 24
185.242.163.0/24 maxlen: 24
2.56.152.0/24 maxlen: 24
2.56.155.0/24 maxlen: 24
2.56.154.0/24 maxlen: 24
2.56.153.0/24 maxlen: 24
2a09:cfc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:29:2d:28:42:a1:44:a5:cd:37:3a:44:d9:e6:ca:d1:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67cfd7fae20d1d34b779dab669b8f0f07c9c34f8
Validity
Not Before: Aug 24 20:12:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65d1b3e02ca6864a202141f8ea7079f82cbbb626
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:45:88:90:ca:7e:2f:b1:c7:a1:47:e8:f6:47:
67:5f:92:13:fa:cf:67:cf:9d:93:ba:83:e5:2c:45:
19:50:38:db:b5:6e:54:e7:4c:80:16:0b:b2:40:da:
75:b0:4a:42:92:af:7c:b5:06:aa:fd:03:20:1a:96:
a4:f8:38:19:be:fb:6a:e9:9c:4d:e0:02:d9:ea:0f:
24:d9:50:b7:a7:ff:3a:4a:af:dd:e5:b7:69:69:04:
79:e6:b3:06:86:5f:13:2f:17:0f:49:41:5e:5e:b3:
83:7a:1a:11:15:aa:51:c0:dc:8b:64:82:38:de:07:
00:da:d3:e0:91:0a:96:1b:17:92:bb:44:a4:95:1f:
11:1c:93:08:08:ab:12:96:fa:ac:c1:86:db:b3:58:
37:e3:9e:0e:55:f3:e2:f8:42:53:03:2b:ab:a4:c5:
ff:68:d9:3a:2a:0a:ec:e2:92:2c:8f:3f:20:3e:c0:
09:f7:3a:8f:24:58:45:5d:08:a4:46:8a:b1:07:c2:
d2:a0:9a:41:c8:fe:e6:f3:4d:39:ce:4d:6c:20:58:
21:90:cc:8c:32:38:e0:7e:76:15:26:0b:51:58:14:
5a:5d:7b:46:13:fd:72:43:6e:aa:bb:a8:3b:89:c8:
f5:4f:f6:37:f2:73:d2:84:c2:de:5e:83:8c:1f:ab:
d9:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:D1:B3:E0:2C:A6:86:4A:20:21:41:F8:EA:70:79:F8:2C:BB:B6:26
X509v3 Authority Key Identifier:
keyid:67:CF:D7:FA:E2:0D:1D:34:B7:79:DA:B6:69:B8:F0:F0:7C:9C:34:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z8_X-uINHTS3edq2abjw8HycNPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/62343d-d924-4378-a121-2b68ab2ad2e9/1/ZdGz4CymhkogIUH46nB5-Cy7tiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/62343d-d924-4378-a121-2b68ab2ad2e9/1/Z8_X-uINHTS3edq2abjw8HycNPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.152.0/22
185.242.160.0/22
195.85.216.0/24
IPv6:
2a09:cfc0::/29
Signature Algorithm: sha256WithRSAEncryption
42:fc:49:4c:f5:a2:cc:86:52:a2:81:80:54:1d:ef:22:ea:19:
42:95:7c:3a:4e:4f:de:f3:c9:56:93:38:dd:23:3f:ae:26:90:
c4:3e:0d:7e:9d:90:82:78:3f:ae:c8:01:a6:3b:0e:ea:18:d2:
f6:59:4b:2c:82:46:d8:3e:92:b5:b0:ef:b5:ed:34:42:19:a3:
4e:93:03:70:a1:89:73:ef:e5:d3:be:d1:ff:aa:fc:f5:42:9e:
4d:ac:9e:28:b2:c1:0a:c2:71:a3:7e:01:08:12:f2:ef:26:0b:
65:53:b7:60:26:6f:4a:c6:cf:c5:8d:03:2e:72:49:91:f4:f4:
21:75:8c:14:51:68:d5:a6:74:96:6f:4b:52:2b:86:06:5c:fe:
a0:4c:14:1d:44:78:3b:84:12:09:22:2b:17:12:15:89:bd:42:
e6:40:d5:d5:06:4c:5a:e7:cb:ec:d6:bf:1c:bd:13:54:21:ec:
aa:f3:e8:42:18:ed:e0:14:95:50:72:aa:1c:57:b4:df:a4:20:
72:a1:e3:79:24:02:19:e2:28:ce:d4:10:00:db:de:bc:1e:f8:
15:17:71:95:20:32:2c:a3:7a:df:b5:19:1b:b7:0b:50:af:8f:
6a:d0:46:24:69:30:8f:7a:e3:d1:30:dd:58:62:d9:56:95:ae:
0d:e6:fd:48
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYopLShCoUSlzTc6RNnmytHaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3Y2ZkN2ZhZTIwZDFkMzRiNzc5ZGFiNjY5YjhmMGYwN2M5
YzM0ZjgwHhcNMjMwODI0MjAxMjE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWQxYjNlMDJjYTY4NjRhMjAyMTQxZjhlYTcwNzlmODJjYmJiNjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUWIkMp+L7HHoUfo9kdnX5IT+s9n
z52TuoPlLEUZUDjbtW5U50yAFguyQNp1sEpCkq98tQaq/QMgGpak+DgZvvtq6ZxN
4ALZ6g8k2VC3p/86Sq/d5bdpaQR55rMGhl8TLxcPSUFeXrODehoRFapRwNyLZII4
3gcA2tPgkQqWGxeSu0SklR8RHJMICKsSlvqswYbbs1g3454OVfPi+EJTAyurpMX/
aNk6Kgrs4pIsjz8gPsAJ9zqPJFhFXQikRoqxB8LSoJpByP7m8005zk1sIFghkMyM
MjjgfnYVJgtRWBRaXXtGE/1yQ26qu6g7icj1T/Y38nPShMLeXoOMH6vZLQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGXRs+AspoZKICFB+Opwefgsu7YmMB8GA1UdIwQY
MBaAFGfP1/riDR00t3natmm48PB8nDT4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjhfWC11SU5IVFMzZWRxMmFianc4SHljTlBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC82MjM0M2QtZDkyNC00Mzc4LWExMjEt
MmI2OGFiMmFkMmU5LzEvWmRHejRDeW1oa29nSVVINDZuQjUtQ3k3dGlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC82MjM0M2QtZDkyNC00Mzc4LWExMjEtMmI2OGFiMmFkMmU5
LzEvWjhfWC11SU5IVFMzZWRxMmFianc4SHljTlBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCAjiYAwQC
ufKgAwQAw1XYMA0EAgACMAcDBQMqCc/AMA0GCSqGSIb3DQEBCwUAA4IBAQBC/ElM
9aLMhlKigYBUHe8i6hlClXw6Tk/e88lWkzjdIz+uJpDEPg1+nZCCeD+uyAGmOw7q
GNL2WUssgkbYPpK1sO+17TRCGaNOkwNwoYlz7+XTvtH/qvz1Qp5NrJ4ossEKwnGj
fgEIEvLvJgtlU7dgJm9Kxs/FjQMuckmR9PQhdYwUUWjVpnSWb0tSK4YGXP6gTBQd
RHg7hBIJIisXEhWJvULmQNXVBkxa58vs1r8cvRNUIeyq8+hCGO3gFJVQcqocV7Tf
pCByoeN5JAIZ4ijO1BAA2968HvgVF3GVIDIso3rftRkbtwtQr49q0EYkaTCPeuPR
MN1YYtlWla4N5v1I
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:19 2024 by rpki-client on console-fra.rpki-client.org