Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/3ZrTsc07CCO8MHgF6VuL1EnP4_Q.roa
File: 3ZrTsc07CCO8MHgF6VuL1EnP4_Q.roa (raw, json)
Hash identifier: ywFhq25HwMuwE3WSdGO7BAZuQP7Mn3cy4UOjhDKLDQk=
Subject key identifier: DD:9A:D3:B1:CD:3B:08:23:BC:30:78:05:E9:5B:8B:D4:49:CF:E3:F4
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01856CCB0CA507A8EBCEE9F7CBD5BD8AD5E6
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/3ZrTsc07CCO8MHgF6VuL1EnP4_Q.roa
Signing time: Sun 01 Jan 2023 10:05:24 +0000
ROA not before: Sun 01 Jan 2023 10:05:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206884
IP address blocks: 194.14.76.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:cb:0c:a5:07:a8:eb:ce:e9:f7:cb:d5:bd:8a:d5:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 10:05:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd9ad3b1cd3b0823bc307805e95b8bd449cfe3f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:7d:e1:03:ef:d6:e1:b9:35:ef:44:bf:0d:e3:
a6:57:dc:aa:87:b9:96:90:7b:8a:17:f7:73:82:68:
fe:53:31:67:5b:d7:7a:ce:72:ad:67:85:0a:84:f0:
7e:4f:3b:62:b2:17:e5:1c:12:f2:54:e3:7c:4d:48:
23:92:81:3c:28:b2:af:d2:fa:49:20:1e:b8:be:48:
d6:27:e3:2d:52:c0:80:49:17:1f:a7:e0:bf:fb:f7:
99:c0:af:7b:8f:7b:3a:f8:cb:91:7b:15:71:06:a6:
02:e8:93:d6:cd:1f:3d:55:ae:15:77:7a:05:c6:22:
99:01:7f:51:7b:a6:84:ab:bc:17:7a:5b:03:49:8d:
15:52:3e:ae:56:48:89:ba:53:ff:c9:94:17:b7:68:
8c:ed:b1:54:98:49:64:d6:5f:db:3a:8e:54:05:d8:
8e:69:6b:70:87:2d:f1:8c:8d:70:a8:7e:91:89:c3:
08:04:08:a6:d8:dc:b6:15:04:9f:1f:a5:e6:89:4c:
97:0c:f1:49:a0:48:d6:d1:a8:84:b6:79:30:51:48:
af:34:14:a0:89:b9:ac:dc:90:ef:a3:92:e0:7d:93:
1d:c6:40:f4:e9:07:f2:66:98:33:95:37:a1:49:ae:
9b:a8:e1:11:61:15:06:38:5b:15:c3:34:6b:3d:25:
5f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:9A:D3:B1:CD:3B:08:23:BC:30:78:05:E9:5B:8B:D4:49:CF:E3:F4
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/3ZrTsc07CCO8MHgF6VuL1EnP4_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.14.76.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:92:aa:8e:f6:76:34:96:b4:da:8c:c0:16:f8:2f:69:8c:2b:
a8:89:c4:9e:cc:1e:64:6b:14:13:2f:9c:65:e5:11:3c:d5:61:
47:49:c2:95:32:0b:e5:ec:89:03:30:3d:47:fa:c3:8d:88:99:
34:f1:93:5d:33:93:d6:79:07:6d:94:7d:59:d3:1c:80:62:46:
38:7b:b2:e3:c7:30:36:e8:5f:bd:75:f4:50:b5:98:bb:88:a5:
d1:a1:97:b6:e5:96:86:a7:68:13:3c:e6:8b:6a:7c:e5:1f:d9:
db:91:be:a7:5f:3a:2c:d9:4b:59:9f:88:d1:46:c0:09:d0:be:
78:17:ab:7d:4a:15:88:08:b3:23:98:86:ad:c5:b2:6c:10:7c:
d7:8f:ce:30:24:68:5a:b1:1f:65:6b:1c:e4:b2:42:4b:4f:28:
3e:85:6d:4a:b2:0f:7c:d6:fe:5e:53:c5:b0:41:81:e2:69:e7:
b9:84:ba:00:e9:2f:ea:f4:ca:2e:a5:b2:9f:d4:a9:68:bb:b8:
bd:1a:33:e6:9e:f0:52:db:22:7f:96:03:3a:ea:e2:7f:39:03:
89:e8:1d:71:8c:99:8d:8c:07:eb:c1:20:c6:a4:e3:f8:0a:70:
34:4d:7a:df:fc:27:a1:f4:1b:87:07:a3:00:87:a2:62:c3:a7:
b6:0a:52:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsywylB6jrzun3y9W9itXmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTAxMTAwNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDlhZDNiMWNkM2IwODIzYmMzMDc4MDVlOTViOGJkNDQ5Y2ZlM2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAon3hA+/W4bk170S/DeOmV9yqh7mW
kHuKF/dzgmj+UzFnW9d6znKtZ4UKhPB+TztishflHBLyVON8TUgjkoE8KLKv0vpJ
IB64vkjWJ+MtUsCASRcfp+C/+/eZwK97j3s6+MuRexVxBqYC6JPWzR89Va4Vd3oF
xiKZAX9Re6aEq7wXelsDSY0VUj6uVkiJulP/yZQXt2iM7bFUmElk1l/bOo5UBdiO
aWtwhy3xjI1wqH6RicMIBAim2Ny2FQSfH6XmiUyXDPFJoEjW0aiEtnkwUUivNBSg
ibms3JDvo5LgfZMdxkD06QfyZpgzlTehSa6bqOERYRUGOFsVwzRrPSVfTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN2a07HNOwgjvDB4Belbi9RJz+P0MB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvM1pyVHNjMDdDQ084TUhnRjZWdUwxRW5QNF9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwg5MMA0G
CSqGSIb3DQEBCwUAA4IBAQC1kqqO9nY0lrTajMAW+C9pjCuoicSezB5kaxQTL5xl
5RE81WFHScKVMgvl7IkDMD1H+sONiJk08ZNdM5PWeQdtlH1Z0xyAYkY4e7LjxzA2
6F+9dfRQtZi7iKXRoZe25ZaGp2gTPOaLanzlH9nbkb6nXzos2UtZn4jRRsAJ0L54
F6t9ShWICLMjmIatxbJsEHzXj84wJGhasR9laxzkskJLTyg+hW1Ksg981v5eU8Ww
QYHiaee5hLoA6S/q9MoupbKf1Klou7i9GjPmnvBS2yJ/lgM66uJ/OQOJ6B1xjJmN
jAfrwSDGpOP4CnA0TXrf/Ceh9BuHB6MAh6Jiw6e2ClI+
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:15 2025 by rpki-client