Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/SZhw_DulRCOwr18Rg6mFyTs0r0M.roa
File: SZhw_DulRCOwr18Rg6mFyTs0r0M.roa (raw, json)
Hash identifier: kgmzMLEzFjGDdAqcrhzt7obQ0lu5yHl0Jcoeq0tbg+s=
Subject key identifier: 49:98:70:FC:3B:A5:44:23:B0:AF:5F:11:83:A9:85:C9:3B:34:AF:43
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0194274855D71E5994155D2E5C5C6001A52E
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/SZhw_DulRCOwr18Rg6mFyTs0r0M.roa
Signing time: Thu 02 Jan 2025 13:50:39 +0000
ROA not before: Thu 02 Jan 2025 13:50:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43065
IP address blocks: 192.71.21.0/24 maxlen: 24
193.183.196.0/22 maxlen: 22
194.14.132.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:55:d7:1e:59:94:15:5d:2e:5c:5c:60:01:a5:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=499870fc3ba54423b0af5f1183a985c93b34af43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:24:4f:87:e4:29:cd:66:0f:b4:a5:9d:4b:ad:
fa:53:c8:ae:2a:e9:eb:16:c5:eb:af:3b:d1:10:26:
17:3f:69:fd:0c:10:25:1a:1e:a5:6d:f4:7d:a1:88:
f8:f8:a5:ad:52:3f:04:d2:59:e6:3c:58:8a:bf:e9:
8e:f7:a9:15:65:15:88:18:09:50:92:cf:0a:b3:c6:
53:02:e4:2f:90:62:30:0b:36:43:5e:b3:de:4f:66:
59:5b:78:5f:e7:76:18:16:97:88:34:40:7f:8f:04:
cf:82:d4:1f:53:49:82:28:84:a7:6e:f0:ef:3c:02:
3b:df:2a:6e:84:d3:7d:97:c3:74:df:00:94:ea:57:
47:c7:ba:96:31:ae:7f:81:19:26:77:f3:41:90:0b:
b3:7e:4e:33:9e:83:29:17:97:06:08:d3:82:b3:d4:
b4:20:6c:10:b1:3d:bb:57:40:ad:88:e9:3e:1d:92:
b5:85:96:e3:9c:49:f9:cb:0c:9e:b5:bb:11:8e:f5:
f0:b4:92:17:77:b0:72:ed:25:50:5c:44:11:ad:98:
ad:83:3c:53:a8:ee:e0:2e:e6:a0:b5:1b:4a:49:fa:
85:9c:f7:fe:73:cd:db:aa:63:f7:0b:65:1d:c9:6b:
dd:d2:7c:a9:84:18:dd:a6:3e:21:eb:67:b0:0f:1f:
52:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:98:70:FC:3B:A5:44:23:B0:AF:5F:11:83:A9:85:C9:3B:34:AF:43
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/SZhw_DulRCOwr18Rg6mFyTs0r0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.21.0/24
193.183.196.0/22
194.14.132.0/24
Signature Algorithm: sha256WithRSAEncryption
16:0e:52:9a:9f:c4:bb:36:6d:aa:01:f2:47:8e:be:09:97:d5:
fa:9e:69:10:0b:2c:db:69:d9:24:68:e6:85:a0:ec:91:00:9b:
8c:1d:08:69:44:5e:e5:65:77:58:73:2c:d3:dc:a2:f1:ca:97:
b6:fd:79:f1:bd:e4:1f:b1:a7:3b:fb:01:0c:b2:b1:b2:5e:4f:
b1:00:84:20:c1:cc:db:ca:3a:9c:39:96:a1:4a:a9:bf:34:80:
18:ef:43:ba:4b:b3:4f:ad:9d:ad:e9:d6:d5:11:75:7c:ca:c6:
4e:73:02:ba:48:d5:86:8b:d7:d2:a7:69:95:0f:ae:ed:87:3d:
83:33:d7:75:32:27:59:c4:d4:73:0e:7d:56:85:22:28:af:26:
17:d0:f8:b9:73:a8:65:2b:e2:28:11:40:91:64:a8:16:75:ee:
92:0e:b9:aa:ae:64:f7:26:2b:dc:1c:80:03:33:c3:35:20:7a:
0d:d4:0f:a9:5f:42:5f:6a:7b:bb:2f:34:91:d2:33:e2:04:58:
b4:98:4b:83:37:f1:a8:65:22:46:d9:65:84:9e:82:42:de:f3:
12:ff:ed:8d:d5:70:44:d4:d9:ab:06:28:d3:39:f5:65:a1:95:
a4:52:6a:5c:ac:c2:26:4e:55:e9:61:b0:08:7f:a8:6e:35:98:
30:6c:f4:26
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQnSFXXHlmUFV0uXFxgAaUuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTk4NzBmYzNiYTU0NDIzYjBhZjVmMTE4M2E5ODVjOTNiMzRhZjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiRPh+QpzWYPtKWdS636U8iuKunr
FsXrrzvRECYXP2n9DBAlGh6lbfR9oYj4+KWtUj8E0lnmPFiKv+mO96kVZRWIGAlQ
ks8Ks8ZTAuQvkGIwCzZDXrPeT2ZZW3hf53YYFpeINEB/jwTPgtQfU0mCKISnbvDv
PAI73ypuhNN9l8N03wCU6ldHx7qWMa5/gRkmd/NBkAuzfk4znoMpF5cGCNOCs9S0
IGwQsT27V0CtiOk+HZK1hZbjnEn5ywyetbsRjvXwtJIXd7By7SVQXEQRrZitgzxT
qO7gLuagtRtKSfqFnPf+c83bqmP3C2UdyWvd0nyphBjdpj4h62ewDx9SbwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEmYcPw7pUQjsK9fEYOphck7NK9DMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvU1pod19EdWxSQ093cjE4Umc2bUZ5VHMwcjBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwEcVAwQC
wbfEAwQAwg6EMA0GCSqGSIb3DQEBCwUAA4IBAQAWDlKan8S7Nm2qAfJHjr4Jl9X6
nmkQCyzbadkkaOaFoOyRAJuMHQhpRF7lZXdYcyzT3KLxype2/XnxveQfsac7+wEM
srGyXk+xAIQgwczbyjqcOZahSqm/NIAY70O6S7NPrZ2t6dbVEXV8ysZOcwK6SNWG
i9fSp2mVD67thz2DM9d1MidZxNRzDn1WhSIoryYX0Pi5c6hlK+IoEUCRZKgWde6S
DrmqrmT3JivcHIADM8M1IHoN1A+pX0Jfanu7LzSR0jPiBFi0mEuDN/GoZSJG2WWE
noJC3vMS/+2N1XBE1NmrBijTOfVloZWkUmpcrMImTlXpYbAIf6huNZgwbPQm
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:00 2025 by rpki-client