Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/iZmoIzfE_vw8nTOof6EPPZRCeG0.roa
File: iZmoIzfE_vw8nTOof6EPPZRCeG0.roa (raw, json)
Hash identifier: 7Ap9UmLGFryaoiOy+935UkmB7TJBl9qzDwuJ77bytks=
Subject key identifier: 89:99:A8:23:37:C4:FE:FC:3C:9D:33:A8:7F:A1:0F:3D:94:42:78:6D
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01942748420217CB50DE5FF79518CE73AF68
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/iZmoIzfE_vw8nTOof6EPPZRCeG0.roa
Signing time: Thu 02 Jan 2025 13:50:34 +0000
ROA not before: Thu 02 Jan 2025 13:50:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12381
IP address blocks: 192.71.84.0/24 maxlen: 24
192.121.86.0/24 maxlen: 24
192.121.100.0/24 maxlen: 24
192.121.121.0/24 maxlen: 24
194.14.3.0/24 maxlen: 24
194.68.48.0/24 maxlen: 24
194.68.230.0/24 maxlen: 24
194.71.2.0/24 maxlen: 24
194.71.25.0/24 maxlen: 24
2a01:280:1::/48 maxlen: 48
2a01:280:4::/48 maxlen: 48
2a01:280:5::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:42:02:17:cb:50:de:5f:f7:95:18:ce:73:af:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8999a82337c4fefc3c9d33a87fa10f3d9442786d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:5a:78:0e:38:54:52:f7:cf:08:a5:de:71:a3:
ef:12:6c:c7:e5:c2:83:ab:8d:a1:8a:5e:3c:b1:02:
37:6b:18:89:52:32:dd:ce:cc:fa:98:c5:33:2b:c4:
67:e6:a4:6e:17:c1:48:b8:df:41:9a:6a:ed:c5:66:
79:94:17:c1:ae:fa:d4:8f:d2:91:4c:93:2b:c1:a5:
ca:10:5f:17:ca:84:89:6b:5d:84:b8:5b:d3:4d:ca:
ab:1e:ce:fc:59:f1:26:85:57:e9:81:05:b3:d8:b1:
80:ba:df:7f:f5:2e:45:1e:0f:f6:97:c4:30:3a:d5:
03:0f:89:55:4f:f2:8c:3e:cc:5f:80:31:bd:ce:ba:
cf:81:75:c0:ff:00:62:61:8a:65:b9:95:54:d3:d0:
0d:78:f0:67:38:25:82:f2:7c:b6:ac:d3:f1:10:82:
5f:b0:45:16:60:fd:4d:4e:23:98:58:50:c9:98:3a:
e7:f5:de:53:4b:f4:e1:e5:e1:b5:d4:e0:d3:a4:dc:
8d:aa:1d:ec:42:cb:aa:69:1f:e5:66:11:55:b8:e7:
4c:97:60:8d:c3:33:c0:76:83:35:d4:60:c8:ea:f0:
06:11:9b:4f:85:f3:e2:d6:ca:9d:f1:5b:46:78:f3:
13:4a:ce:16:74:c9:61:86:c0:e1:43:9b:7d:5c:6a:
78:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:99:A8:23:37:C4:FE:FC:3C:9D:33:A8:7F:A1:0F:3D:94:42:78:6D
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/iZmoIzfE_vw8nTOof6EPPZRCeG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.84.0/24
192.121.86.0/24
192.121.100.0/24
192.121.121.0/24
194.14.3.0/24
194.68.48.0/24
194.68.230.0/24
194.71.2.0/24
194.71.25.0/24
IPv6:
2a01:280:1::/48
2a01:280:4::/47
Signature Algorithm: sha256WithRSAEncryption
7c:28:c8:2e:cc:c5:c8:d2:63:56:fb:d6:46:6b:12:7b:78:9a:
78:98:6e:33:f4:c6:c3:d7:00:e0:87:f4:23:0d:b5:0e:54:06:
e4:8f:4c:6e:e3:98:37:64:14:da:1d:bf:2d:52:9b:0d:b2:cc:
8e:c0:4d:30:79:ca:50:31:09:cb:f0:3c:c7:47:c1:bf:0b:33:
94:d0:f7:bc:af:89:bd:1a:19:fc:7d:61:80:42:26:d0:13:94:
c8:2c:c3:54:5a:8b:38:3d:c9:87:fc:62:24:fb:cb:7d:44:89:
e4:6b:32:4a:b5:d1:96:5a:81:53:09:de:d2:08:86:8c:b8:1b:
18:91:b2:48:70:96:90:2e:0e:30:1d:d2:7a:c9:c1:36:99:75:
5f:62:b4:e9:f6:0b:c9:76:71:06:fa:fd:2e:10:03:42:7f:66:
28:63:eb:7f:f8:26:99:8d:4b:8b:0e:41:55:bc:e4:75:a6:05:
36:4c:56:77:37:a7:e4:78:ab:77:14:6a:07:b2:ed:48:f5:d0:
09:95:9b:db:3c:19:29:52:e8:d0:f9:b2:b1:5b:71:5b:47:b1:
75:99:4f:56:f7:6d:19:b1:02:97:f9:e8:83:1c:83:d7:92:d4:
ba:f9:a1:72:e5:04:f1:cf:ef:62:6c:52:17:9e:e2:73:98:2a:
11:10:df:d3
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZQnSEICF8tQ3l/3lRjOc69oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTk5YTgyMzM3YzRmZWZjM2M5ZDMzYTg3ZmExMGYzZDk0NDI3ODZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1p4DjhUUvfPCKXecaPvEmzH5cKD
q42hil48sQI3axiJUjLdzsz6mMUzK8Rn5qRuF8FIuN9BmmrtxWZ5lBfBrvrUj9KR
TJMrwaXKEF8XyoSJa12EuFvTTcqrHs78WfEmhVfpgQWz2LGAut9/9S5FHg/2l8Qw
OtUDD4lVT/KMPsxfgDG9zrrPgXXA/wBiYYpluZVU09ANePBnOCWC8ny2rNPxEIJf
sEUWYP1NTiOYWFDJmDrn9d5TS/Th5eG11ODTpNyNqh3sQsuqaR/lZhFVuOdMl2CN
wzPAdoM11GDI6vAGEZtPhfPi1sqd8VtGePMTSs4WdMlhhsDhQ5t9XGp4TwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFImZqCM3xP78PJ0zqH+hDz2UQnhtMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvaVptb0l6ZkVfdnc4blRPb2Y2RVBQWlJDZUcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDA8BAIAATA2AwQAwEdUAwQA
wHlWAwQAwHlkAwQAwHl5AwQAwg4DAwQAwkQwAwQAwkTmAwQAwkcCAwQAwkcZMBgE
AgACMBIDBwAqAQKAAAEDBwEqAQKAAAQwDQYJKoZIhvcNAQELBQADggEBAHwoyC7M
xcjSY1b71kZrEnt4mniYbjP0xsPXAOCH9CMNtQ5UBuSPTG7jmDdkFNodvy1Smw2y
zI7ATTB5ylAxCcvwPMdHwb8LM5TQ97yvib0aGfx9YYBCJtATlMgsw1Raizg9yYf8
YiT7y31EieRrMkq10ZZagVMJ3tIIhoy4GxiRskhwlpAuDjAd0nrJwTaZdV9itOn2
C8l2cQb6/S4QA0J/Zihj63/4JpmNS4sOQVW85HWmBTZMVnc3p+R4q3cUagey7Uj1
0AmVm9s8GSlS6ND5srFbcVtHsXWZT1b3bRmxApf56IMcg9eS1Lr5oXLlBPHP72Js
Uhee4nOYKhEQ39M=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:46 2025 by rpki-client