Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/zFhamUyyFwQG9g8KbaW-YOXGMjQ.roa
File: zFhamUyyFwQG9g8KbaW-YOXGMjQ.roa (raw, json)
Hash identifier: n6U1H4v656RgfYMqwDwj3MUm+h81mebdXb8p0QwEav0=
Subject key identifier: CC:58:5A:99:4C:B2:17:04:06:F6:0F:0A:6D:A5:BE:60:E5:C6:32:34
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 427A55EE
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/zFhamUyyFwQG9g8KbaW-YOXGMjQ.roa
Signing time: Sat 01 Jan 2022 14:03:19 +0000
ROA not before: Sat 01 Jan 2022 14:03:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57169
IP address blocks: 192.71.233.0/24 maxlen: 24
192.36.38.0/24 maxlen: 24
192.36.39.0/24 maxlen: 24
192.71.247.0/24 maxlen: 24
192.121.170.0/24 maxlen: 24
192.36.56.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1115313646 (0x427a55ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 14:03:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cc585a994cb2170406f60f0a6da5be60e5c63234
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7c:64:0f:d8:77:6d:06:6b:2f:b6:60:86:c4:
bb:75:76:2f:5a:53:60:89:cf:70:00:1d:db:69:0c:
6f:09:e1:17:55:8d:f2:ff:10:8a:3f:49:ef:61:67:
0c:fa:e5:b8:95:f9:c0:fb:1f:a2:e7:0b:0f:ea:af:
62:5f:18:60:31:c2:39:49:c7:9b:0b:17:ff:f5:c2:
6b:f1:fa:8d:69:d6:4b:d8:18:c6:de:01:cd:fc:f4:
3a:a0:df:f4:28:06:8d:15:99:73:95:98:6e:4c:4d:
83:c7:7d:bf:59:7a:2b:05:38:5a:f1:42:90:47:96:
e9:0f:59:05:08:90:f8:7b:35:50:f7:e9:01:a7:93:
70:3a:3a:1b:48:e3:63:ee:7e:75:d8:f6:5d:17:1c:
d2:ad:7d:f7:15:8c:47:57:86:32:93:56:5a:80:f8:
93:6d:b5:4b:be:48:b7:42:b5:08:c8:07:42:4d:eb:
5c:f4:14:3f:30:48:77:88:f7:de:c9:48:80:a6:fe:
9c:52:3d:33:57:c2:7a:95:e8:11:d3:15:57:01:9b:
f0:6d:e5:51:1d:74:22:09:69:75:4f:57:54:81:89:
4f:53:68:4f:2c:0d:eb:f8:a5:8e:1f:60:bb:20:86:
36:e6:91:5c:c9:23:3d:4b:ef:0e:63:48:3b:70:20:
4d:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:58:5A:99:4C:B2:17:04:06:F6:0F:0A:6D:A5:BE:60:E5:C6:32:34
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/zFhamUyyFwQG9g8KbaW-YOXGMjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.38.0/23
192.36.56.0/24
192.71.233.0/24
192.71.247.0/24
192.121.170.0/24
Signature Algorithm: sha256WithRSAEncryption
52:3b:40:40:d6:eb:99:47:55:37:96:af:e7:de:31:12:2b:aa:
5e:48:50:f2:1d:90:e5:7c:82:a0:2e:00:a5:78:ff:87:30:aa:
6e:00:4b:8a:eb:9a:57:4b:32:fa:43:02:03:8f:1e:46:05:72:
37:00:0e:18:ea:ff:f5:ea:2b:05:d6:b2:14:7b:ea:4b:80:fd:
41:5d:72:c0:14:06:cd:bb:d2:e7:a6:5f:46:6c:40:d2:c0:6e:
01:c0:36:9c:1e:da:8a:30:a2:f9:aa:c6:0e:9c:44:f2:d6:33:
ec:e8:66:49:ad:f3:62:df:f4:ba:46:e8:5a:37:2a:dd:b6:a2:
88:da:c0:1f:da:20:49:15:0b:16:ef:83:4f:76:ed:c3:b9:0a:
9c:fe:20:0d:6a:be:78:72:65:25:9e:26:0f:f5:dd:0a:39:27:
55:e6:ec:7f:da:6e:cd:49:f3:04:08:3f:cb:30:c4:79:28:08:
97:f5:0d:9f:40:23:f2:8f:02:3b:bb:2a:9e:a2:5a:ac:c3:a2:
f6:80:c7:0a:2f:a0:ba:14:ff:c7:3a:4d:e2:bd:76:65:cb:ec:
7d:20:d4:7d:3a:dd:6b:28:62:9a:66:43:ec:26:84:6a:ad:b2:
1b:23:ba:b2:58:68:19:4a:97:31:15:26:17:5d:34:b7:be:9e:
ef:43:27:2a
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEQnpV7jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTM1YzdmNTcxZWVmZWI2NzQwNGFiNmM0NWZkNDc1NTUxYWRhZjFiMB4XDTIyMDEw
MTE0MDMxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2M1ODVhOTk0Y2Iy
MTcwNDA2ZjYwZjBhNmRhNWJlNjBlNWM2MzIzNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKt8ZA/Yd20Gay+2YIbEu3V2L1pTYInPcAAd22kMbwnhF1WN
8v8Qij9J72FnDPrluJX5wPsfoucLD+qvYl8YYDHCOUnHmwsX//XCa/H6jWnWS9gY
xt4Bzfz0OqDf9CgGjRWZc5WYbkxNg8d9v1l6KwU4WvFCkEeW6Q9ZBQiQ+Hs1UPfp
AaeTcDo6G0jjY+5+ddj2XRcc0q199xWMR1eGMpNWWoD4k221S75It0K1CMgHQk3r
XPQUPzBId4j33slIgKb+nFI9M1fCepXoEdMVVwGb8G3lUR10IglpdU9XVIGJT1No
TywN6/iljh9guyCGNuaRXMkjPUvvDmNIO3AgTa0CAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBTMWFqZTLIXBAb2Dwptpb5g5cYyNDAfBgNVHSMEGDAWgBQhNcf1ce7+tnQE
q2xF/UdVUa2vGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8x
L3pGaGFtVXl5RndRRzlnOEtiYVctWU9YR01qUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8xL0lUWEg5WEh1X3Ja
MEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAcAkJgMEAMAkOAMEAMBH6QMEAMBH
9wMEAMB5qjANBgkqhkiG9w0BAQsFAAOCAQEAUjtAQNbrmUdVN5av594xEiuqXkhQ
8h2Q5XyCoC4ApXj/hzCqbgBLiuuaV0sy+kMCA48eRgVyNwAOGOr/9eorBdayFHvq
S4D9QV1ywBQGzbvS56ZfRmxA0sBuAcA2nB7aijCi+arGDpxE8tYz7OhmSa3zYt/0
ukboWjcq3baiiNrAH9ogSRULFu+DT3btw7kKnP4gDWq+eHJlJZ4mD/XdCjknVebs
f9puzUnzBAg/yzDEeSgIl/UNn0Aj8o8CO7sqnqJarMOi9oDHCi+guhT/xzpN4r12
ZcvsfSDUfTrdayhimmZD7CaEaq2yGyO6slhoGUqXMRUmF100t76e70MnKg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:57 2025 by rpki-client