Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/81dc62-b3cc-4f99-aa42-c10f782fb07f/1/mzKfcsB_6SZ92dtoyTzdmZT_D5Q.roa
File: mzKfcsB_6SZ92dtoyTzdmZT_D5Q.roa (raw, json)
Hash identifier: W3oo5zZMXU2kzBLMgAMNFTy/16dWodtGflb0+ZEqPmA=
Subject key identifier: 9B:32:9F:72:C0:7F:E9:26:7D:D9:DB:68:C9:3C:DD:99:94:FF:0F:94
Certificate issuer: /CN=587d8b0e7546351176cc0c6e51ed4520abe04ef1
Certificate serial: 019426D943D4C85593224E907AE43B9F4585
Authority key identifier: 58:7D:8B:0E:75:46:35:11:76:CC:0C:6E:51:ED:45:20:AB:E0:4E:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WH2LDnVGNRF2zAxuUe1FIKvgTvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/81dc62-b3cc-4f99-aa42-c10f782fb07f/1/mzKfcsB_6SZ92dtoyTzdmZT_D5Q.roa
Signing time: Thu 02 Jan 2025 11:49:20 +0000
ROA not before: Thu 02 Jan 2025 11:49:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60781
IP address blocks: 185.71.60.0/22 maxlen: 22
2a03:38a0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:43:d4:c8:55:93:22:4e:90:7a:e4:3b:9f:45:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=587d8b0e7546351176cc0c6e51ed4520abe04ef1
Validity
Not Before: Jan 2 11:49:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b329f72c07fe9267dd9db68c93cdd9994ff0f94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:15:05:20:ec:73:f8:6c:7d:fb:39:ec:34:78:
ed:dd:ae:fc:0a:b3:0b:95:47:51:72:23:b2:d0:6b:
8d:81:aa:23:2d:cd:d1:7c:e9:72:b5:6f:f3:97:5f:
7d:89:44:20:8a:67:2c:1e:da:5f:28:c3:16:44:40:
01:92:18:fd:58:8f:ee:a7:15:ef:1c:e6:31:a8:dc:
d4:22:7f:e2:c6:81:54:e8:76:a7:df:73:6a:2a:63:
5f:74:01:5e:40:92:78:b1:33:bb:8d:6a:f7:41:c3:
f5:b6:ae:ea:f8:95:c9:14:c1:3d:71:33:86:9f:1d:
f9:2f:78:73:b1:2d:61:8e:04:5e:e2:9f:de:6b:09:
a1:62:c2:c5:a9:fc:7e:08:b8:52:8a:0e:07:4e:41:
65:7d:b7:6c:5c:d9:84:ea:a5:4c:68:fb:62:2c:dc:
fa:3d:4e:4a:ff:7d:8d:74:88:66:94:e3:bc:ad:a0:
05:b8:68:85:39:6f:8b:16:1b:dd:05:6c:b8:42:03:
29:63:84:d0:1b:d6:d2:3d:4e:6e:5f:0f:b9:ef:4f:
33:3b:10:24:23:57:fc:4e:55:85:ec:bf:67:65:04:
3e:f7:46:69:43:30:64:47:ae:87:f6:af:27:d6:65:
1e:2c:dc:4f:b2:f7:85:5a:d3:11:6a:2c:24:3e:ee:
91:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:32:9F:72:C0:7F:E9:26:7D:D9:DB:68:C9:3C:DD:99:94:FF:0F:94
X509v3 Authority Key Identifier:
keyid:58:7D:8B:0E:75:46:35:11:76:CC:0C:6E:51:ED:45:20:AB:E0:4E:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WH2LDnVGNRF2zAxuUe1FIKvgTvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/81dc62-b3cc-4f99-aa42-c10f782fb07f/1/mzKfcsB_6SZ92dtoyTzdmZT_D5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/81dc62-b3cc-4f99-aa42-c10f782fb07f/1/WH2LDnVGNRF2zAxuUe1FIKvgTvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.60.0/22
IPv6:
2a03:38a0::/32
Signature Algorithm: sha256WithRSAEncryption
a4:d8:ce:fa:51:28:fd:8f:c6:3f:6e:ca:47:c1:81:a7:7e:89:
18:fc:6a:af:d0:36:1b:60:01:56:3e:88:c6:9e:69:53:cc:0e:
c5:f5:45:a1:0a:a1:48:cf:12:64:34:c9:f5:46:65:4e:9e:79:
1e:93:f1:6d:4c:be:90:af:49:d0:21:98:8a:6d:30:e1:f4:b7:
f4:b2:a9:b9:f8:4e:e3:5b:ed:84:66:97:37:95:8e:20:ef:ac:
3f:95:9f:c8:47:1f:b4:1b:93:19:ce:6a:53:3b:c7:3f:64:df:
be:78:9a:f6:1c:1d:b0:f2:e6:d9:47:d3:64:cd:97:7f:01:2b:
17:f7:10:0a:6a:d8:0b:e2:72:65:cc:56:71:4c:79:79:fe:6e:
44:32:a3:34:1b:e2:72:b8:de:c3:bf:7b:df:aa:35:cc:98:ef:
bc:65:39:58:c2:27:24:a6:e6:fa:e0:65:f8:a0:e9:6b:8e:b0:
29:06:c9:de:de:48:82:5c:fc:42:85:e6:f6:d4:57:71:3b:1b:
11:bf:00:35:e5:21:c8:56:2c:4d:bc:eb:ef:c7:35:54:d6:c8:
7e:ce:4e:11:1e:f3:2c:89:b8:1d:af:26:b7:09:b6:76:78:0d:
e1:b9:ba:f8:95:f3:a7:ba:6e:9e:fc:d4:c3:b3:e5:10:0d:42:
62:d5:7d:5b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQm2UPUyFWTIk6QeuQ7n0WFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4N2Q4YjBlNzU0NjM1MTE3NmNjMGM2ZTUxZWQ0NTIwYWJl
MDRlZjEwHhcNMjUwMTAyMTE0OTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjMyOWY3MmMwN2ZlOTI2N2RkOWRiNjhjOTNjZGQ5OTk0ZmYwZjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhUFIOxz+Gx9+znsNHjt3a78CrML
lUdRciOy0GuNgaojLc3RfOlytW/zl199iUQgimcsHtpfKMMWREABkhj9WI/upxXv
HOYxqNzUIn/ixoFU6Han33NqKmNfdAFeQJJ4sTO7jWr3QcP1tq7q+JXJFME9cTOG
nx35L3hzsS1hjgRe4p/eawmhYsLFqfx+CLhSig4HTkFlfbdsXNmE6qVMaPtiLNz6
PU5K/32NdIhmlOO8raAFuGiFOW+LFhvdBWy4QgMpY4TQG9bSPU5uXw+5708zOxAk
I1f8TlWF7L9nZQQ+90ZpQzBkR66H9q8n1mUeLNxPsveFWtMRaiwkPu6REwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJsyn3LAf+kmfdnbaMk83ZmU/w+UMB8GA1UdIwQY
MBaAFFh9iw51RjURdswMblHtRSCr4E7xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0gyTERuVkdOUkYyekF4dVVlMUZJS3ZnVHZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC84MWRjNjItYjNjYy00Zjk5LWFhNDIt
YzEwZjc4MmZiMDdmLzEvbXpLZmNzQl82U1o5MmR0b3lUemRtWlRfRDVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC84MWRjNjItYjNjYy00Zjk5LWFhNDItYzEwZjc4MmZiMDdm
LzEvV0gyTERuVkdOUkYyekF4dVVlMUZJS3ZnVHZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUc8MA0E
AgACMAcDBQAqAzigMA0GCSqGSIb3DQEBCwUAA4IBAQCk2M76USj9j8Y/bspHwYGn
fokY/Gqv0DYbYAFWPojGnmlTzA7F9UWhCqFIzxJkNMn1RmVOnnkek/FtTL6Qr0nQ
IZiKbTDh9Lf0sqm5+E7jW+2EZpc3lY4g76w/lZ/IRx+0G5MZzmpTO8c/ZN++eJr2
HB2w8ubZR9NkzZd/ASsX9xAKatgL4nJlzFZxTHl5/m5EMqM0G+JyuN7Dv3vfqjXM
mO+8ZTlYwickpub64GX4oOlrjrApBsne3kiCXPxCheb21FdxOxsRvwA15SHIVixN
vOvvxzVU1sh+zk4RHvMsibgdrya3CbZ2eA3hubr4lfOnum6e/NTDs+UQDUJi1X1b
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:38:26 2025 by rpki-client