Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/CZpuUzJEsKjUOKMTz3rPnaPFYr0.roa
File: CZpuUzJEsKjUOKMTz3rPnaPFYr0.roa (raw, json)
Hash identifier: 829sU0orhueuSWygyiEyGmFZ/X99K3xCPmemYX73BGM=
Subject key identifier: 09:9A:6E:53:32:44:B0:A8:D4:38:A3:13:CF:7A:CF:9D:A3:C5:62:BD
Certificate issuer: /CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Certificate serial: 0195377C38830F6152F3D3B12A065F9AEE8D
Authority key identifier: BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/CZpuUzJEsKjUOKMTz3rPnaPFYr0.roa
Signing time: Mon 24 Feb 2025 10:24:02 +0000
ROA not before: Mon 24 Feb 2025 10:24:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60117
IP address blocks: 212.81.44.0/24 maxlen: 24
212.81.45.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:37:7c:38:83:0f:61:52:f3:d3:b1:2a:06:5f:9a:ee:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Validity
Not Before: Feb 24 10:24:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=099a6e533244b0a8d438a313cf7acf9da3c562bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:06:ab:99:9f:fe:c1:25:81:76:cc:d4:95:80:
76:1c:a1:a1:12:71:24:e7:e9:d7:1d:6b:72:fa:d6:
06:e6:ff:3a:4f:9f:c0:b9:e4:05:b9:59:67:36:db:
e3:d0:2a:c4:4b:e2:3e:5c:4f:62:26:99:04:37:23:
7f:22:88:22:3d:fe:13:bf:28:62:c0:8c:d6:7e:e0:
1c:cb:f9:bb:58:e6:a3:eb:de:41:6b:89:be:35:cd:
fd:dd:05:76:d2:9a:f3:6e:cb:57:a0:4b:33:f2:7e:
74:d4:70:0b:27:7b:25:51:54:cc:f6:fe:7e:83:47:
a4:40:5e:cd:0d:f9:a6:22:c5:08:68:f3:c9:83:8a:
27:b7:17:c0:e5:09:23:e5:46:e8:20:9e:f1:54:32:
18:0e:e1:39:9c:17:8f:9a:f9:87:87:09:b0:dc:59:
2d:18:ff:11:67:c8:24:da:70:d8:aa:e0:14:6b:8e:
cc:3b:9a:29:93:fd:20:27:a9:8d:ab:5b:c5:90:c0:
4e:59:80:f9:57:5a:dc:8c:40:2f:41:16:cb:58:fd:
09:fa:ef:16:64:fd:2b:f2:8e:bd:78:bd:ef:da:05:
27:45:25:61:0a:13:d8:95:92:2c:a5:d6:19:24:40:
45:cc:a3:e0:2d:69:11:4d:e4:36:b1:eb:d2:b4:5f:
b1:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:9A:6E:53:32:44:B0:A8:D4:38:A3:13:CF:7A:CF:9D:A3:C5:62:BD
X509v3 Authority Key Identifier:
keyid:BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/CZpuUzJEsKjUOKMTz3rPnaPFYr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.81.44.0/23
Signature Algorithm: sha256WithRSAEncryption
9b:cd:81:51:ef:2b:1e:05:89:8b:24:d7:31:df:48:57:53:a2:
d8:35:1a:5b:ca:e2:5a:4b:5a:dc:e5:94:b6:28:80:a0:58:2f:
d7:49:da:f7:da:8e:ad:b4:e0:05:a5:23:95:98:90:d6:5c:f8:
49:99:b4:dd:66:ec:cc:fd:90:24:5c:bb:6e:68:9a:cf:83:d2:
9c:06:cd:59:10:51:5a:42:cb:6a:31:9b:69:80:47:e4:f1:7b:
7a:3d:fa:94:1e:84:94:fc:57:c0:3d:94:5b:00:07:4d:46:77:
3e:47:b0:3c:04:09:8a:7b:e9:6a:dd:61:e6:42:54:6a:f5:c8:
9b:87:fe:e3:62:e0:3b:42:5e:9f:c5:70:11:4d:bc:04:35:e1:
fb:ed:77:dd:8f:2b:6d:2d:47:b5:c1:ec:6b:32:33:f4:71:d3:
44:43:6b:55:2b:0a:3b:6c:4f:3b:db:b7:8f:41:f2:64:00:db:
67:22:66:18:c1:f8:98:34:d8:d1:6f:a7:48:1d:85:7e:30:7b:
3d:e2:bc:c7:66:c6:9d:45:ed:6b:92:61:36:db:1c:49:cf:d3:
87:d7:40:ee:94:82:2c:8c:39:f6:6a:65:38:58:a8:8a:3d:53:
aa:64:9a:f7:22:f2:72:9b:a3:23:ee:b5:b4:27:77:16:22:ec:
7f:35:7f:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZU3fDiDD2FS89OxKgZfmu6NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMzY2ODYyOGYwZGY3OWQwNDdlY2EwZDlhZGNmYzBiNjY5
M2UzMDkwHhcNMjUwMjI0MTAyNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTlhNmU1MzMyNDRiMGE4ZDQzOGEzMTNjZjdhY2Y5ZGEzYzU2MmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQarmZ/+wSWBdszUlYB2HKGhEnEk
5+nXHWty+tYG5v86T5/AueQFuVlnNtvj0CrES+I+XE9iJpkENyN/IogiPf4Tvyhi
wIzWfuAcy/m7WOaj695Ba4m+Nc393QV20przbstXoEsz8n501HALJ3slUVTM9v5+
g0ekQF7NDfmmIsUIaPPJg4ontxfA5Qkj5UboIJ7xVDIYDuE5nBePmvmHhwmw3Fkt
GP8RZ8gk2nDYquAUa47MO5opk/0gJ6mNq1vFkMBOWYD5V1rcjEAvQRbLWP0J+u8W
ZP0r8o69eL3v2gUnRSVhChPYlZIspdYZJEBFzKPgLWkRTeQ2sevStF+xKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAmablMyRLCo1DijE896z52jxWK9MB8GA1UdIwQY
MBaAFL02aGKPDfedBH7KDZrc/Atmk+MJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMt
ZTZiZjMxNmM5NGExLzEvQ1pwdVV6SkVzS2pVT0tNVHozclBuYVBGWXIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMtZTZiZjMxNmM5NGEx
LzEvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1FEsMA0G
CSqGSIb3DQEBCwUAA4IBAQCbzYFR7yseBYmLJNcx30hXU6LYNRpbyuJaS1rc5ZS2
KICgWC/XSdr32o6ttOAFpSOVmJDWXPhJmbTdZuzM/ZAkXLtuaJrPg9KcBs1ZEFFa
QstqMZtpgEfk8Xt6PfqUHoSU/FfAPZRbAAdNRnc+R7A8BAmKe+lq3WHmQlRq9cib
h/7jYuA7Ql6fxXARTbwENeH77XfdjyttLUe1wexrMjP0cdNEQ2tVKwo7bE8727eP
QfJkANtnImYYwfiYNNjRb6dIHYV+MHs94rzHZsadRe1rkmE22xxJz9OH10DulIIs
jDn2amU4WKiKPVOqZJr3IvJym6Mj7rW0J3cWIux/NX/o
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:46:53 2025 by rpki-client