Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/1d57dd-5599-45a7-ab03-4d6ce0766eb5/1/Z95Ygi89f8LPJ06butvXFWvZK_U.roa
File: Z95Ygi89f8LPJ06butvXFWvZK_U.roa (raw, json)
Hash identifier: o6HwkfxYMUCJNVk0nfNy6db7pO3BIH4cTe1hsU4m0jI=
Subject key identifier: 67:DE:58:82:2F:3D:7F:C2:CF:27:4E:9B:BA:DB:D7:15:6B:D9:2B:F5
Certificate issuer: /CN=6dc0d05f8ee9e958fc95de65dc59a2141c5f1efd
Certificate serial: 019423D6F803B2EEF970ADE9298ABF535852
Authority key identifier: 6D:C0:D0:5F:8E:E9:E9:58:FC:95:DE:65:DC:59:A2:14:1C:5F:1E:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bcDQX47p6Vj8ld5l3FmiFBxfHv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/1d57dd-5599-45a7-ab03-4d6ce0766eb5/1/Z95Ygi89f8LPJ06butvXFWvZK_U.roa
Signing time: Wed 01 Jan 2025 21:47:58 +0000
ROA not before: Wed 01 Jan 2025 21:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56552
IP address blocks: 185.71.65.0/24 maxlen: 24
185.71.67.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:f8:03:b2:ee:f9:70:ad:e9:29:8a:bf:53:58:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6dc0d05f8ee9e958fc95de65dc59a2141c5f1efd
Validity
Not Before: Jan 1 21:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67de58822f3d7fc2cf274e9bbadbd7156bd92bf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:86:7a:77:2c:89:54:c6:a5:24:45:e5:9b:26:
ee:56:9c:55:0a:81:4f:e3:88:66:1f:de:94:82:87:
fd:64:10:36:af:e7:a9:37:53:19:42:22:36:80:57:
8b:80:b5:3c:93:08:46:d7:11:ba:8c:7a:42:e8:ff:
93:66:ef:74:c0:e5:21:0c:bf:3f:ab:95:bc:cf:31:
a6:d3:0f:ea:7e:91:58:06:37:ff:8f:82:a4:a9:ea:
a7:69:f8:57:3d:a8:ff:1e:09:d0:4a:3f:07:d5:33:
5e:30:1f:dd:1d:43:8f:88:a3:90:1f:4f:7f:f3:9f:
9d:32:e4:70:ce:e4:2a:d6:2c:96:30:f2:fc:16:f3:
0e:5a:66:c3:8b:d3:f8:3d:70:76:72:fb:ee:cd:90:
7d:31:bd:f9:ea:4e:33:77:31:db:72:13:b8:ff:61:
df:df:ca:5a:91:ce:61:ee:8d:c8:be:05:26:75:8d:
4d:62:66:6e:37:1f:cf:ee:96:b1:3d:56:5a:39:ef:
4c:cb:c5:27:72:0c:67:2f:9f:ab:02:e5:fe:c5:d6:
fa:a0:10:e9:19:6e:e6:f5:72:c0:e8:72:53:91:e5:
77:10:46:fb:48:2c:c5:3b:10:d4:9f:03:57:55:74:
01:7e:fe:ac:7c:64:c0:fb:8c:ed:02:6f:f2:bd:aa:
2f:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:DE:58:82:2F:3D:7F:C2:CF:27:4E:9B:BA:DB:D7:15:6B:D9:2B:F5
X509v3 Authority Key Identifier:
keyid:6D:C0:D0:5F:8E:E9:E9:58:FC:95:DE:65:DC:59:A2:14:1C:5F:1E:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bcDQX47p6Vj8ld5l3FmiFBxfHv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/1d57dd-5599-45a7-ab03-4d6ce0766eb5/1/Z95Ygi89f8LPJ06butvXFWvZK_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/1d57dd-5599-45a7-ab03-4d6ce0766eb5/1/bcDQX47p6Vj8ld5l3FmiFBxfHv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.65.0/24
185.71.67.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:31:bb:ff:4f:76:3d:b8:49:4b:83:37:68:70:50:3b:0d:fc:
0a:e1:cb:98:5b:b4:b8:8a:ce:38:ff:ba:e6:6b:d4:14:30:73:
b6:3f:9d:5a:31:9f:18:22:4c:ca:5f:da:c2:56:58:03:83:47:
f4:41:ec:4a:e1:c5:3c:e3:fd:e4:91:9c:fc:29:1d:c6:9c:fd:
0e:08:54:bb:8b:49:9b:25:ea:6e:87:bc:97:80:dc:72:29:1f:
e2:5e:b4:6b:1f:57:93:5c:a9:28:4c:83:6e:80:fe:bf:69:c3:
a9:d8:d9:0c:bb:32:cd:42:f3:35:6f:07:a4:16:aa:5e:16:46:
ff:c3:9c:7a:1c:17:8a:b7:38:a8:5f:bf:6a:a8:0a:6c:7b:56:
1f:2a:ea:11:d4:1e:58:9c:ba:f6:cb:9f:d8:a2:8d:51:9d:a1:
96:fb:46:15:a6:d3:11:97:bc:9e:bb:7c:3b:e4:b8:1b:95:82:
b5:4d:ad:86:6f:60:33:03:72:a7:c5:6c:eb:61:22:36:a9:20:
29:2d:1b:fc:7d:3d:82:e2:14:1c:fc:f0:02:8b:10:8a:79:64:
b0:a5:03:bf:87:1a:f6:a6:02:9e:23:c3:05:36:cb:be:ff:da:
b7:31:d2:42:c0:76:8e:af:40:ab:fc:24:ef:54:b7:fc:00:fb:
4a:a1:a7:87
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQj1vgDsu75cK3pKYq/U1hSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkYzBkMDVmOGVlOWU5NThmYzk1ZGU2NWRjNTlhMjE0MWM1
ZjFlZmQwHhcNMjUwMTAxMjE0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2RlNTg4MjJmM2Q3ZmMyY2YyNzRlOWJiYWRiZDcxNTZiZDkyYmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4Z6dyyJVMalJEXlmybuVpxVCoFP
44hmH96Ugof9ZBA2r+epN1MZQiI2gFeLgLU8kwhG1xG6jHpC6P+TZu90wOUhDL8/
q5W8zzGm0w/qfpFYBjf/j4KkqeqnafhXPaj/HgnQSj8H1TNeMB/dHUOPiKOQH09/
85+dMuRwzuQq1iyWMPL8FvMOWmbDi9P4PXB2cvvuzZB9Mb356k4zdzHbchO4/2Hf
38pakc5h7o3IvgUmdY1NYmZuNx/P7paxPVZaOe9My8UncgxnL5+rAuX+xdb6oBDp
GW7m9XLA6HJTkeV3EEb7SCzFOxDUnwNXVXQBfv6sfGTA+4ztAm/yvaovmQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGfeWIIvPX/CzydOm7rb1xVr2Sv1MB8GA1UdIwQY
MBaAFG3A0F+O6elY/JXeZdxZohQcXx79MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmNEUVg0N3A2Vmo4bGQ1bDNGbWlGQnhmSHYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8xZDU3ZGQtNTU5OS00NWE3LWFiMDMt
NGQ2Y2UwNzY2ZWI1LzEvWjk1WWdpODlmOExQSjA2YnV0dlhGV3ZaS19VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8xZDU3ZGQtNTU5OS00NWE3LWFiMDMtNGQ2Y2UwNzY2ZWI1
LzEvYmNEUVg0N3A2Vmo4bGQ1bDNGbWlGQnhmSHYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuUdBAwQA
uUdDMA0GCSqGSIb3DQEBCwUAA4IBAQCOMbv/T3Y9uElLgzdocFA7DfwK4cuYW7S4
is44/7rma9QUMHO2P51aMZ8YIkzKX9rCVlgDg0f0QexK4cU84/3kkZz8KR3GnP0O
CFS7i0mbJepuh7yXgNxyKR/iXrRrH1eTXKkoTINugP6/acOp2NkMuzLNQvM1bwek
FqpeFkb/w5x6HBeKtzioX79qqApse1YfKuoR1B5YnLr2y5/Yoo1RnaGW+0YVptMR
l7yeu3w75LgblYK1Ta2Gb2AzA3KnxWzrYSI2qSApLRv8fT2C4hQc/PACixCKeWSw
pQO/hxr2pgKeI8MFNsu+/9q3MdJCwHaOr0Cr/CTvVLf8APtKoaeH
-----END CERTIFICATE-----
Generated at Thu Jan 23 16:28:39 2025 by rpki-client on console.sobornost.net