Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/336db3-71a8-43ef-9b9f-6a6c6e096071/1/Z-dfosDrlzVSKVFTGJ7LYewGU6w.roa
File: Z-dfosDrlzVSKVFTGJ7LYewGU6w.roa (raw, json)
Hash identifier: lSxGudn5Fs3j65oqD2ZSmu7gAATGql89N/KwokwP/NY=
Subject key identifier: 67:E7:5F:A2:C0:EB:97:35:52:29:51:53:18:9E:CB:61:EC:06:53:AC
Certificate issuer: /CN=d2581479dee3b5994f11c9d9564631bf5a404c07
Certificate serial: 0194258F0D70113B5F4E17AA4CB1C28DC9D8
Authority key identifier: D2:58:14:79:DE:E3:B5:99:4F:11:C9:D9:56:46:31:BF:5A:40:4C:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0lgUed7jtZlPEcnZVkYxv1pATAc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/336db3-71a8-43ef-9b9f-6a6c6e096071/1/Z-dfosDrlzVSKVFTGJ7LYewGU6w.roa
Signing time: Thu 02 Jan 2025 05:48:39 +0000
ROA not before: Thu 02 Jan 2025 05:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2200
IP address blocks: 134.59.0.0/16 maxlen: 16
157.169.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:0d:70:11:3b:5f:4e:17:aa:4c:b1:c2:8d:c9:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2581479dee3b5994f11c9d9564631bf5a404c07
Validity
Not Before: Jan 2 05:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67e75fa2c0eb973552295153189ecb61ec0653ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:dc:74:b3:0a:25:d4:6c:eb:db:a1:ea:94:99:
e8:cd:6d:4a:ae:a5:2b:9a:36:4b:fa:4b:0e:e1:68:
78:1f:a0:e7:9d:9d:a7:9e:fc:77:5e:2e:0a:f4:4f:
0e:35:14:fa:8e:84:57:4d:2f:8d:8f:22:d0:3b:96:
10:f5:cf:b7:1a:96:68:60:70:f6:91:f3:64:27:97:
8d:55:70:d4:27:3e:98:44:1c:5e:a6:7a:5d:69:b7:
da:8d:aa:c7:fa:5c:1d:29:b1:43:6a:13:2a:63:ba:
31:73:e1:4b:63:7d:8b:2d:c1:6d:b0:9f:0b:a3:9f:
8c:ec:8e:ee:cb:a1:6b:89:52:75:9d:e5:0f:87:e9:
41:1a:75:48:b3:43:5e:77:01:88:dd:dc:70:17:1a:
70:68:dc:9e:98:bf:85:5b:19:dd:46:04:93:36:4b:
55:bc:13:d3:06:08:20:88:4f:a4:97:a1:a1:5c:01:
64:bb:8f:bb:42:1e:49:a0:a9:b7:64:f2:f2:13:e5:
68:b4:dd:34:7d:3c:3a:59:2a:c2:b0:a3:e2:47:74:
cd:fa:af:e0:07:7b:75:2d:30:e2:c9:c0:ba:a9:2f:
00:14:e9:0b:f2:80:7a:e6:43:dc:84:4e:73:c7:e3:
24:15:ab:5b:dc:68:b1:33:68:99:05:4a:b3:63:66:
64:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:E7:5F:A2:C0:EB:97:35:52:29:51:53:18:9E:CB:61:EC:06:53:AC
X509v3 Authority Key Identifier:
keyid:D2:58:14:79:DE:E3:B5:99:4F:11:C9:D9:56:46:31:BF:5A:40:4C:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0lgUed7jtZlPEcnZVkYxv1pATAc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/336db3-71a8-43ef-9b9f-6a6c6e096071/1/Z-dfosDrlzVSKVFTGJ7LYewGU6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/336db3-71a8-43ef-9b9f-6a6c6e096071/1/0lgUed7jtZlPEcnZVkYxv1pATAc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.59.0.0/16
157.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9b:c5:3a:8b:ab:94:60:45:cc:e1:85:cf:78:4b:81:9b:8b:9d:
aa:be:58:8e:88:2d:48:0f:3f:de:13:2d:f9:4d:f5:3f:3b:40:
01:cc:15:c3:f2:3e:3a:74:51:b7:79:36:d4:6e:ae:f8:56:db:
15:9f:1c:73:a2:64:18:8e:d7:90:a3:31:b4:f7:25:84:35:d0:
aa:69:06:e9:32:33:3a:cf:27:eb:6b:aa:11:76:a9:5b:75:37:
5b:b6:0d:3a:c8:6c:cf:ad:fc:da:59:7c:21:ef:d4:dd:2c:34:
9a:b5:11:40:0c:7f:db:d0:a8:24:be:ff:83:b3:31:0b:fb:2b:
7d:6c:3f:43:f7:ee:ad:97:ab:53:42:e4:c6:d5:ad:1f:e2:9c:
da:13:d6:f0:d5:3c:9c:d2:00:fb:80:9a:b4:1f:d8:38:8e:08:
13:a0:bf:fe:3f:68:8a:84:72:24:81:f8:cf:9a:0e:6e:b6:1c:
9b:4a:c6:a7:79:57:69:64:d0:f1:7c:38:f4:81:3a:72:be:f2:
51:65:35:6e:91:6b:70:63:55:56:86:5f:0b:f8:d1:d2:dd:20:
3e:82:98:ba:96:01:27:6d:fe:34:2d:a1:b7:66:48:e8:7d:0b:
8a:88:56:8b:e5:6f:93:41:be:2e:03:f1:89:4c:f2:23:29:1f:
7c:4b:84:f5
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAZQljw1wETtfTheqTLHCjcnYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNTgxNDc5ZGVlM2I1OTk0ZjExYzlkOTU2NDYzMWJmNWE0
MDRjMDcwHhcNMjUwMTAyMDU0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2U3NWZhMmMwZWI5NzM1NTIyOTUxNTMxODllY2I2MWVjMDY1M2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Nx0swol1Gzr26HqlJnozW1KrqUr
mjZL+ksO4Wh4H6DnnZ2nnvx3Xi4K9E8ONRT6joRXTS+NjyLQO5YQ9c+3GpZoYHD2
kfNkJ5eNVXDUJz6YRBxepnpdabfajarH+lwdKbFDahMqY7oxc+FLY32LLcFtsJ8L
o5+M7I7uy6FriVJ1neUPh+lBGnVIs0NedwGI3dxwFxpwaNyemL+FWxndRgSTNktV
vBPTBgggiE+kl6GhXAFku4+7Qh5JoKm3ZPLyE+VotN00fTw6WSrCsKPiR3TN+q/g
B3t1LTDiycC6qS8AFOkL8oB65kPchE5zx+MkFatb3GixM2iZBUqzY2Zk3wIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFGfnX6LA65c1UilRUxiey2HsBlOsMB8GA1UdIwQY
MBaAFNJYFHne47WZTxHJ2VZGMb9aQEwHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGxnVWVkN2p0WmxQRWNuWlZrWXh2MXBBVEFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8zMzZkYjMtNzFhOC00M2VmLTliOWYt
NmE2YzZlMDk2MDcxLzEvWi1kZm9zRHJselZTS1ZGVEdKN0xZZXdHVTZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8zMzZkYjMtNzFhOC00M2VmLTliOWYtNmE2YzZlMDk2MDcx
LzEvMGxnVWVkN2p0WmxQRWNuWlZrWXh2MXBBVEFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCMGCCsGAQUFBwEHAQH/BBQwEjAQBAIAATAKAwMAhjsDAwCd
qTANBgkqhkiG9w0BAQsFAAOCAQEAm8U6i6uUYEXM4YXPeEuBm4udqr5YjogtSA8/
3hMt+U31PztAAcwVw/I+OnRRt3k21G6u+FbbFZ8cc6JkGI7XkKMxtPclhDXQqmkG
6TIzOs8n62uqEXapW3U3W7YNOshsz6382ll8Ie/U3Sw0mrURQAx/29CoJL7/g7Mx
C/srfWw/Q/furZerU0LkxtWtH+Kc2hPW8NU8nNIA+4CatB/YOI4IE6C//j9oioRy
JIH4z5oObrYcm0rGp3lXaWTQ8Xw49IE6cr7yUWU1bpFrcGNVVoZfC/jR0t0gPoKY
upYBJ23+NC2ht2ZI6H0LiohWi+Vvk0G+LgPxiUzyIykffEuE9Q==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:28 2025 by rpki-client on console.sobornost.net