Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/eeec18-7669-4e7f-a670-ce62b40c2659/1/xzuz7gbiFUmxoMyhp4LrcAZBUFk.roa
File: xzuz7gbiFUmxoMyhp4LrcAZBUFk.roa (raw, json)
Hash identifier: l5tP2NJs5ck3dhJPg0HpGYSv2KnuRAxAcyXnB0E1Bj0=
Subject key identifier: C7:3B:B3:EE:06:E2:15:49:B1:A0:CC:A1:A7:82:EB:70:06:41:50:59
Certificate issuer: /CN=4f0ad0b1ac8b1fb56e1b7d3730044efea44770df
Certificate serial: 01856ECB681AFAF85F7F64F3B0AFED4DE198
Authority key identifier: 4F:0A:D0:B1:AC:8B:1F:B5:6E:1B:7D:37:30:04:4E:FE:A4:47:70:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TwrQsayLH7VuG303MARO_qRHcN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/eeec18-7669-4e7f-a670-ce62b40c2659/1/xzuz7gbiFUmxoMyhp4LrcAZBUFk.roa
Signing time: Sun 01 Jan 2023 19:25:02 +0000
ROA not before: Sun 01 Jan 2023 19:25:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34197
IP address blocks: 195.95.224.0/23 maxlen: 23
185.150.162.0/24 maxlen: 24
185.150.160.0/24 maxlen: 24
185.150.160.0/22 maxlen: 22
194.187.224.0/22 maxlen: 22
2a07:7200:ffff::/48 maxlen: 48
2a07:7200::/29 maxlen: 29
2a07:7200:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:68:1a:fa:f8:5f:7f:64:f3:b0:af:ed:4d:e1:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f0ad0b1ac8b1fb56e1b7d3730044efea44770df
Validity
Not Before: Jan 1 19:25:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c73bb3ee06e21549b1a0cca1a782eb7006415059
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:30:a6:6d:88:75:7d:02:42:11:fb:b1:7d:f3:
fd:db:b1:02:d9:9a:6f:77:d1:18:a0:ab:c9:94:1c:
7b:bc:6c:49:2a:c5:43:ad:37:da:37:4c:a9:3a:ac:
f4:cf:0b:6d:5f:0b:98:f6:33:05:e2:dc:3b:60:a0:
4d:4c:92:fe:5f:dc:58:f5:63:2b:b0:44:8c:b1:fd:
25:6f:ed:4c:82:81:6a:13:fa:e3:a3:89:f3:2b:55:
c2:11:c2:db:47:13:c1:5b:26:62:8f:00:a6:d2:04:
e3:0f:4c:21:a4:cc:34:24:27:ad:c4:6a:9e:05:f4:
25:2d:73:11:46:f4:7d:a3:75:1e:17:be:a2:46:fb:
3c:da:89:0a:79:03:b7:1c:72:8d:16:f8:7d:86:1b:
5a:27:10:2d:60:11:12:ff:e2:f0:d3:76:3a:99:a5:
5b:25:6d:52:18:7c:31:f3:3f:8a:c0:bb:da:07:03:
cb:0b:93:65:31:ff:a3:01:53:77:d1:0f:c7:bc:ea:
76:ad:81:67:3f:51:2c:9c:8a:3b:44:5f:fd:cc:48:
5d:5e:84:51:8c:61:6a:c6:7e:83:7e:79:31:de:7e:
22:7a:27:b0:4f:de:87:64:82:bb:84:3d:61:1c:10:
fd:dd:87:78:9f:0d:b8:aa:ad:d9:b3:55:05:a5:d0:
57:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:3B:B3:EE:06:E2:15:49:B1:A0:CC:A1:A7:82:EB:70:06:41:50:59
X509v3 Authority Key Identifier:
keyid:4F:0A:D0:B1:AC:8B:1F:B5:6E:1B:7D:37:30:04:4E:FE:A4:47:70:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TwrQsayLH7VuG303MARO_qRHcN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/eeec18-7669-4e7f-a670-ce62b40c2659/1/xzuz7gbiFUmxoMyhp4LrcAZBUFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/eeec18-7669-4e7f-a670-ce62b40c2659/1/TwrQsayLH7VuG303MARO_qRHcN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.160.0/22
194.187.224.0/22
195.95.224.0/23
IPv6:
2a07:7200::/29
Signature Algorithm: sha256WithRSAEncryption
6a:51:0c:3e:4b:2c:21:f8:9d:be:c3:22:06:3b:c0:a7:06:58:
b2:e6:01:c2:ba:2a:95:c4:3d:ca:d7:04:99:37:9b:e9:5f:25:
88:c7:ab:42:0a:05:b4:eb:e5:f3:96:68:78:49:14:cb:bb:2c:
9c:8f:7b:d5:d9:c3:2b:25:44:34:0e:5d:01:f8:62:e5:02:f2:
01:bf:7c:f8:6a:dd:2e:c7:9f:b1:a6:5d:86:5b:10:db:06:75:
32:90:32:39:d8:5a:ed:bc:8f:12:3a:19:9f:17:df:81:c0:61:
e9:31:7c:8e:09:a9:46:0a:fe:27:98:9c:c0:be:b1:5c:cf:92:
fb:cb:f2:01:b7:be:42:86:15:43:5c:48:ae:1e:3a:28:91:bd:
fc:6c:70:45:dc:53:46:30:d7:82:45:9e:13:09:d6:13:30:6b:
c5:eb:99:15:45:35:f9:9f:b3:d9:d7:0b:77:ab:62:e9:71:1a:
41:1d:6f:99:4c:c9:95:69:d9:00:4b:1d:6f:b0:42:a3:1c:9a:
3a:c4:1b:8a:c0:34:b7:5b:77:83:7b:dc:aa:a0:11:db:ac:56:
a5:6e:20:98:8f:d3:fd:b7:66:48:69:a1:b6:d8:b5:32:de:d4:
30:ff:12:59:f5:88:d2:a5:01:bd:f4:88:04:7a:61:3c:c8:a0:
a5:d6:e4:d0
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVuy2ga+vhff2TzsK/tTeGYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMGFkMGIxYWM4YjFmYjU2ZTFiN2QzNzMwMDQ0ZWZlYTQ0
NzcwZGYwHhcNMjMwMTAxMTkyNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzNiYjNlZTA2ZTIxNTQ5YjFhMGNjYTFhNzgyZWI3MDA2NDE1MDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizCmbYh1fQJCEfuxffP927EC2Zpv
d9EYoKvJlBx7vGxJKsVDrTfaN0ypOqz0zwttXwuY9jMF4tw7YKBNTJL+X9xY9WMr
sESMsf0lb+1MgoFqE/rjo4nzK1XCEcLbRxPBWyZijwCm0gTjD0whpMw0JCetxGqe
BfQlLXMRRvR9o3UeF76iRvs82okKeQO3HHKNFvh9hhtaJxAtYBES/+Lw03Y6maVb
JW1SGHwx8z+KwLvaBwPLC5NlMf+jAVN30Q/HvOp2rYFnP1EsnIo7RF/9zEhdXoRR
jGFqxn6Dfnkx3n4ieiewT96HZIK7hD1hHBD93Yd4nw24qq3Zs1UFpdBXvwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMc7s+4G4hVJsaDMoaeC63AGQVBZMB8GA1UdIwQY
MBaAFE8K0LGsix+1bht9NzAETv6kR3DfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHdyUXNheUxIN1Z1RzMwM01BUk9fcVJIY044LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9lZWVjMTgtNzY2OS00ZTdmLWE2NzAt
Y2U2MmI0MGMyNjU5LzEveHp1ejdnYmlGVW14b015aHA0THJjQVpCVUZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9lZWVjMTgtNzY2OS00ZTdmLWE2NzAtY2U2MmI0MGMyNjU5
LzEvVHdyUXNheUxIN1Z1RzMwM01BUk9fcVJIY044LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuZagAwQC
wrvgAwQBw1/gMA0EAgACMAcDBQMqB3IAMA0GCSqGSIb3DQEBCwUAA4IBAQBqUQw+
Sywh+J2+wyIGO8CnBliy5gHCuiqVxD3K1wSZN5vpXyWIx6tCCgW06+Xzlmh4SRTL
uyycj3vV2cMrJUQ0Dl0B+GLlAvIBv3z4at0ux5+xpl2GWxDbBnUykDI52FrtvI8S
OhmfF9+BwGHpMXyOCalGCv4nmJzAvrFcz5L7y/IBt75ChhVDXEiuHjookb38bHBF
3FNGMNeCRZ4TCdYTMGvF65kVRTX5n7PZ1wt3q2LpcRpBHW+ZTMmVadkASx1vsEKj
HJo6xBuKwDS3W3eDe9yqoBHbrFalbiCYj9P9t2ZIaaG22LUy3tQw/xJZ9YjSpQG9
9IgEemE8yKCl1uTQ
-----END CERTIFICATE-----
Generated at Sat May 3 09:04:25 2025 by rpki-client