Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/442e17-4198-435b-96f4-6467f44b43bf/1/zrrMlICGpdDYFya8WKvO7u0XM-Q.roa
File: zrrMlICGpdDYFya8WKvO7u0XM-Q.roa (raw, json)
Hash identifier: txsRNfUipxo+CqvVL0kXrQvI1GxCBc26tW/8hZA3omw=
Subject key identifier: CE:BA:CC:94:80:86:A5:D0:D8:17:26:BC:58:AB:CE:EE:ED:17:33:E4
Certificate issuer: /CN=df904155ee3acfe3fea8bbfee86e97c58c8991f4
Certificate serial: 019427B5C8B79CA1C545FFFA29495A7EAAE9
Authority key identifier: DF:90:41:55:EE:3A:CF:E3:FE:A8:BB:FE:E8:6E:97:C5:8C:89:91:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/35BBVe46z-P-qLv-6G6XxYyJkfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/442e17-4198-435b-96f4-6467f44b43bf/1/zrrMlICGpdDYFya8WKvO7u0XM-Q.roa
Signing time: Thu 02 Jan 2025 15:50:12 +0000
ROA not before: Thu 02 Jan 2025 15:50:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44356
IP address blocks: 31.13.152.0/21 maxlen: 24
79.99.192.0/21 maxlen: 24
2a00:1538::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:c8:b7:9c:a1:c5:45:ff:fa:29:49:5a:7e:aa:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df904155ee3acfe3fea8bbfee86e97c58c8991f4
Validity
Not Before: Jan 2 15:50:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cebacc948086a5d0d81726bc58abceeeed1733e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:03:c5:7e:1c:3d:b5:b9:4d:0a:13:2f:c6:ed:
8c:01:9a:61:ea:e2:86:fa:b2:cf:11:fe:dc:29:5f:
f4:c3:d9:9e:ad:5c:6f:68:bf:75:dd:51:d5:76:6c:
33:b2:c2:b4:d6:ad:aa:0c:4e:d6:41:47:95:79:b1:
17:47:c8:6c:be:8c:e6:bb:2d:c1:03:da:78:fa:ff:
9d:21:05:61:f7:54:03:1d:bc:b1:3b:2d:27:a5:ba:
03:cb:a9:36:e8:ac:1e:3f:84:a1:16:d4:ea:d1:6f:
52:72:78:de:26:6f:e4:6e:9c:46:08:f9:58:88:91:
95:61:3b:ed:95:d5:1f:fd:22:11:91:d0:0d:e0:b6:
d4:0c:15:37:88:c3:32:27:da:75:2a:c8:8e:5b:9a:
b0:d9:b0:8e:3d:88:50:13:85:04:c8:e8:80:40:29:
b6:d7:82:72:08:9a:e9:3a:94:5e:d6:f6:3b:83:12:
08:8b:4d:87:8a:86:5f:63:f9:ea:ac:24:7f:07:81:
35:e0:84:f4:91:c3:f7:49:67:91:a3:4b:2a:1e:0a:
2d:33:7e:70:e9:e6:9a:cf:29:a2:dc:26:98:57:77:
07:44:1b:4e:5b:17:fe:04:fd:f9:47:f4:39:cb:83:
2b:d3:77:e3:5f:d6:00:03:ba:09:03:d1:c2:cb:f7:
26:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:BA:CC:94:80:86:A5:D0:D8:17:26:BC:58:AB:CE:EE:ED:17:33:E4
X509v3 Authority Key Identifier:
keyid:DF:90:41:55:EE:3A:CF:E3:FE:A8:BB:FE:E8:6E:97:C5:8C:89:91:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/35BBVe46z-P-qLv-6G6XxYyJkfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/442e17-4198-435b-96f4-6467f44b43bf/1/zrrMlICGpdDYFya8WKvO7u0XM-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/442e17-4198-435b-96f4-6467f44b43bf/1/35BBVe46z-P-qLv-6G6XxYyJkfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.152.0/21
79.99.192.0/21
IPv6:
2a00:1538::/32
Signature Algorithm: sha256WithRSAEncryption
5d:b3:f0:10:df:57:71:e0:79:c6:c5:0c:75:d4:6d:c5:d5:96:
f8:a9:10:40:df:2b:80:f9:55:32:e6:18:bf:c8:28:05:72:ca:
6f:cc:c8:94:1e:dc:9a:a8:ea:da:b1:41:b7:73:d8:fd:b9:db:
d3:07:96:4a:52:63:f4:f7:eb:34:d1:25:c4:8f:4a:9b:b1:5a:
cc:3b:b6:73:20:61:a8:6d:51:8a:19:36:59:7b:78:a6:76:1b:
05:35:59:58:11:a9:97:06:b5:fd:3d:29:29:56:7f:4d:2f:9f:
c3:2d:ae:af:cd:5c:69:54:83:d7:53:73:2f:61:68:da:ab:e0:
01:00:ce:0e:80:94:94:a4:dc:4e:9a:be:be:ce:e5:41:6b:8c:
7a:38:8c:37:69:b9:d9:67:8e:1e:8a:48:be:ad:30:3e:d0:67:
ec:26:1d:58:be:f1:69:f3:44:99:01:b6:58:28:d2:5e:4a:f3:
74:92:c3:09:0b:0d:0b:69:a7:43:78:3f:ba:dc:6d:db:7d:01:
67:8f:12:2d:41:38:5d:db:77:6a:37:86:16:d0:98:45:60:eb:
df:a2:c6:33:97:b3:5b:2c:06:d8:10:f4:ad:28:69:77:67:25:
72:a7:5d:15:92:b7:07:a1:67:c8:1b:c5:f1:8c:4d:9d:84:4e:
bb:26:88:ec
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQntci3nKHFRf/6KUlafqrpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmOTA0MTU1ZWUzYWNmZTNmZWE4YmJmZWU4NmU5N2M1OGM4
OTkxZjQwHhcNMjUwMTAyMTU1MDEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWJhY2M5NDgwODZhNWQwZDgxNzI2YmM1OGFiY2VlZWVkMTczM2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQPFfhw9tblNChMvxu2MAZph6uKG
+rLPEf7cKV/0w9merVxvaL913VHVdmwzssK01q2qDE7WQUeVebEXR8hsvozmuy3B
A9p4+v+dIQVh91QDHbyxOy0npboDy6k26KweP4ShFtTq0W9ScnjeJm/kbpxGCPlY
iJGVYTvtldUf/SIRkdAN4LbUDBU3iMMyJ9p1KsiOW5qw2bCOPYhQE4UEyOiAQCm2
14JyCJrpOpRe1vY7gxIIi02HioZfY/nqrCR/B4E14IT0kcP3SWeRo0sqHgotM35w
6eaazymi3CaYV3cHRBtOWxf+BP35R/Q5y4Mr03fjX9YAA7oJA9HCy/cmcQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFM66zJSAhqXQ2BcmvFirzu7tFzPkMB8GA1UdIwQY
MBaAFN+QQVXuOs/j/qi7/uhul8WMiZH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzVCQlZlNDZ6LVAtcUx2LTZHNlh4WXlKa2ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS80NDJlMTctNDE5OC00MzViLTk2ZjQt
NjQ2N2Y0NGI0M2JmLzEvenJyTWxJQ0dwZERZRnlhOFdLdk83dTBYTS1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS80NDJlMTctNDE5OC00MzViLTk2ZjQtNjQ2N2Y0NGI0M2Jm
LzEvMzVCQlZlNDZ6LVAtcUx2LTZHNlh4WXlKa2ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDHw2YAwQD
T2PAMA0EAgACMAcDBQAqABU4MA0GCSqGSIb3DQEBCwUAA4IBAQBds/AQ31dx4HnG
xQx11G3F1Zb4qRBA3yuA+VUy5hi/yCgFcspvzMiUHtyaqOrasUG3c9j9udvTB5ZK
UmP09+s00SXEj0qbsVrMO7ZzIGGobVGKGTZZe3imdhsFNVlYEamXBrX9PSkpVn9N
L5/DLa6vzVxpVIPXU3MvYWjaq+ABAM4OgJSUpNxOmr6+zuVBa4x6OIw3abnZZ44e
iki+rTA+0GfsJh1YvvFp80SZAbZYKNJeSvN0ksMJCw0LaadDeD+63G3bfQFnjxIt
QThd23dqN4YW0JhFYOvfosYzl7NbLAbYEPStKGl3ZyVyp10VkrcHoWfIG8XxjE2d
hE67Jojs
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:44:07 2025 by rpki-client