Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/z-YOtG9p5k4OlqtEFKy2WK9ixms.roa
File: z-YOtG9p5k4OlqtEFKy2WK9ixms.roa (raw, json)
Hash identifier: iNo3KEz5ULECFwTpK+2HmaVlQM7jtAD9hPXyoY/n1Fs=
Subject key identifier: CF:E6:0E:B4:6F:69:E6:4E:0E:96:AB:44:14:AC:B6:58:AF:62:C6:6B
Certificate issuer: /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial: 019420D624390543A1C4AB4B8C8B144BFCAA
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/z-YOtG9p5k4OlqtEFKy2WK9ixms.roa
Signing time: Wed 01 Jan 2025 07:48:12 +0000
ROA not before: Wed 01 Jan 2025 07:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 5.181.200.0/24 maxlen: 24
45.158.83.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:24:39:05:43:a1:c4:ab:4b:8c:8b:14:4b:fc:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Validity
Not Before: Jan 1 07:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cfe60eb46f69e64e0e96ab4414acb658af62c66b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:1f:d7:cc:02:9d:31:50:b3:37:e2:5a:0d:9e:
72:b9:0c:30:62:fd:db:e6:60:6c:b3:e5:da:98:61:
b6:39:17:19:53:6f:0b:1e:57:57:c3:f6:11:1b:f0:
61:ad:07:2a:e6:33:cf:4f:17:8f:3e:30:2b:95:41:
be:f1:3d:d5:7f:75:23:48:e4:c6:78:d1:2e:e9:ab:
df:ba:60:ea:bd:80:79:00:d3:37:4a:59:f4:de:d0:
e9:c5:07:0b:35:13:2a:78:92:0b:79:f0:21:9d:ae:
91:46:fe:f9:61:a4:fe:09:65:b1:d9:4e:b1:2c:38:
de:6f:15:78:a9:67:2b:80:bd:81:e4:b3:be:d8:4a:
ab:21:89:3e:83:90:99:1c:c9:75:4c:05:cf:78:87:
28:2d:ed:3b:06:2f:d8:ff:04:16:57:1e:7e:b0:08:
fc:4a:bc:bd:e1:a6:0a:10:0e:35:da:b9:62:ea:99:
8b:a4:9a:ba:5b:ca:cf:5b:1f:74:bf:bb:8d:36:78:
f3:0d:a9:fe:16:f2:4b:e2:71:db:c0:e4:55:82:c1:
9b:b4:fc:dc:56:aa:f1:3d:fe:e7:0b:89:7b:f4:27:
7a:d4:83:1e:35:a6:22:1d:7a:2b:33:b6:bf:02:60:
0d:41:73:f6:97:86:1b:e0:d3:ed:02:d9:38:eb:9d:
c0:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:E6:0E:B4:6F:69:E6:4E:0E:96:AB:44:14:AC:B6:58:AF:62:C6:6B
X509v3 Authority Key Identifier:
keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/z-YOtG9p5k4OlqtEFKy2WK9ixms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.200.0/24
45.158.83.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:91:84:e7:31:ff:35:90:ea:73:d7:b6:54:02:99:1e:a7:00:
00:b0:d8:36:5c:39:42:0f:65:10:bf:b0:75:0c:36:e8:34:de:
d2:55:7d:69:da:ed:ae:1b:37:11:9f:b4:81:1d:aa:89:19:d1:
06:3b:41:75:28:8f:20:00:e1:70:ff:cb:9b:dc:33:df:10:18:
d6:3b:88:8c:22:e7:b3:9b:a7:7a:c7:7e:04:eb:11:c0:ba:49:
60:cc:5b:a2:39:0e:9b:9a:7d:cb:3f:2d:38:b8:50:37:6a:9f:
14:c2:91:0b:d5:1d:5e:1f:ae:43:21:17:3d:41:33:da:2a:99:
1d:fc:26:c6:59:a6:7e:ed:fc:65:39:9b:a1:58:f2:15:77:3f:
9a:c3:a4:33:8c:93:64:3c:7e:bc:35:ca:86:41:40:ed:22:0c:
f0:f4:de:1a:8a:ba:df:24:1c:4a:0f:b9:41:91:70:9a:d2:a8:
13:86:89:77:3e:5f:7a:84:c6:b7:19:65:97:34:91:12:a4:1c:
7a:6b:97:45:64:8d:df:b2:c9:17:c9:db:24:4a:85:92:b0:a4:
86:a3:ef:48:65:1b:26:46:d2:d4:a6:d3:2f:5f:c3:dc:b2:cb:
9c:ea:7d:ab:1d:61:46:da:a6:b4:5c:ab:b2:e8:23:55:e3:5f:
f6:c7:9f:b6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQg1iQ5BUOhxKtLjIsUS/yqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NmQ5ZDUwYjNiODlkNTFjOGFhMjQ5M2U3ZWY0NzAxZDYy
NTFkYWQwHhcNMjUwMTAxMDc0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmU2MGViNDZmNjllNjRlMGU5NmFiNDQxNGFjYjY1OGFmNjJjNjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5R/XzAKdMVCzN+JaDZ5yuQwwYv3b
5mBss+XamGG2ORcZU28LHldXw/YRG/BhrQcq5jPPTxePPjArlUG+8T3Vf3UjSOTG
eNEu6avfumDqvYB5ANM3Sln03tDpxQcLNRMqeJILefAhna6RRv75YaT+CWWx2U6x
LDjebxV4qWcrgL2B5LO+2EqrIYk+g5CZHMl1TAXPeIcoLe07Bi/Y/wQWVx5+sAj8
Sry94aYKEA412rli6pmLpJq6W8rPWx90v7uNNnjzDan+FvJL4nHbwORVgsGbtPzc
VqrxPf7nC4l79Cd61IMeNaYiHXorM7a/AmANQXP2l4Yb4NPtAtk4653ASQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM/mDrRvaeZODparRBSstlivYsZrMB8GA1UdIwQY
MBaAFMZtnVCzuJ1RyKokk+fvRwHWJR2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMt
YjdjNTc4Yjc0ZTM1LzEvei1ZT3RHOXA1azRPbHF0RUZLeTJXSzlpeG1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMtYjdjNTc4Yjc0ZTM1
LzEveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABbXIAwQA
LZ5TMA0GCSqGSIb3DQEBCwUAA4IBAQANkYTnMf81kOpz17ZUApkepwAAsNg2XDlC
D2UQv7B1DDboNN7SVX1p2u2uGzcRn7SBHaqJGdEGO0F1KI8gAOFw/8ub3DPfEBjW
O4iMIuezm6d6x34E6xHAuklgzFuiOQ6bmn3LPy04uFA3ap8UwpEL1R1eH65DIRc9
QTPaKpkd/CbGWaZ+7fxlOZuhWPIVdz+aw6QzjJNkPH68NcqGQUDtIgzw9N4airrf
JBxKD7lBkXCa0qgThol3Pl96hMa3GWWXNJESpBx6a5dFZI3fsskXydskSoWSsKSG
o+9IZRsmRtLUptMvX8Pcssuc6n2rHWFG2qa0XKuy6CNV41/2x5+2
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:00:24 2025 by rpki-client