Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/rzWTLBE3AsXR1P8qg6IiwM8BArQ.roa
File: rzWTLBE3AsXR1P8qg6IiwM8BArQ.roa (raw, json)
Hash identifier: yxDA8Ps4OhGd/IaFWsk753N/DOl8bcSO3xtQOguzy0c=
Subject key identifier: AF:35:93:2C:11:37:02:C5:D1:D4:FF:2A:83:A2:22:C0:CF:01:02:B4
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 0195A3B5B7056C97536211579E6C8713A1E8
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/rzWTLBE3AsXR1P8qg6IiwM8BArQ.roa
Signing time: Mon 17 Mar 2025 10:45:49 +0000
ROA not before: Mon 17 Mar 2025 10:45:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203446
IP address blocks: 2.56.246.0/24 maxlen: 24
45.131.65.0/24 maxlen: 24
45.134.39.0/24 maxlen: 24
45.137.70.0/24 maxlen: 24
194.62.248.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a3:b5:b7:05:6c:97:53:62:11:57:9e:6c:87:13:a1:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Mar 17 10:45:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af35932c113702c5d1d4ff2a83a222c0cf0102b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:1c:72:95:88:eb:dd:29:7c:c6:f7:01:bc:12:
fa:c4:01:df:3c:67:50:7b:65:98:82:f8:f9:72:ae:
16:cd:3f:49:b8:a9:59:6e:e5:ea:e5:7f:59:03:92:
57:30:8e:80:3b:c4:9c:b7:3c:e3:ab:06:2a:f4:19:
e2:e8:39:89:ae:82:cd:db:9c:d3:16:f9:e0:51:42:
6c:6e:bc:7d:71:f8:b3:fc:f8:3e:62:06:92:44:2a:
42:16:58:55:6d:bf:a2:f8:6c:de:56:56:72:db:7b:
a7:71:8b:0f:11:ef:7b:b8:3f:78:62:5f:4a:d6:f9:
65:1c:12:70:4e:71:12:ab:40:1a:e2:81:0b:44:94:
d6:dc:8a:70:06:d7:80:91:ac:c9:cb:36:08:31:f8:
ce:97:be:82:e9:15:0e:ac:2d:ce:0e:56:b1:bb:01:
b2:e3:68:ca:48:0f:0e:9d:76:fd:55:36:a1:21:54:
08:fb:ec:2a:b9:28:26:f3:42:fe:d4:b1:16:05:d4:
cb:5b:4d:6a:6b:b9:5c:51:ed:a0:0c:2f:b7:8c:93:
af:0a:e8:58:e6:b9:df:25:bc:7f:41:57:25:63:65:
e0:b1:ec:0b:39:38:34:ef:47:78:e1:76:7d:68:78:
21:09:ec:e2:d8:f8:b9:95:df:b4:b2:ef:96:e6:90:
c1:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:35:93:2C:11:37:02:C5:D1:D4:FF:2A:83:A2:22:C0:CF:01:02:B4
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/rzWTLBE3AsXR1P8qg6IiwM8BArQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.246.0/24
45.131.65.0/24
45.134.39.0/24
45.137.70.0/24
194.62.248.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:45:e3:93:c0:8c:2c:d4:b4:87:9c:73:4d:32:f1:15:51:7a:
77:b7:00:f6:35:31:5d:8a:38:cf:d4:d9:ee:0a:cb:87:52:da:
17:ce:22:81:8f:47:66:ee:a3:31:f6:c7:0c:09:88:a9:42:ee:
f8:e6:38:9d:95:45:1c:7d:ae:22:5f:19:99:98:db:cd:b7:88:
4d:cc:04:28:e9:fb:97:1d:26:d9:d2:17:7f:3a:c6:9e:34:9e:
c3:7a:bd:62:d2:1d:36:4a:31:39:8c:dd:96:8e:25:e7:8f:32:
e0:35:7f:23:16:87:a2:62:be:46:f1:b0:40:f1:e2:f5:3b:26:
bc:08:7d:fb:5e:43:c6:84:52:d2:21:47:2e:62:9b:30:26:7f:
c5:12:07:31:6d:c4:47:0f:45:53:dc:62:72:60:12:33:00:14:
84:bd:dc:60:6a:a2:ac:3b:c5:c1:dd:bb:3e:a1:e6:69:0e:88:
6e:91:68:03:07:b9:9b:2d:f4:fa:fe:ab:22:37:e4:9e:7e:c6:
f2:39:38:4b:4e:75:36:b3:56:35:9a:c5:46:df:6f:b5:7a:1d:
0a:e6:47:08:3c:80:0a:87:f4:aa:59:f2:78:98:41:16:95:21:
23:34:22:e0:02:d9:25:41:6f:dd:3d:2b:50:cc:07:7c:85:a9:
0f:33:4e:27
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZWjtbcFbJdTYhFXnmyHE6HoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjUwMzE3MTA0NTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjM1OTMyYzExMzcwMmM1ZDFkNGZmMmE4M2EyMjJjMGNmMDEwMmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRxylYjr3Sl8xvcBvBL6xAHfPGdQ
e2WYgvj5cq4WzT9JuKlZbuXq5X9ZA5JXMI6AO8SctzzjqwYq9Bni6DmJroLN25zT
FvngUUJsbrx9cfiz/Pg+YgaSRCpCFlhVbb+i+GzeVlZy23uncYsPEe97uD94Yl9K
1vllHBJwTnESq0Aa4oELRJTW3IpwBteAkazJyzYIMfjOl76C6RUOrC3ODlaxuwGy
42jKSA8OnXb9VTahIVQI++wquSgm80L+1LEWBdTLW01qa7lcUe2gDC+3jJOvCuhY
5rnfJbx/QVclY2XgsewLOTg070d44XZ9aHghCezi2Pi5ld+0su+W5pDBFwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFK81kywRNwLF0dT/KoOiIsDPAQK0MB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvcnpXVExCRTNBc1hSMVA4cWc2SWl3TThCQXJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjj2AwQA
LYNBAwQALYYnAwQALYlGAwQAwj74MA0GCSqGSIb3DQEBCwUAA4IBAQA/ReOTwIws
1LSHnHNNMvEVUXp3twD2NTFdijjP1NnuCsuHUtoXziKBj0dm7qMx9scMCYipQu74
5jidlUUcfa4iXxmZmNvNt4hNzAQo6fuXHSbZ0hd/OsaeNJ7Der1i0h02SjE5jN2W
jiXnjzLgNX8jFoeiYr5G8bBA8eL1Oya8CH37XkPGhFLSIUcuYpswJn/FEgcxbcRH
D0VT3GJyYBIzABSEvdxgaqKsO8XB3bs+oeZpDohukWgDB7mbLfT6/qsiN+Sefsby
OThLTnU2s1Y1msVG32+1eh0K5kcIPIAKh/SqWfJ4mEEWlSEjNCLgAtklQW/dPStQ
zAd8hakPM04n
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:31:27 2025 by rpki-client