Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/zhNKqOe_FfjdMehCEySeqrv-Hhc.roa
File: zhNKqOe_FfjdMehCEySeqrv-Hhc.roa (raw, json)
Hash identifier: JAvYcpGzwqNmTclfAY0lTzi4lyGscGDi7dPtRuF1EMM=
Subject key identifier: CE:13:4A:A8:E7:BF:15:F8:DD:31:E8:42:13:24:9E:AA:BB:FE:1E:17
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 0194282399E9CA6D28F9FAD9EF5C6D2464FE
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/zhNKqOe_FfjdMehCEySeqrv-Hhc.roa
Signing time: Thu 02 Jan 2025 17:50:09 +0000
ROA not before: Thu 02 Jan 2025 17:50:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 399641
IP address blocks: 45.154.157.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:99:e9:ca:6d:28:f9:fa:d9:ef:5c:6d:24:64:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Jan 2 17:50:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ce134aa8e7bf15f8dd31e84213249eaabbfe1e17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:79:fd:11:61:62:be:e3:a8:c6:e7:c6:ce:11:
39:75:65:c0:18:1a:24:c9:78:b6:c4:f3:70:2e:e8:
0b:e3:5c:01:1b:84:07:5b:25:8b:e2:7a:13:d9:86:
ec:3b:76:b5:fb:5a:58:b4:31:b1:f4:a6:b3:a1:b4:
48:4c:21:e8:b9:09:af:0e:cc:a3:3e:d9:88:8f:09:
d0:db:7a:39:c9:64:97:2f:f0:50:a1:42:eb:71:9e:
d8:71:61:ca:f7:77:97:ff:6a:0f:44:69:a2:6d:a0:
82:1d:59:14:ef:c8:ae:0c:a8:7a:a1:38:e1:f0:c8:
0e:69:79:48:f5:4c:13:ae:51:84:70:9c:d2:ad:72:
b7:01:42:c1:58:2b:be:0c:e4:2f:93:5b:17:7d:98:
e6:43:88:2b:53:2b:4c:01:ed:04:fa:bf:bc:1d:bd:
ba:a4:23:90:f0:10:65:f6:13:76:df:08:c5:d8:a2:
4f:40:44:f1:63:ef:73:f5:0f:28:c9:31:d0:62:8f:
53:c9:0a:d1:9e:70:62:a0:a7:09:3d:ba:b3:6b:d4:
9c:99:44:38:7f:d8:8b:6c:c6:1c:18:26:e9:14:64:
b0:b0:3d:9d:3b:d9:18:6c:3b:6a:5b:6f:0d:26:c3:
7b:b1:1c:b8:3b:d7:62:9f:d5:79:8e:18:8f:3c:9c:
e6:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:13:4A:A8:E7:BF:15:F8:DD:31:E8:42:13:24:9E:AA:BB:FE:1E:17
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/zhNKqOe_FfjdMehCEySeqrv-Hhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.157.0/24
Signature Algorithm: sha256WithRSAEncryption
23:10:05:aa:a0:f0:6d:4c:1b:c5:95:a0:3d:39:5b:6f:76:6d:
67:d0:8e:5b:c4:42:89:8d:cf:06:71:25:00:ef:98:c9:f3:92:
16:25:a7:87:d4:29:b3:db:fb:24:e6:59:7f:c2:41:5b:68:73:
b4:ce:22:f5:d1:58:d0:59:12:e0:cf:97:e0:c6:10:d4:11:cf:
b4:b3:71:be:ad:c1:19:c9:db:02:f2:58:f1:8c:35:e1:22:2f:
ec:01:62:98:10:60:cd:af:50:86:c8:ea:35:a5:de:7f:b4:31:
94:2b:42:a9:6b:49:f7:4b:b5:e5:71:be:95:35:c9:13:71:31:
0b:ca:8e:fd:2c:97:81:b4:38:c8:8e:25:82:18:1f:ba:3f:7e:
13:14:06:27:49:d1:94:d0:be:d3:e7:38:ff:6c:8b:39:19:51:
fb:96:bd:33:d9:02:3c:b4:b9:d3:42:ff:f1:81:8c:c1:3b:6b:
c1:fb:4a:33:65:8e:b0:51:29:76:c9:87:3e:17:3d:99:9d:bf:
aa:85:6f:be:dc:09:c3:96:a9:41:e5:85:1e:0d:53:28:10:00:
b4:90:9b:32:e8:f6:ae:37:73:11:5a:2a:6e:fa:17:82:db:88:
15:cf:7d:eb:03:5a:2b:55:43:a7:70:83:d9:e0:43:9b:cf:4d:
6a:21:c4:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoI5npym0o+frZ71xtJGT+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjUwMTAyMTc1MDA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTEzNGFhOGU3YmYxNWY4ZGQzMWU4NDIxMzI0OWVhYWJiZmUxZTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Hn9EWFivuOoxufGzhE5dWXAGBok
yXi2xPNwLugL41wBG4QHWyWL4noT2YbsO3a1+1pYtDGx9KazobRITCHouQmvDsyj
PtmIjwnQ23o5yWSXL/BQoULrcZ7YcWHK93eX/2oPRGmibaCCHVkU78iuDKh6oTjh
8MgOaXlI9UwTrlGEcJzSrXK3AULBWCu+DOQvk1sXfZjmQ4grUytMAe0E+r+8Hb26
pCOQ8BBl9hN23wjF2KJPQETxY+9z9Q8oyTHQYo9TyQrRnnBioKcJPbqza9ScmUQ4
f9iLbMYcGCbpFGSwsD2dO9kYbDtqW28NJsN7sRy4O9din9V5jhiPPJzmlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM4TSqjnvxX43THoQhMknqq7/h4XMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvemhOS3FPZV9GZmpkTWVoQ0V5U2VxcnYtSGhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZqdMA0G
CSqGSIb3DQEBCwUAA4IBAQAjEAWqoPBtTBvFlaA9OVtvdm1n0I5bxEKJjc8GcSUA
75jJ85IWJaeH1Cmz2/sk5ll/wkFbaHO0ziL10VjQWRLgz5fgxhDUEc+0s3G+rcEZ
ydsC8ljxjDXhIi/sAWKYEGDNr1CGyOo1pd5/tDGUK0Kpa0n3S7Xlcb6VNckTcTEL
yo79LJeBtDjIjiWCGB+6P34TFAYnSdGU0L7T5zj/bIs5GVH7lr0z2QI8tLnTQv/x
gYzBO2vB+0ozZY6wUSl2yYc+Fz2Znb+qhW++3AnDlqlB5YUeDVMoEAC0kJsy6Pau
N3MRWipu+heC24gVz33rA1orVUOncIPZ4EObz01qIcRR
-----END CERTIFICATE-----
Generated at Mon Apr 21 11:10:28 2025 by rpki-client