Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/1-zte-RyPYt_iin3znIgXmYHhKvk.roa
File: 1-zte-RyPYt_iin3znIgXmYHhKvk.roa (raw, json)
Hash identifier: rHh6SBr5zJMOTMeV8fP6uuMuf2lzYoNWpSH77u+Rm90=
Subject key identifier: FB:3B:5E:F9:1C:8F:62:DF:E2:8A:7D:F3:9C:88:17:99:81:E1:2A:F9
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 01864A85D778BFDF6D396C88EE4B227F367F
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/1-zte-RyPYt_iin3znIgXmYHhKvk.roa
Signing time: Mon 13 Feb 2023 11:25:30 +0000
ROA not before: Mon 13 Feb 2023 11:25:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200019
IP address blocks: 109.111.52.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4a:85:d7:78:bf:df:6d:39:6c:88:ee:4b:22:7f:36:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Feb 13 11:25:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb3b5ef91c8f62dfe28a7df39c88179981e12af9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:8b:1b:21:f6:2a:71:53:c1:73:42:8b:cd:60:
0a:ac:76:2f:94:2d:92:41:98:92:62:74:72:b5:57:
97:78:6c:29:8e:ab:58:c9:e1:fe:d2:e9:37:86:6b:
1c:2d:12:d0:b1:51:d7:6c:3b:b0:58:4a:38:cb:ec:
56:f8:53:65:c2:b5:51:9a:7b:5c:3d:4e:e9:0d:04:
fb:a6:cf:79:22:d4:9d:a7:e1:0d:d5:4c:34:fd:de:
ea:a9:11:8d:03:bc:aa:23:a5:93:fa:23:f3:d4:22:
40:c5:26:87:7f:3a:07:dd:a7:4a:50:2f:ea:ba:4f:
07:6b:15:ac:cb:0a:0e:47:b1:18:c0:e1:24:0a:ab:
64:c7:bd:a7:1b:74:c4:2b:72:6b:31:87:8e:7b:ac:
cb:ca:cb:21:4d:9d:c6:94:85:47:62:86:95:e0:33:
7e:86:fe:bc:4e:80:90:4d:a7:9f:df:d2:e5:89:54:
2b:be:22:5f:0e:46:62:7b:aa:e7:04:e7:4c:95:90:
ca:3c:6d:89:bd:10:fc:80:66:b7:29:cd:66:4a:91:
1f:2d:6a:25:39:f8:63:2f:d4:5f:04:73:a1:70:0b:
5e:e1:26:d1:92:3c:23:e1:5a:1a:2f:14:62:61:cb:
73:05:4e:b2:e4:92:1d:a9:90:f5:2e:81:8b:7c:4b:
38:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:3B:5E:F9:1C:8F:62:DF:E2:8A:7D:F3:9C:88:17:99:81:E1:2A:F9
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/1-zte-RyPYt_iin3znIgXmYHhKvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.111.52.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:1b:00:38:74:6c:1c:59:3a:7c:3e:89:63:79:f2:e0:d8:d3:
d7:42:cc:3f:b8:b6:ab:a4:8e:ef:de:6d:14:81:31:56:d4:52:
c4:f2:d8:c1:17:51:d6:65:3a:63:bc:a0:17:2c:a9:31:68:2a:
a9:5e:07:f1:c9:90:a4:d5:d5:1a:d2:36:78:4a:89:78:c4:d7:
13:d1:90:f8:86:6c:a0:24:3b:d1:cf:a0:e1:88:19:b6:d5:a9:
4a:a3:d5:ed:eb:6a:cf:76:c9:5c:89:51:90:8b:51:47:ae:49:
5e:1f:a5:7c:93:b6:8f:f4:a2:5d:7e:a1:2d:52:13:0b:d7:54:
3a:04:72:a8:1a:1c:3f:a0:89:29:2f:e5:fd:ec:03:54:65:c1:
e0:86:df:6d:2e:2b:9f:39:93:1f:87:58:79:e7:2c:f5:cd:cf:
60:49:8c:93:df:2e:78:62:28:95:5e:10:29:78:77:26:0e:9f:
51:2d:00:ee:d1:e4:01:ad:1d:b7:8c:34:a7:a5:32:76:0d:4d:
ed:cd:9d:52:dd:c3:27:4c:08:35:d6:ef:de:8e:12:91:6b:c2:
51:eb:1c:16:f8:14:3b:09:fb:9e:cd:e8:e5:25:54:9f:5a:36:
aa:83:4f:32:9b:e3:85:41:42:b6:35:9c:b5:72:7f:06:59:a8:
c1:18:d4:9e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYZKhdd4v99tOWyI7ksifzZ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjMwMjEzMTEyNTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjNiNWVmOTFjOGY2MmRmZTI4YTdkZjM5Yzg4MTc5OTgxZTEyYWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYsbIfYqcVPBc0KLzWAKrHYvlC2S
QZiSYnRytVeXeGwpjqtYyeH+0uk3hmscLRLQsVHXbDuwWEo4y+xW+FNlwrVRmntc
PU7pDQT7ps95ItSdp+EN1Uw0/d7qqRGNA7yqI6WT+iPz1CJAxSaHfzoH3adKUC/q
uk8HaxWsywoOR7EYwOEkCqtkx72nG3TEK3JrMYeOe6zLysshTZ3GlIVHYoaV4DN+
hv68ToCQTaef39LliVQrviJfDkZie6rnBOdMlZDKPG2JvRD8gGa3Kc1mSpEfLWol
OfhjL9RfBHOhcAte4SbRkjwj4VoaLxRiYctzBU6y5JIdqZD1LoGLfEs44QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPs7Xvkcj2Lf4op985yIF5mB4Sr5MB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvMS16dGUtUnlQWXRfaWluM3puSWdYbVlIaEt2ay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDIvNTdhMzRmLWUzM2ItNGUxNy1iYzMyLTY2NDU3NzI0YzJk
My8xL2IzWGs2VXRjdDBVWHQ3QVZhQUZkcWVidXpiWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAm1vNDAN
BgkqhkiG9w0BAQsFAAOCAQEATBsAOHRsHFk6fD6JY3ny4NjT10LMP7i2q6SO795t
FIExVtRSxPLYwRdR1mU6Y7ygFyypMWgqqV4H8cmQpNXVGtI2eEqJeMTXE9GQ+IZs
oCQ70c+g4YgZttWpSqPV7etqz3bJXIlRkItRR65JXh+lfJO2j/SiXX6hLVITC9dU
OgRyqBocP6CJKS/l/ewDVGXB4IbfbS4rnzmTH4dYeecs9c3PYEmMk98ueGIolV4Q
KXh3Jg6fUS0A7tHkAa0dt4w0p6Uydg1N7c2dUt3DJ0wINdbv3o4SkWvCUescFvgU
Own7ns3o5SVUn1o2qoNPMpvjhUFCtjWctXJ/BlmowRjUng==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:19:54 2025 by rpki-client