Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/ca8c72-3138-492e-802c-95795d8cd1d3/1/zfAL5CXGaQIsE5kg3e-bPisMwRQ.roa
File: zfAL5CXGaQIsE5kg3e-bPisMwRQ.roa (raw, json)
Hash identifier: RRvcm6DHIL81W5MfPKwHO/u3IuYrUkwwmzGODz9VsJk=
Subject key identifier: CD:F0:0B:E4:25:C6:69:02:2C:13:99:20:DD:EF:9B:3E:2B:0C:C1:14
Certificate issuer: /CN=cd31e9501f97a0b91bd12690b77814ce4dee52b6
Certificate serial: 01E7FAC5
Authority key identifier: CD:31:E9:50:1F:97:A0:B9:1B:D1:26:90:B7:78:14:CE:4D:EE:52:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zTHpUB-XoLkb0SaQt3gUzk3uUrY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/ca8c72-3138-492e-802c-95795d8cd1d3/1/zfAL5CXGaQIsE5kg3e-bPisMwRQ.roa
Signing time: Sat 01 Jan 2022 06:55:39 +0000
ROA not before: Sat 01 Jan 2022 06:55:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198411
IP address blocks: 5.226.17.0/24 maxlen: 24
5.226.16.0/20 maxlen: 20
5.226.20.0/24 maxlen: 24
5.226.21.0/24 maxlen: 24
5.226.19.0/24 maxlen: 24
5.226.24.0/24 maxlen: 24
5.226.18.0/24 maxlen: 24
5.226.22.0/24 maxlen: 24
5.226.23.0/24 maxlen: 24
5.226.27.0/24 maxlen: 24
5.226.28.0/24 maxlen: 24
5.226.25.0/24 maxlen: 24
5.226.26.0/24 maxlen: 24
5.226.31.0/24 maxlen: 24
5.226.29.0/24 maxlen: 24
5.226.30.0/24 maxlen: 24
45.157.56.0/24 maxlen: 24
45.157.57.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31980229 (0x1e7fac5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd31e9501f97a0b91bd12690b77814ce4dee52b6
Validity
Not Before: Jan 1 06:55:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cdf00be425c669022c139920ddef9b3e2b0cc114
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:1f:b8:97:43:f9:19:ba:39:18:6c:17:ff:b1:
1d:ee:5a:84:34:60:3c:27:f3:3e:ec:a7:5b:bb:ff:
c5:77:bb:70:65:1e:b5:39:1a:bc:2c:30:40:31:6c:
3b:65:fe:68:55:7d:c5:2b:8b:ce:88:58:84:41:3e:
70:55:c6:ca:2a:ec:1a:a4:7f:d8:2c:1f:b7:fa:e9:
0e:e2:19:ed:6e:e3:62:eb:42:4a:ff:d3:a3:5c:80:
ae:fe:67:ca:80:0f:74:66:58:90:8c:ef:e2:b0:e8:
b3:c8:e6:34:c9:38:8f:04:72:8b:84:a1:a1:e8:8c:
8d:1a:ef:48:8d:b3:78:82:e2:9a:9b:b8:db:54:15:
83:cd:90:fc:68:2a:09:20:47:d7:11:bb:8e:49:07:
5e:6d:f2:59:30:b2:03:cd:fc:21:c4:38:e8:e9:dd:
3a:80:81:ae:93:3b:de:78:c9:37:01:ca:65:67:1c:
91:eb:bb:a1:a8:0c:77:25:4f:6e:ad:c9:55:b3:f4:
3b:28:6a:90:8c:ec:78:33:00:f5:5e:59:2a:a5:ab:
19:8a:68:ec:80:df:23:3e:27:e0:4c:cf:bd:63:90:
ca:ed:c9:bb:e9:f7:14:8f:4b:e7:2b:97:3f:9f:81:
20:16:57:b1:56:0c:a3:0f:97:a1:41:98:05:8d:20:
46:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:F0:0B:E4:25:C6:69:02:2C:13:99:20:DD:EF:9B:3E:2B:0C:C1:14
X509v3 Authority Key Identifier:
keyid:CD:31:E9:50:1F:97:A0:B9:1B:D1:26:90:B7:78:14:CE:4D:EE:52:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zTHpUB-XoLkb0SaQt3gUzk3uUrY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/ca8c72-3138-492e-802c-95795d8cd1d3/1/zfAL5CXGaQIsE5kg3e-bPisMwRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/ca8c72-3138-492e-802c-95795d8cd1d3/1/zTHpUB-XoLkb0SaQt3gUzk3uUrY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.16.0/20
45.157.56.0/23
Signature Algorithm: sha256WithRSAEncryption
25:51:84:75:85:cf:5b:d1:6b:ff:18:79:82:4c:9b:14:ef:b1:
b3:9f:28:8f:41:9d:6f:25:69:82:ab:c5:32:25:c0:35:57:7d:
9b:7d:52:9d:06:23:50:87:b6:a2:0b:27:fa:4c:72:27:8d:83:
e8:1e:73:90:ec:5d:a6:0f:b0:db:55:aa:06:3a:02:32:e5:ee:
24:51:c3:2d:31:a6:ed:e5:ff:c0:11:42:ec:a2:da:fa:61:b9:
57:df:92:f9:48:56:b2:e6:63:a2:93:e8:1c:ef:9b:a3:f9:4e:
2a:80:3e:33:9b:00:2c:c5:70:04:28:7b:a3:5d:e6:ac:7f:e5:
d2:c4:e5:d6:66:36:d3:7d:16:52:8a:26:87:84:6f:62:68:58:
20:2a:fc:f3:10:da:7e:a6:93:50:6e:b9:8d:ed:a2:32:a6:1b:
9f:55:bf:12:42:2d:50:24:c3:01:b7:1d:58:4f:40:c3:73:04:
3b:94:51:8d:4a:17:ff:80:b5:3c:d9:d5:27:35:3d:34:2e:ab:
25:be:ef:4f:b5:61:ce:39:90:22:85:f1:96:9f:63:c2:c9:10:
50:c0:fd:db:db:a1:77:fa:ef:c3:aa:92:06:00:a7:e2:47:1a:
b6:df:27:2d:e9:d6:23:52:0f:ce:03:70:b9:d3:a4:66:f7:7d:
5e:95:89:4a
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAef6xTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZDMxZTk1MDFmOTdhMGI5MWJkMTI2OTBiNzc4MTRjZTRkZWU1MmI2MB4XDTIyMDEw
MTA2NTUzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2RmMDBiZTQyNWM2
NjkwMjJjMTM5OTIwZGRlZjliM2UyYjBjYzExNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMcfuJdD+Rm6ORhsF/+xHe5ahDRgPCfzPuynW7v/xXe7cGUe
tTkavCwwQDFsO2X+aFV9xSuLzohYhEE+cFXGyirsGqR/2Cwft/rpDuIZ7W7jYutC
Sv/To1yArv5nyoAPdGZYkIzv4rDos8jmNMk4jwRyi4ShoeiMjRrvSI2zeILimpu4
21QVg82Q/GgqCSBH1xG7jkkHXm3yWTCyA838IcQ46OndOoCBrpM73njJNwHKZWcc
keu7oagMdyVPbq3JVbP0OyhqkIzseDMA9V5ZKqWrGYpo7IDfIz4n4EzPvWOQyu3J
u+n3FI9L5yuXP5+BIBZXsVYMow+XoUGYBY0gRkcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTN8AvkJcZpAiwTmSDd75s+KwzBFDAfBgNVHSMEGDAWgBTNMelQH5eguRvR
JpC3eBTOTe5StjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pUSHBVQi1Yb0xrYjBTYVF0M2dVemszdVVyWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGUvY2E4YzcyLTMxMzgtNDkyZS04MDJjLTk1Nzk1ZDhjZDFkMy8x
L3pmQUw1Q1hHYVFJc0U1a2czZS1iUGlzTXdSUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUv
Y2E4YzcyLTMxMzgtNDkyZS04MDJjLTk1Nzk1ZDhjZDFkMy8xL3pUSHBVQi1Yb0xr
YjBTYVF0M2dVemszdVVyWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEBAXiEAMEAS2dODANBgkqhkiG9w0B
AQsFAAOCAQEAJVGEdYXPW9Fr/xh5gkybFO+xs58oj0GdbyVpgqvFMiXANVd9m31S
nQYjUIe2ogsn+kxyJ42D6B5zkOxdpg+w21WqBjoCMuXuJFHDLTGm7eX/wBFC7KLa
+mG5V9+S+UhWsuZjopPoHO+bo/lOKoA+M5sALMVwBCh7o13mrH/l0sTl1mY2030W
Uoomh4RvYmhYICr88xDafqaTUG65je2iMqYbn1W/EkItUCTDAbcdWE9Aw3MEO5RR
jUoX/4C1PNnVJzU9NC6rJb7vT7VhzjmQIoXxlp9jwskQUMD929uhd/rvw6qSBgCn
4kcatt8nLenWI1IPzgNwudOkZvd9XpWJSg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:18 2024 by rpki-client on console-ams.rpki-client.org