Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/cf3ca3-1cd7-4312-ba73-83c8596229fa/1/Z5oc3wu8tH1rnclMrGRzmWwm7lA.roa
File: Z5oc3wu8tH1rnclMrGRzmWwm7lA.roa (raw, json)
Hash identifier: nntjJcdFHiBMVaYz1aKU/xgweJKgdcTd63k1ykIg+gc=
Subject key identifier: 67:9A:1C:DF:0B:BC:B4:7D:6B:9D:C9:4C:AC:64:73:99:6C:26:EE:50
Certificate issuer: /CN=d24f497d157847005336b777361b1d20905c5213
Certificate serial: 01856DE63C5BCF85E8FD18912145003DE609
Authority key identifier: D2:4F:49:7D:15:78:47:00:53:36:B7:77:36:1B:1D:20:90:5C:52:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0k9JfRV4RwBTNrd3NhsdIJBcUhM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/cf3ca3-1cd7-4312-ba73-83c8596229fa/1/Z5oc3wu8tH1rnclMrGRzmWwm7lA.roa
Signing time: Sun 01 Jan 2023 15:14:43 +0000
ROA not before: Sun 01 Jan 2023 15:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208431
IP address blocks: 45.136.222.0/24 maxlen: 24
45.136.220.0/23 maxlen: 24
2a0e:9b41::/32 maxlen: 48
2a0e:9b40::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:3c:5b:cf:85:e8:fd:18:91:21:45:00:3d:e6:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d24f497d157847005336b777361b1d20905c5213
Validity
Not Before: Jan 1 15:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=679a1cdf0bbcb47d6b9dc94cac6473996c26ee50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:00:22:47:38:bc:4e:3b:97:0b:3e:5b:8d:28:
7d:72:31:f6:17:2f:4f:81:6f:7b:2b:cc:15:b9:aa:
ea:bd:d3:c2:99:21:cf:2c:8a:f9:cb:c7:3d:0b:3e:
66:53:8c:04:8d:ef:0a:f9:f1:7b:67:ae:c1:aa:db:
63:da:26:36:35:bc:45:97:ac:b9:0c:fa:5f:b2:38:
8f:36:05:53:38:bb:c0:5e:47:01:76:80:9f:db:d8:
c9:0c:37:af:06:d2:cc:f4:c5:c0:a2:d6:18:c2:29:
55:6f:91:8f:bf:04:ec:15:d8:f0:68:97:c6:cf:61:
60:23:09:1b:36:04:91:1d:2d:91:10:b2:43:13:25:
11:cd:67:9c:c0:41:15:f3:f8:4b:75:4b:e3:e9:60:
41:f3:eb:17:8f:3c:91:b5:81:d7:6b:cb:6a:77:52:
90:23:eb:c1:38:0e:b5:73:8f:eb:29:b5:93:01:03:
84:cd:22:80:b4:9a:24:ab:1f:2d:f0:69:e7:e4:b5:
72:9b:9b:f0:28:de:2f:eb:53:a6:d4:4f:be:77:44:
55:f9:5b:ec:b5:bd:80:f1:21:1a:1c:3c:9f:bf:58:
8d:6e:28:95:26:81:e8:44:4e:60:e5:29:90:e6:f2:
e4:f0:41:46:64:30:63:c5:14:85:82:3c:54:a7:48:
a7:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:9A:1C:DF:0B:BC:B4:7D:6B:9D:C9:4C:AC:64:73:99:6C:26:EE:50
X509v3 Authority Key Identifier:
keyid:D2:4F:49:7D:15:78:47:00:53:36:B7:77:36:1B:1D:20:90:5C:52:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0k9JfRV4RwBTNrd3NhsdIJBcUhM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/cf3ca3-1cd7-4312-ba73-83c8596229fa/1/Z5oc3wu8tH1rnclMrGRzmWwm7lA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/cf3ca3-1cd7-4312-ba73-83c8596229fa/1/0k9JfRV4RwBTNrd3NhsdIJBcUhM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.220.0-45.136.222.255
IPv6:
2a0e:9b40::/31
Signature Algorithm: sha256WithRSAEncryption
1c:d9:b0:0e:3f:e6:07:b8:04:70:e7:8e:4f:58:08:bf:5d:af:
d5:9d:b9:03:f9:87:4b:14:82:5b:07:c9:c4:d0:cb:85:54:4a:
2a:39:bc:b4:fd:de:10:ab:7d:e1:37:5d:90:21:51:f7:8d:5d:
cd:2f:b9:df:98:44:aa:c7:d5:89:fa:1e:5d:b8:db:70:e1:9b:
dc:3d:ec:d5:db:3b:ad:ed:a9:a9:07:cb:f8:ce:7c:75:9a:80:
9c:c2:94:ec:4f:c6:ac:bf:4b:99:99:0d:c4:3f:7f:e7:58:b7:
ff:eb:b4:95:a5:6c:e8:fd:89:73:95:ce:13:2d:23:1b:d7:2c:
0c:f1:09:6d:3d:43:8c:79:2b:c9:e2:4b:50:6a:94:9d:31:6c:
96:a7:02:17:ab:47:b4:63:6c:6a:41:22:ee:f7:f2:64:4b:b2:
7a:94:c0:e0:d3:8c:8c:0a:55:57:dc:54:88:16:df:31:8f:a9:
e8:96:ac:7a:a2:8e:3d:ec:ca:5c:66:d8:b9:9e:e4:7f:5c:c8:
a7:13:65:2a:10:a4:8b:d5:48:42:1a:ff:49:41:0e:3e:78:1a:
3a:9c:80:6f:9d:32:80:30:02:19:f4:2f:1e:39:a1:3b:07:ab:
83:56:64:ed:1b:fc:8e:a2:7c:b8:f2:0f:fd:94:bb:9a:0d:1a:
e5:9b:7f:70
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVt5jxbz4Xo/RiRIUUAPeYJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNGY0OTdkMTU3ODQ3MDA1MzM2Yjc3NzM2MWIxZDIwOTA1
YzUyMTMwHhcNMjMwMTAxMTUxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzlhMWNkZjBiYmNiNDdkNmI5ZGM5NGNhYzY0NzM5OTZjMjZlZTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1wAiRzi8TjuXCz5bjSh9cjH2Fy9P
gW97K8wVuarqvdPCmSHPLIr5y8c9Cz5mU4wEje8K+fF7Z67Bqttj2iY2NbxFl6y5
DPpfsjiPNgVTOLvAXkcBdoCf29jJDDevBtLM9MXAotYYwilVb5GPvwTsFdjwaJfG
z2FgIwkbNgSRHS2RELJDEyURzWecwEEV8/hLdUvj6WBB8+sXjzyRtYHXa8tqd1KQ
I+vBOA61c4/rKbWTAQOEzSKAtJokqx8t8Gnn5LVym5vwKN4v61Om1E++d0RV+Vvs
tb2A8SEaHDyfv1iNbiiVJoHoRE5g5SmQ5vLk8EFGZDBjxRSFgjxUp0inzwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGeaHN8LvLR9a53JTKxkc5lsJu5QMB8GA1UdIwQY
MBaAFNJPSX0VeEcAUza3dzYbHSCQXFITMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGs5SmZSVjRSd0JUTnJkM05oc2RJSkJjVWhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9jZjNjYTMtMWNkNy00MzEyLWJhNzMt
ODNjODU5NjIyOWZhLzEvWjVvYzN3dTh0SDFybmNsTXJHUnptV3dtN2xBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9jZjNjYTMtMWNkNy00MzEyLWJhNzMtODNjODU5NjIyOWZh
LzEvMGs5SmZSVjRSd0JUTnJkM05oc2RJSkJjVWhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAItiNwD
BAAtiN4wDQQCAAIwBwMFASoOm0AwDQYJKoZIhvcNAQELBQADggEBABzZsA4/5ge4
BHDnjk9YCL9dr9WduQP5h0sUglsHycTQy4VUSio5vLT93hCrfeE3XZAhUfeNXc0v
ud+YRKrH1Yn6Hl2423Dhm9w97NXbO63tqakHy/jOfHWagJzClOxPxqy/S5mZDcQ/
f+dYt//rtJWlbOj9iXOVzhMtIxvXLAzxCW09Q4x5K8niS1BqlJ0xbJanAherR7Rj
bGpBIu738mRLsnqUwODTjIwKVVfcVIgW3zGPqeiWrHqijj3sylxm2Lme5H9cyKcT
ZSoQpIvVSEIa/0lBDj54GjqcgG+dMoAwAhn0Lx45oTsHq4NWZO0b/I6ifLjyD/2U
u5oNGuWbf3A=
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:30:17 2025 by rpki-client