Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/zTeR0g5KBHiT06WLJWwrQn0fKP4.roa
File: zTeR0g5KBHiT06WLJWwrQn0fKP4.roa (raw, json)
Hash identifier: qD/Oro7lLiXcXWbUZHSIDXyhNOVhdsxWgG4/W0eZ46c=
Subject key identifier: CD:37:91:D2:0E:4A:04:78:93:D3:A5:8B:25:6C:2B:42:7D:1F:28:FE
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01942369C2581125C947E4206A6FFEC5A167
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/zTeR0g5KBHiT06WLJWwrQn0fKP4.roa
Signing time: Wed 01 Jan 2025 19:48:41 +0000
ROA not before: Wed 01 Jan 2025 19:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5511
IP address blocks: 107.150.169.0/24 maxlen: 24
107.150.173.0/24 maxlen: 24
162.218.177.0/24 maxlen: 24
162.218.178.0/24 maxlen: 24
167.160.1.0/24 maxlen: 24
167.160.2.0/24 maxlen: 24
185.192.213.0/24 maxlen: 24
185.192.214.0/24 maxlen: 24
185.203.149.0/24 maxlen: 24
185.203.150.0/24 maxlen: 24
185.212.173.0/24 maxlen: 24
185.212.174.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:c2:58:11:25:c9:47:e4:20:6a:6f:fe:c5:a1:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Jan 1 19:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd3791d20e4a047893d3a58b256c2b427d1f28fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:de:37:05:ac:cf:b7:5e:a3:13:98:c7:ab:d4:
6d:d5:8e:df:ab:ab:05:83:c4:8c:01:05:60:e6:23:
2c:dd:f1:35:1d:b1:e4:0c:b4:99:5e:e8:2c:36:88:
ce:63:46:d4:03:9d:3a:df:10:ed:49:87:45:c4:c1:
fd:a6:1b:7d:40:31:d7:21:e1:cb:30:50:1f:53:b9:
6d:bd:44:91:ce:f2:b2:43:d2:5f:5a:78:96:8c:9f:
26:32:1f:5b:63:47:96:02:4f:d9:72:ff:16:0b:9a:
0f:76:c9:7a:46:0b:0d:a9:64:ce:d3:03:15:24:cf:
eb:2a:b8:b7:17:4a:4a:ec:6f:cb:18:da:e5:a9:04:
c0:75:d4:3f:51:be:dc:b5:bc:6c:fe:9e:58:7c:85:
40:d1:9f:ca:f0:77:3d:d8:0e:bd:8c:64:b1:e2:1c:
db:b8:d4:3f:d5:9a:97:a2:89:57:db:da:86:7c:ba:
72:43:d2:0c:f4:19:da:65:17:64:06:de:a0:dc:83:
44:8a:1c:cf:d1:26:2f:e8:b2:53:aa:78:83:a4:f5:
65:1f:b5:74:99:62:96:76:5b:73:2d:a4:5f:eb:07:
6b:0f:cc:15:c5:e2:c0:c6:54:60:08:20:92:4e:f8:
14:a3:b9:cc:6d:49:ac:c3:f7:d2:4d:8a:54:e1:be:
c6:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:37:91:D2:0E:4A:04:78:93:D3:A5:8B:25:6C:2B:42:7D:1F:28:FE
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/zTeR0g5KBHiT06WLJWwrQn0fKP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
107.150.169.0/24
107.150.173.0/24
162.218.177.0-162.218.178.255
167.160.1.0-167.160.2.255
185.192.213.0-185.192.214.255
185.203.149.0-185.203.150.255
185.212.173.0-185.212.174.255
Signature Algorithm: sha256WithRSAEncryption
d6:40:7b:17:27:60:43:f6:3b:0e:e4:bc:15:13:c2:d5:de:d3:
d4:a5:c9:ae:52:7e:a9:bd:34:b3:de:b3:95:3d:3d:77:e8:09:
e2:b1:eb:21:fa:c0:e0:77:47:fc:56:34:ce:f7:ea:c1:f5:63:
bb:76:25:dd:7b:d6:fe:ff:a1:7d:e3:dc:48:76:53:e3:1c:09:
a8:31:33:eb:43:6e:7a:fe:96:57:d0:e5:c8:14:c0:be:d1:19:
ec:d8:80:b2:f8:d0:bf:c5:87:8c:5e:66:32:46:a3:cf:61:02:
ad:49:6c:4a:c4:6b:f7:77:f3:76:63:a6:81:13:f3:2c:b7:f6:
3f:cd:e9:f1:a2:be:4f:52:7c:a4:7c:70:88:2f:f1:2c:0f:d9:
cc:90:89:16:e8:a3:bd:43:08:b2:69:59:0c:1a:81:91:da:55:
ba:50:d7:07:c8:f1:70:13:e2:fb:bb:38:80:ed:ef:bf:20:95:
f8:9b:a9:96:0d:5c:49:7f:fd:a1:c5:49:00:60:8a:2e:df:94:
8e:d2:a0:33:ce:2f:59:fd:fc:92:59:c0:13:5c:64:30:06:d1:
66:e0:a4:12:1b:82:be:cd:20:d5:d1:21:01:a2:7a:41:4c:dd:
b6:a2:1c:82:cc:bf:34:c0:96:25:23:ba:fd:a4:cb:e2:49:af:
b3:50:b0:2b
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZQjacJYESXJR+Qgam/+xaFnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwMTAxMTk0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDM3OTFkMjBlNGEwNDc4OTNkM2E1OGIyNTZjMmI0MjdkMWYyOGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArt43BazPt16jE5jHq9Rt1Y7fq6sF
g8SMAQVg5iMs3fE1HbHkDLSZXugsNojOY0bUA5063xDtSYdFxMH9pht9QDHXIeHL
MFAfU7ltvUSRzvKyQ9JfWniWjJ8mMh9bY0eWAk/Zcv8WC5oPdsl6RgsNqWTO0wMV
JM/rKri3F0pK7G/LGNrlqQTAddQ/Ub7ctbxs/p5YfIVA0Z/K8Hc92A69jGSx4hzb
uNQ/1ZqXoolX29qGfLpyQ9IM9BnaZRdkBt6g3INEihzP0SYv6LJTqniDpPVlH7V0
mWKWdltzLaRf6wdrD8wVxeLAxlRgCCCSTvgUo7nMbUmsw/fSTYpU4b7GxQIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFM03kdIOSgR4k9OliyVsK0J9Hyj+MB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvelRlUjBnNUtCSGlUMDZXTEpXd3JRbjBmS1A0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQAa5apAwQA
a5atMAwDBACi2rEDBACi2rIwDAMEAKegAQMEAKegAjAMAwQAucDVAwQAucDWMAwD
BAC5y5UDBAC5y5YwDAMEALnUrQMEALnUrjANBgkqhkiG9w0BAQsFAAOCAQEA1kB7
FydgQ/Y7DuS8FRPC1d7T1KXJrlJ+qb00s96zlT09d+gJ4rHrIfrA4HdH/FY0zvfq
wfVju3Yl3XvW/v+hfePcSHZT4xwJqDEz60Nuev6WV9DlyBTAvtEZ7NiAsvjQv8WH
jF5mMkajz2ECrUlsSsRr93fzdmOmgRPzLLf2P83p8aK+T1J8pHxwiC/xLA/ZzJCJ
FuijvUMIsmlZDBqBkdpVulDXB8jxcBPi+7s4gO3vvyCV+Juplg1cSX/9ocVJAGCK
Lt+UjtKgM84vWf38klnAE1xkMAbRZuCkEhuCvs0g1dEhAaJ6QUzdtqIcgsy/NMCW
JSO6/aTL4kmvs1CwKw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:29:57 2025 by rpki-client