Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/75e36c-db1f-483e-b0ef-229051879b74/1/TzCEbM_FX1C8Etsgv1SpL73BfwY.roa
File: TzCEbM_FX1C8Etsgv1SpL73BfwY.roa (raw, json)
Hash identifier: 0+du4/EByKMALnvia/65AUVyk52kmBip6bBqdirNoQM=
Subject key identifier: 4F:30:84:6C:CF:C5:5F:50:BC:12:DB:20:BF:54:A9:2F:BD:C1:7F:06
Certificate issuer: /CN=ae29751a0ac81a657190546ea4780cd86140dc9f
Certificate serial: 0194266B27D0A42B6ACFE048C35625A03B73
Authority key identifier: AE:29:75:1A:0A:C8:1A:65:71:90:54:6E:A4:78:0C:D8:61:40:DC:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ril1GgrIGmVxkFRupHgM2GFA3J8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/75e36c-db1f-483e-b0ef-229051879b74/1/TzCEbM_FX1C8Etsgv1SpL73BfwY.roa
Signing time: Thu 02 Jan 2025 09:49:04 +0000
ROA not before: Thu 02 Jan 2025 09:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29119
IP address blocks: 5.252.0.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:27:d0:a4:2b:6a:cf:e0:48:c3:56:25:a0:3b:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae29751a0ac81a657190546ea4780cd86140dc9f
Validity
Not Before: Jan 2 09:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4f30846ccfc55f50bc12db20bf54a92fbdc17f06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:b6:96:9c:d5:f1:bf:12:f0:07:fb:74:70:8b:
d1:08:f4:7c:b0:d6:2f:43:50:aa:fc:00:51:b2:d1:
39:4e:3b:14:00:dc:97:a2:de:eb:3c:38:56:e4:30:
97:94:ea:81:61:e4:87:42:8d:66:d7:40:1c:61:4f:
20:f2:25:05:ae:84:7f:aa:90:87:eb:fb:05:b6:9c:
1f:19:b4:5d:d0:54:2b:e7:4c:38:d1:df:ea:a8:14:
43:c3:34:ae:92:32:ec:fc:22:14:b8:c4:de:cf:a7:
2f:5c:e5:11:d4:9e:5f:67:27:99:27:30:16:a7:51:
55:bf:0b:dc:24:b5:c4:a2:c5:43:85:3f:ff:02:85:
de:28:f5:bc:0a:25:6f:97:13:4a:08:e2:6e:98:64:
cf:ad:3a:f1:84:2f:b6:ed:18:11:c2:c4:29:4e:5a:
cc:c3:34:ca:42:ee:6a:44:24:aa:b7:fc:02:fd:52:
c8:d4:29:39:1e:34:28:23:7a:0a:fd:25:4d:c1:39:
b1:b8:e6:69:5d:ff:81:be:6e:e6:ad:01:d4:08:1b:
59:25:11:c7:a1:4f:39:d2:15:2f:c3:2b:c9:29:85:
9f:85:98:23:da:42:62:8f:b8:58:ee:b8:dd:fc:b1:
88:68:de:63:1a:24:f5:25:55:b8:85:68:26:cd:a1:
be:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:30:84:6C:CF:C5:5F:50:BC:12:DB:20:BF:54:A9:2F:BD:C1:7F:06
X509v3 Authority Key Identifier:
keyid:AE:29:75:1A:0A:C8:1A:65:71:90:54:6E:A4:78:0C:D8:61:40:DC:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ril1GgrIGmVxkFRupHgM2GFA3J8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/75e36c-db1f-483e-b0ef-229051879b74/1/TzCEbM_FX1C8Etsgv1SpL73BfwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/75e36c-db1f-483e-b0ef-229051879b74/1/ril1GgrIGmVxkFRupHgM2GFA3J8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.0.0/22
Signature Algorithm: sha256WithRSAEncryption
49:62:20:e9:a7:bf:ae:04:55:96:c6:87:84:cd:06:b6:fa:34:
44:25:1e:f1:52:b8:11:a3:b4:24:a2:26:f4:31:c6:1b:9e:3e:
f9:bc:36:2b:6d:bb:bf:e6:f9:14:e0:92:ae:92:49:22:c8:f0:
1d:55:55:cb:1e:44:d7:69:ef:09:0b:6f:3b:1b:a9:2c:11:e5:
59:5a:37:60:dc:1e:3f:02:a1:c8:dc:cc:13:c0:10:6f:36:7f:
31:1b:9d:01:e3:e3:6d:c1:a7:c7:1f:3f:fc:02:f9:98:fe:8e:
66:71:03:59:17:71:ca:9a:49:a8:5e:e3:41:c1:88:e2:3e:26:
16:81:d1:5f:84:4f:57:fd:ed:e2:a4:30:45:13:0f:6a:72:b5:
27:a6:f2:e6:bf:60:9b:95:dc:d2:b7:e1:94:82:17:44:af:86:
b7:80:57:56:78:b1:2c:f3:5f:13:c6:f8:30:32:bc:df:ce:a2:
27:a1:d1:f6:4b:fe:9e:5a:e8:d9:25:b1:df:f0:f0:e7:2d:9a:
71:28:03:ae:95:1d:9f:eb:be:3d:80:f5:e9:b7:0f:fd:21:64:
c4:d9:42:38:49:53:35:f2:11:45:86:2d:20:2a:f5:f2:6b:8e:
e5:ad:88:12:44:ab:d0:7b:59:68:4c:66:90:b7:b4:7b:d4:95:
a1:33:4c:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmayfQpCtqz+BIw1YloDtzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlMjk3NTFhMGFjODFhNjU3MTkwNTQ2ZWE0NzgwY2Q4NjE0
MGRjOWYwHhcNMjUwMTAyMDk0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjMwODQ2Y2NmYzU1ZjUwYmMxMmRiMjBiZjU0YTkyZmJkYzE3ZjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0raWnNXxvxLwB/t0cIvRCPR8sNYv
Q1Cq/ABRstE5TjsUANyXot7rPDhW5DCXlOqBYeSHQo1m10AcYU8g8iUFroR/qpCH
6/sFtpwfGbRd0FQr50w40d/qqBRDwzSukjLs/CIUuMTez6cvXOUR1J5fZyeZJzAW
p1FVvwvcJLXEosVDhT//AoXeKPW8CiVvlxNKCOJumGTPrTrxhC+27RgRwsQpTlrM
wzTKQu5qRCSqt/wC/VLI1Ck5HjQoI3oK/SVNwTmxuOZpXf+Bvm7mrQHUCBtZJRHH
oU850hUvwyvJKYWfhZgj2kJij7hY7rjd/LGIaN5jGiT1JVW4hWgmzaG+hwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE8whGzPxV9QvBLbIL9UqS+9wX8GMB8GA1UdIwQY
MBaAFK4pdRoKyBplcZBUbqR4DNhhQNyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmlsMUdncklHbVZ4a0ZSdXBIZ00yR0ZBM0o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy83NWUzNmMtZGIxZi00ODNlLWIwZWYt
MjI5MDUxODc5Yjc0LzEvVHpDRWJNX0ZYMUM4RXRzZ3YxU3BMNzNCZndZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy83NWUzNmMtZGIxZi00ODNlLWIwZWYtMjI5MDUxODc5Yjc0
LzEvcmlsMUdncklHbVZ4a0ZSdXBIZ00yR0ZBM0o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBfwAMA0G
CSqGSIb3DQEBCwUAA4IBAQBJYiDpp7+uBFWWxoeEzQa2+jREJR7xUrgRo7Qkoib0
McYbnj75vDYrbbu/5vkU4JKukkkiyPAdVVXLHkTXae8JC287G6ksEeVZWjdg3B4/
AqHI3MwTwBBvNn8xG50B4+NtwafHHz/8AvmY/o5mcQNZF3HKmkmoXuNBwYjiPiYW
gdFfhE9X/e3ipDBFEw9qcrUnpvLmv2CbldzSt+GUghdEr4a3gFdWeLEs818Txvgw
MrzfzqInodH2S/6eWujZJbHf8PDnLZpxKAOulR2f6749gPXptw/9IWTE2UI4SVM1
8hFFhi0gKvXya47lrYgSRKvQe1loTGaQt7R71JWhM0zu
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:49:17 2025 by rpki-client