Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/bab53b-3115-41c5-87ea-c00454e0b12a/1/zNMPyiIXGaxx9cm884sEgQuS0MM.roa
File: zNMPyiIXGaxx9cm884sEgQuS0MM.roa (raw, json)
Hash identifier: 0iqw9fs/VK4XNIViDo/4+YHR1tNtB+hVwjE2lBZEMrI=
Subject key identifier: CC:D3:0F:CA:22:17:19:AC:71:F5:C9:BC:F3:8B:04:81:0B:92:D0:C3
Certificate issuer: /CN=2cd9516db9417952dedd9252fe5d83f09a3d99f5
Certificate serial: 018570306FBEA500CB82CFE3E28E8A7E70F2
Authority key identifier: 2C:D9:51:6D:B9:41:79:52:DE:DD:92:52:FE:5D:83:F0:9A:3D:99:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LNlRbblBeVLe3ZJS_l2D8Jo9mfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/bab53b-3115-41c5-87ea-c00454e0b12a/1/zNMPyiIXGaxx9cm884sEgQuS0MM.roa
Signing time: Mon 02 Jan 2023 01:55:00 +0000
ROA not before: Mon 02 Jan 2023 01:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201211
IP address blocks: 46.21.240.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:6f:be:a5:00:cb:82:cf:e3:e2:8e:8a:7e:70:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cd9516db9417952dedd9252fe5d83f09a3d99f5
Validity
Not Before: Jan 2 01:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ccd30fca221719ac71f5c9bcf38b04810b92d0c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d6:28:15:c9:de:2c:33:75:33:cb:98:17:4a:
19:1a:7b:3e:02:f3:e7:fe:1e:14:2c:ad:79:6f:e6:
35:0c:6c:ab:ac:ac:13:f6:8f:39:de:85:fb:72:6b:
0f:74:be:23:b9:f9:24:94:27:e3:07:49:9b:e8:74:
ed:1c:85:57:8a:36:81:06:25:ba:3c:92:06:f2:40:
7a:7b:f7:48:13:7b:34:5c:19:ad:c3:6c:7c:b0:c3:
d9:30:c1:e4:a2:d7:a5:97:66:26:16:b9:4c:fa:e3:
45:b9:5c:83:f7:9f:42:23:3f:6d:49:a8:88:65:7b:
54:15:13:73:03:b3:18:bf:6a:0f:a0:10:b0:0b:14:
b6:62:1c:15:44:91:8e:72:3e:a5:47:db:13:31:70:
d6:bf:6c:72:c6:f0:5c:47:a8:b4:62:95:3a:2f:f4:
1c:65:ca:ae:b9:4b:0c:1a:23:48:a5:90:08:6b:2a:
32:48:98:f1:41:98:29:d4:95:4d:0d:e3:9c:1c:39:
c6:08:fc:c9:ca:2a:ac:9b:44:f7:11:36:ca:ae:97:
a7:f6:05:28:90:4b:01:5b:e8:dc:da:5f:53:47:ab:
c3:56:85:3a:2c:f3:ab:d4:9c:70:8c:c7:18:58:2b:
3b:7d:63:51:11:fe:00:2d:49:de:b3:4c:a4:5c:07:
8b:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:D3:0F:CA:22:17:19:AC:71:F5:C9:BC:F3:8B:04:81:0B:92:D0:C3
X509v3 Authority Key Identifier:
keyid:2C:D9:51:6D:B9:41:79:52:DE:DD:92:52:FE:5D:83:F0:9A:3D:99:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LNlRbblBeVLe3ZJS_l2D8Jo9mfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/bab53b-3115-41c5-87ea-c00454e0b12a/1/zNMPyiIXGaxx9cm884sEgQuS0MM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/bab53b-3115-41c5-87ea-c00454e0b12a/1/LNlRbblBeVLe3ZJS_l2D8Jo9mfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.240.0/22
Signature Algorithm: sha256WithRSAEncryption
35:86:0b:ef:4a:2e:84:83:4a:7a:90:30:f2:a0:dc:79:ce:f6:
f3:e0:63:4d:2d:89:46:bb:e6:25:0e:04:c5:1d:57:23:2d:4e:
72:ee:c8:a4:f7:95:8f:70:6c:1a:d6:51:b3:d6:bf:b9:7d:18:
0c:2c:a7:11:3c:cb:3b:e6:23:29:aa:ee:9f:8e:89:55:d9:8b:
0e:72:65:28:2f:ee:5b:d8:dc:bc:da:82:db:fe:15:e1:58:b1:
bb:e9:47:a9:f4:c1:cd:44:b7:a5:90:7b:13:7a:63:c2:e8:25:
fb:86:92:53:e0:a1:66:de:c6:09:40:cc:c9:96:17:1f:a5:cb:
76:98:f4:7d:05:e5:d2:51:3e:28:4b:c2:9e:96:51:d0:40:59:
8f:91:fd:69:1f:59:74:07:e5:3b:fb:56:9e:c0:d4:80:41:7e:
df:b2:f6:e0:f9:e8:88:8e:dc:2f:ed:cc:55:04:57:98:af:20:
87:ea:6a:29:2a:c0:b1:80:f3:a0:10:46:96:9c:aa:bc:39:ff:
b2:a2:00:85:93:1a:f3:ab:67:85:a4:5a:a5:b0:88:30:dc:d8:
bb:91:fc:e3:3b:20:f8:60:29:81:42:e2:11:c9:b3:f0:4c:b4:
29:cc:ae:ce:75:bc:7f:f4:ef:3b:e0:a0:d0:c6:53:48:98:b7:
37:d0:b2:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwMG++pQDLgs/j4o6KfnDyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjZDk1MTZkYjk0MTc5NTJkZWRkOTI1MmZlNWQ4M2YwOWEz
ZDk5ZjUwHhcNMjMwMTAyMDE1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2QzMGZjYTIyMTcxOWFjNzFmNWM5YmNmMzhiMDQ4MTBiOTJkMGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNYoFcneLDN1M8uYF0oZGns+AvPn
/h4ULK15b+Y1DGyrrKwT9o853oX7cmsPdL4jufkklCfjB0mb6HTtHIVXijaBBiW6
PJIG8kB6e/dIE3s0XBmtw2x8sMPZMMHkotell2YmFrlM+uNFuVyD959CIz9tSaiI
ZXtUFRNzA7MYv2oPoBCwCxS2YhwVRJGOcj6lR9sTMXDWv2xyxvBcR6i0YpU6L/Qc
ZcquuUsMGiNIpZAIayoySJjxQZgp1JVNDeOcHDnGCPzJyiqsm0T3ETbKrpen9gUo
kEsBW+jc2l9TR6vDVoU6LPOr1JxwjMcYWCs7fWNREf4ALUnes0ykXAeL0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMzTD8oiFxmscfXJvPOLBIELktDDMB8GA1UdIwQY
MBaAFCzZUW25QXlS3t2SUv5dg/CaPZn1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTE5sUmJibEJlVkxlM1pKU19sMkQ4Sm85bWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9iYWI1M2ItMzExNS00MWM1LTg3ZWEt
YzAwNDU0ZTBiMTJhLzEvek5NUHlpSVhHYXh4OWNtODg0c0VnUXVTME1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9iYWI1M2ItMzExNS00MWM1LTg3ZWEtYzAwNDU0ZTBiMTJh
LzEvTE5sUmJibEJlVkxlM1pKU19sMkQ4Sm85bWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLhXwMA0G
CSqGSIb3DQEBCwUAA4IBAQA1hgvvSi6Eg0p6kDDyoNx5zvbz4GNNLYlGu+YlDgTF
HVcjLU5y7sik95WPcGwa1lGz1r+5fRgMLKcRPMs75iMpqu6fjolV2YsOcmUoL+5b
2Ny82oLb/hXhWLG76Uep9MHNRLelkHsTemPC6CX7hpJT4KFm3sYJQMzJlhcfpct2
mPR9BeXSUT4oS8KellHQQFmPkf1pH1l0B+U7+1aewNSAQX7fsvbg+eiIjtwv7cxV
BFeYryCH6mopKsCxgPOgEEaWnKq8Of+yogCFkxrzq2eFpFqlsIgw3Ni7kfzjOyD4
YCmBQuIRybPwTLQpzK7Odbx/9O874KDQxlNImLc30LIW
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:21:22 2025 by rpki-client