Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/57fb14-d705-4055-8045-bca234829f48/1/zaTus1-EePtGKZeeACuoWDST_TM.roa
File: zaTus1-EePtGKZeeACuoWDST_TM.roa (raw, json)
Hash identifier: +vtFXKvLkqtlqn4GsZRfC4ibYv3w/dOltJ76oTNem/M=
Subject key identifier: CD:A4:EE:B3:5F:84:78:FB:46:29:97:9E:00:2B:A8:58:34:93:FD:33
Certificate issuer: /CN=85916be7e63cfd8c8b77c0588d12694f16b14cda
Certificate serial: 0194CC085891D7AF4C43854D4CB59EAECD9A
Authority key identifier: 85:91:6B:E7:E6:3C:FD:8C:8B:77:C0:58:8D:12:69:4F:16:B1:4C:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hZFr5-Y8_YyLd8BYjRJpTxaxTNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/57fb14-d705-4055-8045-bca234829f48/1/zaTus1-EePtGKZeeACuoWDST_TM.roa
Signing time: Mon 03 Feb 2025 13:38:06 +0000
ROA not before: Mon 03 Feb 2025 13:38:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214063
IP address blocks: 91.232.92.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cc:08:58:91:d7:af:4c:43:85:4d:4c:b5:9e:ae:cd:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85916be7e63cfd8c8b77c0588d12694f16b14cda
Validity
Not Before: Feb 3 13:38:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cda4eeb35f8478fb4629979e002ba8583493fd33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:2c:7f:d3:62:56:c5:b6:f5:9f:24:cd:42:57:
4f:8a:15:85:c1:d2:1d:91:d3:74:d5:8b:bd:1b:0b:
d9:9b:97:41:28:1d:6b:48:80:ce:59:1b:76:e6:ef:
cc:ba:d4:b5:76:09:37:bb:18:a7:59:88:bd:8e:27:
6a:8a:f6:77:45:89:a6:ea:1b:2e:b4:82:6f:61:80:
ba:b9:29:87:31:be:5d:9b:1f:04:da:0e:15:ca:27:
cc:b3:2e:1c:3f:14:c7:07:e5:c8:bc:e3:99:e7:bd:
db:69:00:a2:ab:45:e4:b0:70:b8:87:24:9a:32:38:
27:47:9b:18:75:b9:3d:b3:f1:99:6a:e0:bf:3a:00:
3f:9f:fa:ff:95:38:96:b2:95:2d:8d:b9:43:8e:75:
c6:17:49:ca:b6:69:e1:39:0c:e4:31:4b:5c:af:fd:
e6:5d:c4:b8:48:97:fb:a4:dd:13:77:57:10:be:1b:
c1:00:f7:19:04:c8:b4:f8:ad:29:5f:de:6f:62:a1:
57:21:01:0a:b9:a9:aa:4a:5c:2e:9a:e5:25:e3:fc:
98:8e:df:78:56:5e:d4:be:7d:cd:ff:60:9e:e6:22:
41:5d:4b:5d:ad:4e:9e:bc:ba:13:e4:1a:16:cc:4b:
b1:d4:ae:58:80:1e:d6:77:fc:9a:bd:a3:29:cd:9d:
53:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:A4:EE:B3:5F:84:78:FB:46:29:97:9E:00:2B:A8:58:34:93:FD:33
X509v3 Authority Key Identifier:
keyid:85:91:6B:E7:E6:3C:FD:8C:8B:77:C0:58:8D:12:69:4F:16:B1:4C:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hZFr5-Y8_YyLd8BYjRJpTxaxTNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/57fb14-d705-4055-8045-bca234829f48/1/zaTus1-EePtGKZeeACuoWDST_TM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/57fb14-d705-4055-8045-bca234829f48/1/hZFr5-Y8_YyLd8BYjRJpTxaxTNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.92.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:e7:98:61:32:87:a6:63:f6:8a:15:89:fe:51:09:e8:da:47:
07:0e:36:07:58:9a:a5:26:b3:fb:e9:9d:d8:0e:b2:2a:20:40:
b2:ef:0f:20:4c:2d:cb:bd:4c:4c:4a:f4:96:b0:84:6b:70:a6:
7c:66:d2:2f:fb:f0:eb:8f:55:bf:17:bb:9b:13:16:e4:6f:7c:
b6:f8:dd:68:6c:eb:c9:1d:79:7c:6e:1e:7e:a7:b0:40:db:7b:
98:f9:b6:e6:11:82:57:c7:a6:86:8a:f2:70:83:88:98:25:86:
8f:d9:c8:56:d2:44:c8:2e:dd:65:f4:4f:57:f6:05:16:6c:2f:
d1:6f:e4:74:18:e3:fd:6e:55:fe:95:3e:c2:ec:17:5c:da:1f:
0e:ed:34:73:b9:1b:69:d1:28:83:63:49:e7:ff:49:fc:a2:e4:
bb:e9:d3:cc:c3:f6:09:77:d7:89:5c:45:9e:2d:b6:f1:f8:0a:
d7:03:a9:cc:18:e8:e6:43:35:df:d8:3e:82:2e:02:30:35:94:
7c:9c:ef:44:68:c8:4e:b3:c6:46:9a:8e:45:31:f3:c7:fe:88:
6d:99:4f:93:6e:1e:b7:10:53:3c:d4:8c:46:1a:ca:66:59:27:
c4:c3:d2:bc:67:13:1f:95:64:19:d5:d6:75:cd:84:07:a1:30:
1f:b7:70:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTMCFiR169MQ4VNTLWers2aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1OTE2YmU3ZTYzY2ZkOGM4Yjc3YzA1ODhkMTI2OTRmMTZi
MTRjZGEwHhcNMjUwMjAzMTMzODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGE0ZWViMzVmODQ3OGZiNDYyOTk3OWUwMDJiYTg1ODM0OTNmZDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCx/02JWxbb1nyTNQldPihWFwdId
kdN01Yu9GwvZm5dBKB1rSIDOWRt25u/MutS1dgk3uxinWYi9jidqivZ3RYmm6hsu
tIJvYYC6uSmHMb5dmx8E2g4VyifMsy4cPxTHB+XIvOOZ573baQCiq0XksHC4hySa
MjgnR5sYdbk9s/GZauC/OgA/n/r/lTiWspUtjblDjnXGF0nKtmnhOQzkMUtcr/3m
XcS4SJf7pN0Td1cQvhvBAPcZBMi0+K0pX95vYqFXIQEKuamqSlwumuUl4/yYjt94
Vl7Uvn3N/2Ce5iJBXUtdrU6evLoT5BoWzEux1K5YgB7Wd/yavaMpzZ1T/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM2k7rNfhHj7RimXngArqFg0k/0zMB8GA1UdIwQY
MBaAFIWRa+fmPP2Mi3fAWI0SaU8WsUzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFpGcjUtWThfWXlMZDhCWWpSSnBUeGF4VE5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS81N2ZiMTQtZDcwNS00MDU1LTgwNDUt
YmNhMjM0ODI5ZjQ4LzEvemFUdXMxLUVlUHRHS1plZUFDdW9XRFNUX1RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS81N2ZiMTQtZDcwNS00MDU1LTgwNDUtYmNhMjM0ODI5ZjQ4
LzEvaFpGcjUtWThfWXlMZDhCWWpSSnBUeGF4VE5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+hcMA0G
CSqGSIb3DQEBCwUAA4IBAQCP55hhMoemY/aKFYn+UQno2kcHDjYHWJqlJrP76Z3Y
DrIqIECy7w8gTC3LvUxMSvSWsIRrcKZ8ZtIv+/Drj1W/F7ubExbkb3y2+N1obOvJ
HXl8bh5+p7BA23uY+bbmEYJXx6aGivJwg4iYJYaP2chW0kTILt1l9E9X9gUWbC/R
b+R0GOP9blX+lT7C7Bdc2h8O7TRzuRtp0SiDY0nn/0n8ouS76dPMw/YJd9eJXEWe
Lbbx+ArXA6nMGOjmQzXf2D6CLgIwNZR8nO9EaMhOs8ZGmo5FMfPH/ohtmU+Tbh63
EFM81IxGGspmWSfEw9K8ZxMflWQZ1dZ1zYQHoTAft3C7
-----END CERTIFICATE-----
Generated at Sat Feb 22 05:34:14 2025 by rpki-client