Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/bd0b55-86a4-497f-9eeb-661e1a56bc76/1/pzOa8Yzsb0QjsNmoQgWtgPqvRLU.roa
File: pzOa8Yzsb0QjsNmoQgWtgPqvRLU.roa (raw, json)
Hash identifier: kSanpWi0ub6wlWTWUOX5jVlx7dVelBdvGmEM8k4V6gM=
Subject key identifier: A7:33:9A:F1:8C:EC:6F:44:23:B0:D9:A8:42:05:AD:80:FA:AF:44:B5
Certificate issuer: /CN=b8b82200a1332e9995437f9c647ea24b416198af
Certificate serial: 01856D6F7F8F56D060A81FE03908AA51EC80
Authority key identifier: B8:B8:22:00:A1:33:2E:99:95:43:7F:9C:64:7E:A2:4B:41:61:98:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uLgiAKEzLpmVQ3-cZH6iS0FhmK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/bd0b55-86a4-497f-9eeb-661e1a56bc76/1/pzOa8Yzsb0QjsNmoQgWtgPqvRLU.roa
Signing time: Sun 01 Jan 2023 13:05:01 +0000
ROA not before: Sun 01 Jan 2023 13:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 91.242.252.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:7f:8f:56:d0:60:a8:1f:e0:39:08:aa:51:ec:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8b82200a1332e9995437f9c647ea24b416198af
Validity
Not Before: Jan 1 13:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a7339af18cec6f4423b0d9a84205ad80faaf44b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d2:ad:16:bd:a0:12:ae:9e:63:28:fd:18:df:
ee:94:2d:fc:15:11:b9:f8:2c:12:31:fd:9f:a4:b4:
e8:41:da:fb:d5:d3:9b:4b:fa:90:ca:61:30:6d:18:
e5:ec:01:16:36:d3:91:1d:1a:c1:7b:3c:04:0e:25:
54:a0:72:00:48:71:11:f4:58:d8:9e:10:a3:97:d8:
0f:2a:34:17:c5:04:4c:ed:23:e6:b7:5f:76:d3:5c:
df:9c:ea:f5:18:72:9c:e4:22:8f:2e:c3:90:f1:50:
3a:c7:40:6b:32:b2:24:7b:97:2b:5c:96:29:ba:d9:
17:fa:84:c7:69:20:2d:a9:66:d0:25:35:a7:c3:79:
1f:c6:c4:0e:88:42:ae:01:cb:40:be:15:2f:21:16:
6f:10:7d:3e:2a:69:29:43:2e:3a:a0:14:de:70:82:
25:c6:7d:ef:0a:54:31:8f:27:0e:b3:34:fc:c1:a9:
c3:92:a4:58:3d:8f:06:94:0d:cb:53:61:55:22:1f:
8c:36:02:d7:d0:10:1a:08:e5:1d:86:30:c3:25:23:
fa:4d:e2:b6:4a:21:85:11:ee:5d:34:c9:80:a9:46:
64:d4:fc:cd:12:c3:24:3b:3d:7f:ab:ab:77:9b:95:
0b:2a:bd:20:f1:24:25:43:37:da:35:f7:e0:29:e1:
c5:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:33:9A:F1:8C:EC:6F:44:23:B0:D9:A8:42:05:AD:80:FA:AF:44:B5
X509v3 Authority Key Identifier:
keyid:B8:B8:22:00:A1:33:2E:99:95:43:7F:9C:64:7E:A2:4B:41:61:98:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uLgiAKEzLpmVQ3-cZH6iS0FhmK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/bd0b55-86a4-497f-9eeb-661e1a56bc76/1/pzOa8Yzsb0QjsNmoQgWtgPqvRLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/bd0b55-86a4-497f-9eeb-661e1a56bc76/1/uLgiAKEzLpmVQ3-cZH6iS0FhmK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.252.0/24
Signature Algorithm: sha256WithRSAEncryption
37:02:91:89:5b:b6:08:e4:d3:fd:ca:34:6b:3e:e4:d2:51:dd:
ac:87:b4:98:47:35:6a:49:a0:a0:40:36:37:87:6c:0a:69:ba:
4f:de:44:9f:23:f2:fb:24:eb:9c:04:db:c6:81:6e:b3:e9:81:
e0:ec:10:8b:41:7d:a0:73:0d:6b:a6:ad:b1:72:9c:34:78:03:
65:9d:25:79:a1:3f:69:ad:c2:c7:2b:25:98:8f:3b:1d:ee:2d:
42:66:3b:ba:3f:20:fd:4b:e7:12:e5:ad:13:ff:3e:69:67:36:
15:1d:3c:ee:a7:42:1f:b3:59:e3:30:e3:a1:95:bc:de:3b:2d:
57:56:20:86:8d:1b:aa:1c:24:31:26:42:7a:e9:60:b3:5d:6d:
c0:ab:cf:2a:7f:13:a0:c0:24:f6:1e:a3:b9:71:ec:8c:84:19:
ef:8d:0c:45:b9:5a:af:df:37:92:06:bf:fd:d9:34:6d:4f:6f:
c0:69:83:92:ab:44:eb:57:a7:6c:9d:d6:e4:0e:41:bb:7f:04:
b3:ca:e6:a2:06:26:b1:ec:2b:39:ee:16:5a:87:ba:51:8d:6c:
dd:ce:ac:f5:f7:2e:15:c4:26:08:e5:eb:fd:50:77:2d:3d:70:
f4:73:d6:2b:9a:cd:28:94:24:26:f0:0b:ed:a1:ec:a6:3a:da:
1c:3a:a3:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtb3+PVtBgqB/gOQiqUeyAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4YjgyMjAwYTEzMzJlOTk5NTQzN2Y5YzY0N2VhMjRiNDE2
MTk4YWYwHhcNMjMwMTAxMTMwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzMzOWFmMThjZWM2ZjQ0MjNiMGQ5YTg0MjA1YWQ4MGZhYWY0NGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNKtFr2gEq6eYyj9GN/ulC38FRG5
+CwSMf2fpLToQdr71dObS/qQymEwbRjl7AEWNtORHRrBezwEDiVUoHIASHER9FjY
nhCjl9gPKjQXxQRM7SPmt19201zfnOr1GHKc5CKPLsOQ8VA6x0BrMrIke5crXJYp
utkX+oTHaSAtqWbQJTWnw3kfxsQOiEKuActAvhUvIRZvEH0+KmkpQy46oBTecIIl
xn3vClQxjycOszT8wanDkqRYPY8GlA3LU2FVIh+MNgLX0BAaCOUdhjDDJSP6TeK2
SiGFEe5dNMmAqUZk1PzNEsMkOz1/q6t3m5ULKr0g8SQlQzfaNffgKeHFWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKczmvGM7G9EI7DZqEIFrYD6r0S1MB8GA1UdIwQY
MBaAFLi4IgChMy6ZlUN/nGR+oktBYZivMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUxnaUFLRXpMcG1WUTMtY1pINmlTMEZobUs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iZDBiNTUtODZhNC00OTdmLTllZWIt
NjYxZTFhNTZiYzc2LzEvcHpPYThZenNiMFFqc05tb1FnV3RnUHF2UkxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iZDBiNTUtODZhNC00OTdmLTllZWItNjYxZTFhNTZiYzc2
LzEvdUxnaUFLRXpMcG1WUTMtY1pINmlTMEZobUs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/L8MA0G
CSqGSIb3DQEBCwUAA4IBAQA3ApGJW7YI5NP9yjRrPuTSUd2sh7SYRzVqSaCgQDY3
h2wKabpP3kSfI/L7JOucBNvGgW6z6YHg7BCLQX2gcw1rpq2xcpw0eANlnSV5oT9p
rcLHKyWYjzsd7i1CZju6PyD9S+cS5a0T/z5pZzYVHTzup0Ifs1njMOOhlbzeOy1X
ViCGjRuqHCQxJkJ66WCzXW3Aq88qfxOgwCT2HqO5ceyMhBnvjQxFuVqv3zeSBr/9
2TRtT2/AaYOSq0TrV6dsndbkDkG7fwSzyuaiBiax7Cs57hZah7pRjWzdzqz19y4V
xCYI5ev9UHctPXD0c9Yrms0olCQm8AvtoeymOtocOqMn
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:10:55 2025 by rpki-client