Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/ZF9449-41UhJXmrXFkaxGnmMBxo.roa
File: ZF9449-41UhJXmrXFkaxGnmMBxo.roa (raw, json)
Hash identifier: NbupFgZ400cBwsoaeMYQOGAWszg917QM3WiEMbkjn8g=
Subject key identifier: 64:5F:78:E3:DF:B8:D5:48:49:5E:6A:D7:16:46:B1:1A:79:8C:07:1A
Certificate issuer: /CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Certificate serial: 018D9CE90D4B1B8E11B57A7E5420A7699C21
Authority key identifier: 42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/ZF9449-41UhJXmrXFkaxGnmMBxo.roa
Signing time: Mon 12 Feb 2024 10:42:15 +0000
ROA not before: Mon 12 Feb 2024 10:42:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 217.147.168.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9c:e9:0d:4b:1b:8e:11:b5:7a:7e:54:20:a7:69:9c:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Validity
Not Before: Feb 12 10:42:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=645f78e3dfb8d548495e6ad71646b11a798c071a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:29:55:c4:25:ba:ea:41:db:9e:4c:db:aa:de:
b0:40:9b:f2:66:39:3f:b3:0f:2e:a2:29:b9:d8:c5:
78:15:1f:65:a2:b6:8e:0f:6c:f9:56:e5:4d:c2:dc:
ba:d6:1a:f8:22:b2:fe:de:cb:15:f6:18:7c:3e:87:
27:8e:28:9d:50:df:57:38:79:28:3d:1d:65:e5:e2:
7e:66:32:15:e1:f1:b4:90:25:06:c5:3c:7f:30:e0:
9c:12:0a:7c:44:86:a2:7a:5e:cf:33:f6:39:d7:c9:
13:96:fd:82:06:b4:e7:6d:e8:c3:44:86:53:22:9e:
de:f3:e8:c3:97:ca:52:33:46:21:14:c1:9f:a5:89:
6a:e1:7b:69:29:8e:2d:5b:3c:e7:ea:31:73:8d:0b:
3f:3c:2f:b6:76:39:f0:77:1f:ec:24:71:29:2f:a4:
7e:c1:a0:f5:9e:e8:79:24:9c:10:51:aa:2b:41:53:
49:20:67:00:68:b8:8c:ab:ab:17:5a:5f:7e:ad:fd:
96:ab:7a:60:36:47:dc:78:7e:c4:e5:56:c7:2d:4e:
74:8b:b8:c8:14:ce:66:3d:af:5b:7a:d9:03:94:83:
df:bf:fe:04:11:fb:2c:22:62:b5:82:3b:73:fb:5f:
c6:85:71:8c:53:d3:79:16:a7:55:71:5c:d2:fe:7d:
70:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:5F:78:E3:DF:B8:D5:48:49:5E:6A:D7:16:46:B1:1A:79:8C:07:1A
X509v3 Authority Key Identifier:
keyid:42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/ZF9449-41UhJXmrXFkaxGnmMBxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/QvirK6JIeeRcRFSG_Oshr0ZlbVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.168.0/24
Signature Algorithm: sha256WithRSAEncryption
34:65:4f:ba:fe:03:f8:9f:aa:f4:a0:04:b0:ad:63:9b:65:2c:
df:e0:39:38:46:20:6c:53:a7:d6:c7:c3:59:0f:16:68:7a:2b:
69:c8:f8:3e:5b:1c:78:2a:4c:85:0b:5d:9a:fa:17:e4:48:e1:
76:27:ee:b0:a7:2a:dd:80:4e:29:16:24:1e:c2:39:7b:d1:c9:
76:3a:d5:38:bf:86:5c:dd:f3:4f:91:8c:f8:a2:21:ff:63:a1:
5a:06:d5:c3:d6:65:c9:e2:20:6a:cf:4c:2b:68:95:5a:39:38:
12:1a:f7:21:bb:c6:19:86:ae:58:a9:21:17:c5:c2:76:97:8e:
da:eb:c2:08:7c:4e:c5:d4:a2:e6:82:b1:ab:9e:5f:f4:ce:8e:
f1:bd:8e:c5:42:2f:91:c9:37:1a:04:7c:8e:2c:63:b1:7a:a4:
2d:2c:dd:37:ba:02:be:14:d7:7e:84:8f:05:49:f1:e1:04:93:
af:c8:3a:9f:32:1e:2e:9d:17:07:e9:61:44:41:3b:ae:1d:c9:
46:c8:92:72:2d:ab:5a:68:d7:e1:9e:73:45:00:3e:34:19:1e:
9e:25:d0:c6:34:32:13:94:ae:7a:91:a4:4b:d4:55:b1:96:6c:
93:50:2d:e8:30:87:2b:c7:22:10:3f:8f:48:57:61:0b:5a:f0:
2a:36:c8:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2c6Q1LG44RtXp+VCCnaZwhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZjhhYjJiYTI0ODc5ZTQ1YzQ0NTQ4NmZjZWIyMWFmNDY2
NTZkNWEwHhcNMjQwMjEyMTA0MjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDVmNzhlM2RmYjhkNTQ4NDk1ZTZhZDcxNjQ2YjExYTc5OGMwNzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlClVxCW66kHbnkzbqt6wQJvyZjk/
sw8uoim52MV4FR9loraOD2z5VuVNwty61hr4IrL+3ssV9hh8PocnjiidUN9XOHko
PR1l5eJ+ZjIV4fG0kCUGxTx/MOCcEgp8RIaiel7PM/Y518kTlv2CBrTnbejDRIZT
Ip7e8+jDl8pSM0YhFMGfpYlq4XtpKY4tWzzn6jFzjQs/PC+2djnwdx/sJHEpL6R+
waD1nuh5JJwQUaorQVNJIGcAaLiMq6sXWl9+rf2Wq3pgNkfceH7E5VbHLU50i7jI
FM5mPa9betkDlIPfv/4EEfssImK1gjtz+1/GhXGMU9N5FqdVcVzS/n1wcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGRfeOPfuNVISV5q1xZGsRp5jAcaMB8GA1UdIwQY
MBaAFEL4qyuiSHnkXERUhvzrIa9GZW1aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXZpcks2SkllZVJjUkZTR19Pc2hyMFpsYlZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9jMTdjNWQtNzU0My00NDBmLTg3OGYt
MTc2OWZlZjZiZTk2LzEvWkY5NDQ5LTQxVWhKWG1yWEZrYXhHbm1NQnhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9jMTdjNWQtNzU0My00NDBmLTg3OGYtMTc2OWZlZjZiZTk2
LzEvUXZpcks2SkllZVJjUkZTR19Pc2hyMFpsYlZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2ZOoMA0G
CSqGSIb3DQEBCwUAA4IBAQA0ZU+6/gP4n6r0oASwrWObZSzf4Dk4RiBsU6fWx8NZ
DxZoeitpyPg+Wxx4KkyFC12a+hfkSOF2J+6wpyrdgE4pFiQewjl70cl2OtU4v4Zc
3fNPkYz4oiH/Y6FaBtXD1mXJ4iBqz0wraJVaOTgSGvchu8YZhq5YqSEXxcJ2l47a
68IIfE7F1KLmgrGrnl/0zo7xvY7FQi+RyTcaBHyOLGOxeqQtLN03ugK+FNd+hI8F
SfHhBJOvyDqfMh4unRcH6WFEQTuuHclGyJJyLataaNfhnnNFAD40GR6eJdDGNDIT
lK56kaRL1FWxlmyTUC3oMIcrxyIQP49IV2ELWvAqNsj7
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:02 2025 by rpki-client