Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/KZA4jnri-aL9nYHoTsoeJH-R8gI.roa
File: KZA4jnri-aL9nYHoTsoeJH-R8gI.roa (raw, json)
Hash identifier: ioRykNk5tHi0fFciV5Ce58v9OpltJE9aSwwdhuLkNB8=
Subject key identifier: 29:90:38:8E:7A:E2:F9:A2:FD:9D:81:E8:4E:CA:1E:24:7F:91:F2:02
Certificate issuer: /CN=7ca643bb399c6d87adc4c7cba5d2b72fbd00d046
Certificate serial: 0194371128FF80136FEB27AAB7FF07323B64
Authority key identifier: 7C:A6:43:BB:39:9C:6D:87:AD:C4:C7:CB:A5:D2:B7:2F:BD:00:D0:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fKZDuzmcbYetxMfLpdK3L70A0EY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/KZA4jnri-aL9nYHoTsoeJH-R8gI.roa
Signing time: Sun 05 Jan 2025 15:24:19 +0000
ROA not before: Sun 05 Jan 2025 15:24:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 262287
IP address blocks: 5.182.124.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:37:11:28:ff:80:13:6f:eb:27:aa:b7:ff:07:32:3b:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ca643bb399c6d87adc4c7cba5d2b72fbd00d046
Validity
Not Before: Jan 5 15:24:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2990388e7ae2f9a2fd9d81e84eca1e247f91f202
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:79:d1:9c:af:57:cb:3a:70:e8:f7:b2:de:ca:
f5:5c:c1:5e:e3:ae:37:5d:54:08:04:80:ba:b2:c2:
7b:b4:0a:b3:18:3c:07:7b:72:04:20:09:34:cd:7d:
8b:04:ef:51:95:95:99:4a:4a:a2:35:ab:06:ec:8d:
e9:48:de:35:84:5e:cb:a8:64:12:1d:b2:08:5e:62:
46:19:a2:a1:c8:ba:73:15:4d:7e:ba:28:cc:0e:08:
23:a7:2f:c0:74:ec:d8:fd:57:a2:1f:69:a9:33:ea:
6b:3a:ae:1e:bb:cc:0a:e2:24:a5:a0:35:71:36:a0:
d0:d2:df:a0:43:90:91:b5:98:4a:fa:e4:b9:ce:05:
da:74:ea:63:b8:8c:f7:34:36:d5:29:e6:95:6b:e9:
1a:ac:df:00:5f:96:e8:0e:db:1f:8f:8e:49:6c:91:
b3:d7:41:3a:23:8c:13:c9:17:86:b2:f0:2d:16:d1:
0d:f9:36:2a:52:6c:13:ea:29:2d:c0:c7:78:3a:97:
f2:19:b3:f3:60:55:bd:12:1c:05:d7:0a:ea:f8:ce:
58:f8:ec:5d:39:3c:f5:15:8c:48:88:86:57:a1:9f:
24:b5:6e:27:1b:af:b9:62:b9:aa:ff:d2:6f:68:02:
65:22:4a:dc:c8:ca:f6:4b:92:92:1a:d0:18:5c:f8:
ae:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:90:38:8E:7A:E2:F9:A2:FD:9D:81:E8:4E:CA:1E:24:7F:91:F2:02
X509v3 Authority Key Identifier:
keyid:7C:A6:43:BB:39:9C:6D:87:AD:C4:C7:CB:A5:D2:B7:2F:BD:00:D0:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fKZDuzmcbYetxMfLpdK3L70A0EY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/KZA4jnri-aL9nYHoTsoeJH-R8gI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/fKZDuzmcbYetxMfLpdK3L70A0EY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.124.0/22
Signature Algorithm: sha256WithRSAEncryption
c3:be:f7:90:8d:9b:cc:b6:32:f2:72:b8:b2:cd:25:d7:21:f4:
f3:77:66:af:3f:5c:e8:ac:d4:3c:3c:a2:89:29:93:65:43:58:
09:ce:e8:77:16:ec:15:30:f3:1b:9c:75:dd:40:6e:82:87:16:
be:73:aa:9a:7d:d9:e6:20:ee:4d:02:b8:7d:ed:60:9b:3a:1f:
f5:69:5c:dd:6e:8e:d6:2b:89:76:cd:f5:fe:77:53:4f:c8:db:
27:e1:ef:73:58:d9:c1:54:4a:4e:b2:fb:0b:8b:01:8b:09:c5:
c2:ab:25:44:dc:1c:e7:50:d4:16:b4:5d:78:23:22:4f:2f:0e:
4e:ee:5e:40:e7:0f:7e:56:4e:15:8d:42:b0:ff:f0:e6:ff:f3:
74:6c:9e:87:1c:4d:ad:25:e8:2c:90:73:b3:98:33:49:e0:44:
a1:26:a7:fd:e0:02:ab:a2:55:f4:bb:0f:fd:35:39:2a:f5:eb:
df:6f:cb:cb:2b:35:a1:f5:2f:c5:69:c3:c0:b3:43:71:f8:98:
72:3f:01:88:96:2f:80:53:d4:b4:25:a6:a3:f0:b6:57:d4:75:
11:35:a3:ca:04:07:16:ef:ba:48:d8:99:17:d8:59:2a:24:07:
d5:6b:c5:67:d6:53:ea:c2:48:c8:05:87:4a:5f:6f:bc:e0:f9:
82:40:6b:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQ3ESj/gBNv6yeqt/8HMjtkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjYTY0M2JiMzk5YzZkODdhZGM0YzdjYmE1ZDJiNzJmYmQw
MGQwNDYwHhcNMjUwMTA1MTUyNDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTkwMzg4ZTdhZTJmOWEyZmQ5ZDgxZTg0ZWNhMWUyNDdmOTFmMjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHnRnK9Xyzpw6Pey3sr1XMFe4643
XVQIBIC6ssJ7tAqzGDwHe3IEIAk0zX2LBO9RlZWZSkqiNasG7I3pSN41hF7LqGQS
HbIIXmJGGaKhyLpzFU1+uijMDggjpy/AdOzY/VeiH2mpM+prOq4eu8wK4iSloDVx
NqDQ0t+gQ5CRtZhK+uS5zgXadOpjuIz3NDbVKeaVa+karN8AX5boDtsfj45JbJGz
10E6I4wTyReGsvAtFtEN+TYqUmwT6iktwMd4OpfyGbPzYFW9EhwF1wrq+M5Y+Oxd
OTz1FYxIiIZXoZ8ktW4nG6+5Yrmq/9JvaAJlIkrcyMr2S5KSGtAYXPiuLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCmQOI564vmi/Z2B6E7KHiR/kfICMB8GA1UdIwQY
MBaAFHymQ7s5nG2HrcTHy6XSty+9ANBGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZktaRHV6bWNiWWV0eE1mTHBkSzNMNzBBMEVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9jMDMwMWQtNTgwMS00YWM2LWI1MDMt
NDRlYTY0NzIxYzllLzEvS1pBNGpucmktYUw5bllIb1Rzb2VKSC1SOGdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9jMDMwMWQtNTgwMS00YWM2LWI1MDMtNDRlYTY0NzIxYzll
LzEvZktaRHV6bWNiWWV0eE1mTHBkSzNMNzBBMEVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBbZ8MA0G
CSqGSIb3DQEBCwUAA4IBAQDDvveQjZvMtjLycriyzSXXIfTzd2avP1zorNQ8PKKJ
KZNlQ1gJzuh3FuwVMPMbnHXdQG6Chxa+c6qafdnmIO5NArh97WCbOh/1aVzdbo7W
K4l2zfX+d1NPyNsn4e9zWNnBVEpOsvsLiwGLCcXCqyVE3BznUNQWtF14IyJPLw5O
7l5A5w9+Vk4VjUKw//Dm//N0bJ6HHE2tJegskHOzmDNJ4EShJqf94AKrolX0uw/9
NTkq9evfb8vLKzWh9S/FacPAs0Nx+JhyPwGIli+AU9S0Jaaj8LZX1HURNaPKBAcW
77pI2JkX2FkqJAfVa8Vn1lPqwkjIBYdKX2+84PmCQGtV
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:27:51 2025 by rpki-client