Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/ZtIB391wA96ODwULxOuaUb3zKjw.roa
File: ZtIB391wA96ODwULxOuaUb3zKjw.roa (raw, json)
Hash identifier: iYFjXUPN6915L3avwAU1BHDz24hStz0uZXCywgYk214=
Subject key identifier: 66:D2:01:DF:DD:70:03:DE:8E:0F:05:0B:C4:EB:9A:51:BD:F3:2A:3C
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 019422200582EFE34DFB57FBBC25440FB044
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/ZtIB391wA96ODwULxOuaUb3zKjw.roa
Signing time: Wed 01 Jan 2025 13:48:31 +0000
ROA not before: Wed 01 Jan 2025 13:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52202
IP address blocks: 45.86.241.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:05:82:ef:e3:4d:fb:57:fb:bc:25:44:0f:b0:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Jan 1 13:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=66d201dfdd7003de8e0f050bc4eb9a51bdf32a3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:88:9e:af:43:16:10:ea:8d:0f:f6:03:80:b2:
1a:e2:5f:80:7f:fb:8c:59:b4:8a:62:33:4e:56:8e:
06:6c:20:92:aa:6f:53:3f:5d:03:7f:05:b8:ed:17:
01:09:19:4d:64:d2:2c:3a:22:3a:45:78:ee:09:b3:
b6:fa:07:51:30:a9:b3:80:fd:10:0c:8e:46:ab:90:
40:3f:46:96:b7:0e:cd:76:89:4c:f5:8e:66:af:78:
d2:14:da:f9:4e:29:06:83:c0:1d:ca:73:76:0d:7c:
46:b9:4c:b2:75:be:d9:52:9f:e4:63:e3:3f:a3:f8:
6f:8f:6e:79:74:59:5b:3e:f3:b0:3f:4e:9e:3a:19:
74:34:0a:27:86:77:4b:2e:92:6f:10:63:41:0b:ee:
a0:ac:78:84:1e:73:5b:ee:b9:e0:eb:a9:79:24:f6:
2b:35:0f:05:72:51:62:37:ba:9c:e3:bf:df:ba:07:
d1:3a:db:62:a6:5f:92:ba:77:48:7f:1d:26:70:55:
58:8c:0e:56:9a:cf:c1:16:a8:af:8e:22:88:c7:51:
58:5d:5c:f1:ed:4f:8a:54:04:b8:2f:b9:67:76:b6:
b9:00:ae:e5:bc:c6:4e:fc:ce:76:2f:74:d7:6f:33:
cd:4a:bc:c8:5a:b9:91:16:27:db:85:ba:6e:0a:6a:
ee:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:D2:01:DF:DD:70:03:DE:8E:0F:05:0B:C4:EB:9A:51:BD:F3:2A:3C
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/ZtIB391wA96ODwULxOuaUb3zKjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.241.0/24
Signature Algorithm: sha256WithRSAEncryption
25:41:aa:77:3b:87:5f:2e:4d:59:54:da:24:85:a2:57:16:22:
50:be:93:76:ed:93:dc:f7:c3:27:28:ca:2a:cd:df:ed:17:fd:
09:fa:f9:88:7a:d9:ca:18:da:93:ce:dd:c4:4d:12:43:ef:35:
37:a9:35:47:a1:b6:63:55:50:27:e4:97:1d:32:1b:12:9d:e5:
70:6c:f8:2b:97:91:18:a5:6c:ee:ec:39:09:1a:6d:67:cd:e0:
ad:c9:81:bf:48:b5:d6:8f:ba:82:be:96:31:b0:3f:c1:0e:09:
b3:0f:07:84:1f:c4:ca:48:39:f8:c9:af:b4:07:17:56:7d:37:
c0:7f:dc:03:85:57:29:0e:54:9e:ab:a0:81:11:73:61:9b:88:
d8:39:01:dd:bd:d1:78:96:07:91:7b:3e:7f:a9:c8:fb:d8:99:
01:b9:f0:d4:0d:ab:a0:bc:46:78:52:0e:3c:3e:03:71:b9:57:
ce:06:5c:76:63:c2:25:56:68:f4:5e:70:51:23:df:92:6d:73:
cf:1e:e3:08:03:b3:41:98:77:00:b0:eb:d9:69:02:1b:87:89:
1e:49:a5:0e:fc:bd:82:7d:44:3b:69:34:59:1a:53:c1:0d:de:
a5:9f:d5:0b:01:47:64:8f:e1:cb:1b:90:9d:ca:77:e5:5e:dc:
da:12:b4:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIAWC7+NN+1f7vCVED7BEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjUwMTAxMTM0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmQyMDFkZmRkNzAwM2RlOGUwZjA1MGJjNGViOWE1MWJkZjMyYTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYier0MWEOqND/YDgLIa4l+Af/uM
WbSKYjNOVo4GbCCSqm9TP10DfwW47RcBCRlNZNIsOiI6RXjuCbO2+gdRMKmzgP0Q
DI5Gq5BAP0aWtw7NdolM9Y5mr3jSFNr5TikGg8AdynN2DXxGuUyydb7ZUp/kY+M/
o/hvj255dFlbPvOwP06eOhl0NAonhndLLpJvEGNBC+6grHiEHnNb7rng66l5JPYr
NQ8FclFiN7qc47/fugfROttipl+SundIfx0mcFVYjA5Wms/BFqivjiKIx1FYXVzx
7U+KVAS4L7lndra5AK7lvMZO/M52L3TXbzPNSrzIWrmRFifbhbpuCmrudQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGbSAd/dcAPejg8FC8TrmlG98yo8MB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvWnRJQjM5MXdBOTZPRHdVTHhPdWFVYjN6S2p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVbxMA0G
CSqGSIb3DQEBCwUAA4IBAQAlQap3O4dfLk1ZVNokhaJXFiJQvpN27ZPc98MnKMoq
zd/tF/0J+vmIetnKGNqTzt3ETRJD7zU3qTVHobZjVVAn5JcdMhsSneVwbPgrl5EY
pWzu7DkJGm1nzeCtyYG/SLXWj7qCvpYxsD/BDgmzDweEH8TKSDn4ya+0BxdWfTfA
f9wDhVcpDlSeq6CBEXNhm4jYOQHdvdF4lgeRez5/qcj72JkBufDUDaugvEZ4Ug48
PgNxuVfOBlx2Y8IlVmj0XnBRI9+SbXPPHuMIA7NBmHcAsOvZaQIbh4keSaUO/L2C
fUQ7aTRZGlPBDd6ln9ULAUdkj+HLG5CdynflXtzaErT2
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:29:39 2025 by rpki-client