Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/KzhPBfzs40BMsYPfoaIPI29P5yo.roa
File: KzhPBfzs40BMsYPfoaIPI29P5yo.roa (raw, json)
Hash identifier: 95zWAjg8ne0IL6qdhZTUSVplXSRiePGkqfZ93e5qlhw=
Subject key identifier: 2B:38:4F:05:FC:EC:E3:40:4C:B1:83:DF:A1:A2:0F:23:6F:4F:E7:2A
Certificate issuer: /CN=2631166de785a3531bdc8361f1190a8369a7ed6a
Certificate serial: 0194228DE301EB1B074B844A8C04712EF135
Authority key identifier: 26:31:16:6D:E7:85:A3:53:1B:DC:83:61:F1:19:0A:83:69:A7:ED:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/KzhPBfzs40BMsYPfoaIPI29P5yo.roa
Signing time: Wed 01 Jan 2025 15:48:31 +0000
ROA not before: Wed 01 Jan 2025 15:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204963
IP address blocks: 5.255.84.0/24 maxlen: 24
5.255.89.0/24 maxlen: 24
2a00:1ca8:84::/48 maxlen: 48
2a00:1ca8:89::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:e3:01:eb:1b:07:4b:84:4a:8c:04:71:2e:f1:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2631166de785a3531bdc8361f1190a8369a7ed6a
Validity
Not Before: Jan 1 15:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b384f05fcece3404cb183dfa1a20f236f4fe72a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b1:75:f4:7c:1b:44:8d:6c:80:e3:86:34:e0:
d0:56:bf:c6:0a:8a:1c:05:ca:cd:e9:ee:92:77:5b:
9e:19:77:be:bb:3a:9f:17:5f:37:be:a0:94:8f:8b:
b8:4b:81:0f:ca:0f:b9:74:69:64:e8:9f:66:72:af:
68:ec:dc:27:ca:f1:1a:8e:4c:4a:2a:30:0e:21:b0:
49:be:44:57:07:f2:df:46:06:e2:e4:ca:74:76:84:
e2:50:65:2d:35:ab:8d:15:78:8a:4b:cc:f5:05:0d:
82:c3:21:b3:0d:49:9d:43:db:4e:47:8f:92:30:ca:
b3:25:2d:bb:80:19:43:0e:65:a4:27:71:a2:f3:8a:
31:05:24:8a:1c:1a:40:c6:9d:d2:0a:93:d9:06:4e:
f6:c5:66:66:b5:d4:a3:01:9b:72:3a:44:74:38:2d:
a2:bd:7b:50:98:0d:e6:97:c2:67:0d:92:ee:95:d8:
af:e8:0f:e1:8f:61:6b:3f:21:b4:c2:bc:12:c8:6a:
b9:79:15:45:db:24:02:9e:72:13:1a:f1:f1:5e:d2:
b7:1b:7c:cd:4b:fa:47:ef:4f:ab:37:21:d2:bb:56:
19:7a:36:d6:da:93:8c:8d:1b:08:b9:c6:69:15:b5:
e8:11:fc:5b:0e:7f:3b:8d:65:9c:84:cf:21:be:53:
b3:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:38:4F:05:FC:EC:E3:40:4C:B1:83:DF:A1:A2:0F:23:6F:4F:E7:2A
X509v3 Authority Key Identifier:
keyid:26:31:16:6D:E7:85:A3:53:1B:DC:83:61:F1:19:0A:83:69:A7:ED:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/KzhPBfzs40BMsYPfoaIPI29P5yo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.255.84.0/24
5.255.89.0/24
IPv6:
2a00:1ca8:84::/48
2a00:1ca8:89::/48
Signature Algorithm: sha256WithRSAEncryption
21:dd:40:dc:96:92:6a:e7:45:ca:7f:32:53:ce:22:94:01:8e:
2a:54:18:cc:b9:d4:7a:6b:d0:a2:8b:dc:37:f1:7f:27:1e:ef:
01:b4:d7:3b:fa:a8:fb:27:11:86:87:a9:ff:70:35:7e:67:f4:
1e:61:ca:92:7a:07:91:89:32:03:d6:f2:48:66:24:61:2f:aa:
6b:65:76:ee:48:b5:28:75:da:9c:71:da:33:ad:83:e1:a9:06:
dc:b7:83:87:94:25:a5:66:9b:d9:6d:63:13:84:19:3e:7a:3c:
a6:e1:57:5a:ce:16:3a:82:d9:b3:85:7f:0a:ac:a0:4b:3d:2d:
ae:2e:6f:6b:b0:ef:52:79:fc:db:aa:d4:a3:37:04:ae:3d:b0:
0a:fe:81:c6:56:79:1f:2f:66:92:11:d6:83:be:6f:73:15:11:
c1:f2:9f:87:85:74:e6:77:33:dd:20:1f:77:62:cc:1a:00:d4:
9a:4c:a8:26:f7:8f:71:d5:9a:99:5f:b6:64:a1:3e:ee:d3:7f:
8e:40:ae:70:84:e1:ec:7b:3d:79:81:5f:cd:f5:54:04:8b:22:
cc:3b:48:de:b3:2e:3e:e9:0d:4f:0e:e0:63:2b:79:91:71:c7:
60:45:0a:f3:87:5c:8d:3c:c0:9f:f3:9e:7c:79:7c:e3:e7:25:
87:bb:65:b9
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQijeMB6xsHS4RKjARxLvE1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MzExNjZkZTc4NWEzNTMxYmRjODM2MWYxMTkwYTgzNjlh
N2VkNmEwHhcNMjUwMTAxMTU0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjM4NGYwNWZjZWNlMzQwNGNiMTgzZGZhMWEyMGYyMzZmNGZlNzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLF19HwbRI1sgOOGNODQVr/GCooc
BcrN6e6Sd1ueGXe+uzqfF183vqCUj4u4S4EPyg+5dGlk6J9mcq9o7NwnyvEajkxK
KjAOIbBJvkRXB/LfRgbi5Mp0doTiUGUtNauNFXiKS8z1BQ2CwyGzDUmdQ9tOR4+S
MMqzJS27gBlDDmWkJ3Gi84oxBSSKHBpAxp3SCpPZBk72xWZmtdSjAZtyOkR0OC2i
vXtQmA3ml8JnDZLuldiv6A/hj2FrPyG0wrwSyGq5eRVF2yQCnnITGvHxXtK3G3zN
S/pH70+rNyHSu1YZejbW2pOMjRsIucZpFbXoEfxbDn87jWWchM8hvlOzIwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCs4TwX87ONATLGD36GiDyNvT+cqMB8GA1UdIwQY
MBaAFCYxFm3nhaNTG9yDYfEZCoNpp+1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmpFV2JlZUZvMU1iM0lOaDhSa0tnMm1uN1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9mYjAxNTctNjc0Ni00YjAwLThmOGUt
Yjg5YTI2MTk5OTc2LzEvS3poUEJmenM0MEJNc1lQZm9hSVBJMjlQNXlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9mYjAxNTctNjc0Ni00YjAwLThmOGUtYjg5YTI2MTk5OTc2
LzEvSmpFV2JlZUZvMU1iM0lOaDhSa0tnMm1uN1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQABf9UAwQA
Bf9ZMBgEAgACMBIDBwAqAByoAIQDBwAqAByoAIkwDQYJKoZIhvcNAQELBQADggEB
ACHdQNyWkmrnRcp/MlPOIpQBjipUGMy51Hpr0KKL3Dfxfyce7wG01zv6qPsnEYaH
qf9wNX5n9B5hypJ6B5GJMgPW8khmJGEvqmtldu5ItSh12pxx2jOtg+GpBty3g4eU
JaVmm9ltYxOEGT56PKbhV1rOFjqC2bOFfwqsoEs9La4ub2uw71J5/Nuq1KM3BK49
sAr+gcZWeR8vZpIR1oO+b3MVEcHyn4eFdOZ3M90gH3dizBoA1JpMqCb3j3HVmplf
tmShPu7Tf45ArnCE4ex7PXmBX831VASLIsw7SN6zLj7pDU8O4GMreZFxx2BFCvOH
XI08wJ/znnx5fOPnJYe7Zbk=
-----END CERTIFICATE-----
Generated at Wed Apr 9 13:06:21 2025 by rpki-client