Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/cf6c24-ed3d-41ea-98f7-173f2e7a36f1/1/pzaipS503aFblufNF4TjlZGKM94.roa
File: pzaipS503aFblufNF4TjlZGKM94.roa (raw, json)
Hash identifier: KhmZblsH1vECyr4ykXkXB1mY+tibN/vFxX4c/CESLck=
Subject key identifier: A7:36:A2:A5:2E:74:DD:A1:5B:96:E7:CD:17:84:E3:95:91:8A:33:DE
Certificate issuer: /CN=b53e5447ca064e98ae083556c721d14f2d9a6a52
Certificate serial: 0183E649614C08F449328AD95F7526C3B2EC
Authority key identifier: B5:3E:54:47:CA:06:4E:98:AE:08:35:56:C7:21:D1:4F:2D:9A:6A:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tT5UR8oGTpiuCDVWxyHRTy2aalI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/cf6c24-ed3d-41ea-98f7-173f2e7a36f1/1/pzaipS503aFblufNF4TjlZGKM94.roa
Signing time: Mon 17 Oct 2022 14:11:52 +0000
ROA not before: Mon 17 Oct 2022 14:11:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22653
IP address blocks: 2.58.93.0/24 maxlen: 24
2.58.95.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e6:49:61:4c:08:f4:49:32:8a:d9:5f:75:26:c3:b2:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b53e5447ca064e98ae083556c721d14f2d9a6a52
Validity
Not Before: Oct 17 14:11:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a736a2a52e74dda15b96e7cd1784e395918a33de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:16:d7:eb:b6:41:ad:96:5a:c0:12:fc:ef:5f:
4c:ec:4f:ce:e7:06:a8:1e:ec:64:1f:af:0d:6b:4d:
30:38:00:45:aa:7f:82:26:1c:d0:5a:fb:60:fe:3b:
89:e4:da:19:25:fe:9b:d2:87:01:ec:51:6e:f7:64:
9d:34:07:b0:59:31:10:12:5c:07:02:00:2f:28:c2:
3a:14:64:a5:3f:4d:21:f7:ad:40:a0:e2:0c:cb:91:
c0:94:90:e8:d7:54:e4:ee:b0:b0:10:62:57:a3:53:
04:d9:9b:f7:55:38:7a:fc:0e:cd:89:ac:8b:f7:f3:
fe:3c:72:3e:aa:fa:75:8e:ff:3b:ca:60:63:1b:8a:
d1:0b:f2:0a:8f:df:b5:5a:56:31:b0:5b:ce:b5:8c:
c1:4d:52:ed:27:63:04:63:4f:97:56:a7:d5:ac:b7:
e2:ec:dd:b6:f6:0e:2d:e3:e4:7c:5e:fb:a5:e6:5b:
ad:ce:d5:f5:ac:c1:43:c8:81:96:26:3a:32:fa:01:
44:20:aa:9c:53:ff:9a:33:49:32:c0:4b:2a:82:3e:
04:ae:d9:a1:98:c3:2d:af:36:8f:1e:20:ba:22:60:
55:11:06:12:4a:05:be:58:6a:7a:4d:a1:33:df:d4:
55:7a:e2:48:4a:ee:ae:ef:43:fa:dc:d2:c6:b0:df:
c5:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:36:A2:A5:2E:74:DD:A1:5B:96:E7:CD:17:84:E3:95:91:8A:33:DE
X509v3 Authority Key Identifier:
keyid:B5:3E:54:47:CA:06:4E:98:AE:08:35:56:C7:21:D1:4F:2D:9A:6A:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tT5UR8oGTpiuCDVWxyHRTy2aalI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/cf6c24-ed3d-41ea-98f7-173f2e7a36f1/1/pzaipS503aFblufNF4TjlZGKM94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/cf6c24-ed3d-41ea-98f7-173f2e7a36f1/1/tT5UR8oGTpiuCDVWxyHRTy2aalI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.93.0/24
2.58.95.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:11:9c:04:b4:5c:16:13:af:7d:d7:70:0c:4f:ed:e0:b5:21:
52:07:90:67:18:9e:cb:c6:b4:6f:64:79:c8:57:de:5b:ee:e9:
3c:d6:a8:fb:03:11:67:9f:fa:ec:e8:9a:63:03:4e:2f:0a:f1:
10:ed:81:ed:c2:0a:2e:d8:69:9f:b5:08:0a:05:ae:3b:f5:20:
26:8d:e0:57:84:73:f4:d1:83:0d:28:ec:2e:7a:ed:34:a3:cf:
d3:84:ad:a4:c1:3b:a1:b3:d2:9c:03:63:cc:bc:9a:31:71:14:
10:12:de:d4:51:3f:d9:c9:47:3b:ed:f7:3c:a4:28:fa:99:45:
9d:46:77:01:12:4d:e4:50:c6:f8:50:36:fb:64:6f:f9:9b:48:
d4:a0:73:01:3e:09:04:7b:f9:ea:f6:2b:39:59:e4:88:dc:cf:
83:36:d4:de:50:fe:87:be:ef:b1:fd:b4:38:db:67:c7:fa:bb:
bc:a9:08:a7:15:d9:a7:f6:42:76:f1:06:63:79:b6:69:b0:ea:
30:58:32:c1:d1:ca:1e:67:16:d4:01:41:72:e4:c6:74:32:d6:
2e:ce:29:b2:fa:40:9f:d1:aa:ea:09:20:73:53:3b:c7:00:e9:
6d:a6:72:17:0f:d3:73:cf:b0:bf:0c:f1:ca:da:b3:4e:3d:11:
d0:47:15:db
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYPmSWFMCPRJMorZX3Umw7LsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1M2U1NDQ3Y2EwNjRlOThhZTA4MzU1NmM3MjFkMTRmMmQ5
YTZhNTIwHhcNMjIxMDE3MTQxMTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzM2YTJhNTJlNzRkZGExNWI5NmU3Y2QxNzg0ZTM5NTkxOGEzM2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxbX67ZBrZZawBL8719M7E/O5wao
HuxkH68Na00wOABFqn+CJhzQWvtg/juJ5NoZJf6b0ocB7FFu92SdNAewWTEQElwH
AgAvKMI6FGSlP00h961AoOIMy5HAlJDo11Tk7rCwEGJXo1ME2Zv3VTh6/A7NiayL
9/P+PHI+qvp1jv87ymBjG4rRC/IKj9+1WlYxsFvOtYzBTVLtJ2MEY0+XVqfVrLfi
7N229g4t4+R8Xvul5lutztX1rMFDyIGWJjoy+gFEIKqcU/+aM0kywEsqgj4Ertmh
mMMtrzaPHiC6ImBVEQYSSgW+WGp6TaEz39RVeuJISu6u70P63NLGsN/FSwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKc2oqUudN2hW5bnzReE45WRijPeMB8GA1UdIwQY
MBaAFLU+VEfKBk6Yrgg1Vsch0U8tmmpSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFQ1VVI4b0dUcGl1Q0RWV3h5SFJUeTJhYWxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9jZjZjMjQtZWQzZC00MWVhLTk4Zjct
MTczZjJlN2EzNmYxLzEvcHphaXBTNTAzYUZibHVmTkY0VGpsWkdLTTk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9jZjZjMjQtZWQzZC00MWVhLTk4ZjctMTczZjJlN2EzNmYx
LzEvdFQ1VVI4b0dUcGl1Q0RWV3h5SFJUeTJhYWxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAjpdAwQA
AjpfMA0GCSqGSIb3DQEBCwUAA4IBAQBLEZwEtFwWE69913AMT+3gtSFSB5BnGJ7L
xrRvZHnIV95b7uk81qj7AxFnn/rs6JpjA04vCvEQ7YHtwgou2GmftQgKBa479SAm
jeBXhHP00YMNKOwueu00o8/ThK2kwTuhs9KcA2PMvJoxcRQQEt7UUT/ZyUc77fc8
pCj6mUWdRncBEk3kUMb4UDb7ZG/5m0jUoHMBPgkEe/nq9is5WeSI3M+DNtTeUP6H
vu+x/bQ422fH+ru8qQinFdmn9kJ28QZjebZpsOowWDLB0coeZxbUAUFy5MZ0MtYu
zimy+kCf0arqCSBzUzvHAOltpnIXD9Nzz7C/DPHK2rNOPRHQRxXb
-----END CERTIFICATE-----
Generated at Wed Apr 23 06:30:33 2025 by rpki-client