Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Zz2C034tOsF4fzktwDfFuRYqIT0.roa
File: Zz2C034tOsF4fzktwDfFuRYqIT0.roa (raw, json)
Hash identifier: Mj05PmWjtlbhiS69WOVcNMp42q/7eBp9C1WDMh59ufg=
Subject key identifier: 67:3D:82:D3:7E:2D:3A:C1:78:7F:39:2D:C0:37:C5:B9:16:2A:21:3D
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 019423D7174BC710D40E7408673B5020439E
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Zz2C034tOsF4fzktwDfFuRYqIT0.roa
Signing time: Wed 01 Jan 2025 21:48:06 +0000
ROA not before: Wed 01 Jan 2025 21:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198920
IP address blocks: 5.252.119.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:17:4b:c7:10:d4:0e:74:08:67:3b:50:20:43:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 1 21:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=673d82d37e2d3ac1787f392dc037c5b9162a213d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:49:01:df:98:d4:f7:2e:08:cb:a4:d2:d4:00:
6b:18:5f:fb:56:8e:fe:d5:33:8f:8a:9c:3e:dc:18:
3f:c0:a4:9f:9e:66:ce:7e:17:8a:41:46:85:c1:94:
a3:9b:d2:35:83:fb:80:5f:97:bb:cf:84:63:1d:14:
ac:8f:0b:22:59:ea:c4:da:a8:9d:5c:38:bd:f6:b5:
94:c9:dd:22:c1:a9:79:6f:51:ce:58:30:d5:28:69:
ed:2b:2c:3b:e9:84:06:75:71:6d:5a:f8:f4:e4:94:
3f:92:56:17:0a:18:59:c3:f5:00:f0:05:d7:4d:8a:
ca:d0:9c:9e:76:b4:e6:69:f9:dc:a2:4e:de:38:47:
ec:48:af:73:06:ba:3f:97:a7:6f:07:50:8e:af:4c:
0b:7a:dc:15:7c:8b:c3:ff:15:f2:6f:95:fa:09:e7:
75:b2:39:03:9b:8d:ea:5f:95:50:ec:e7:9a:53:7c:
f6:98:d5:3c:20:71:90:4d:8d:dc:39:9e:4c:43:93:
ea:49:7b:68:3b:40:f7:30:70:d6:fa:e6:7a:81:e7:
15:3e:51:9b:ba:dd:01:c2:ff:f3:16:8f:30:fe:aa:
00:3f:bf:41:4e:3e:24:c7:19:a1:3f:c9:84:f0:b7:
b1:a2:2c:f6:a9:29:03:be:80:b1:24:96:41:58:31:
4a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:3D:82:D3:7E:2D:3A:C1:78:7F:39:2D:C0:37:C5:B9:16:2A:21:3D
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Zz2C034tOsF4fzktwDfFuRYqIT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.119.0/24
Signature Algorithm: sha256WithRSAEncryption
49:52:1e:ed:90:94:9d:16:6c:6a:aa:47:c6:5e:88:8f:87:cc:
bd:5c:1b:cc:b9:e2:cc:55:f6:0e:d2:5f:54:ee:d4:2b:1a:a2:
7c:29:78:a9:c2:da:55:98:98:a1:46:db:25:0d:a6:e4:38:7a:
cc:01:f5:a4:bc:ea:31:7c:72:f4:da:c2:40:4d:8f:94:6f:67:
d4:44:ef:e5:a4:3e:09:80:40:52:61:9d:f7:d2:39:70:1f:d3:
12:05:64:ca:fc:b1:6b:ed:55:c8:a3:f4:03:c5:7d:41:40:83:
ab:26:62:70:0e:96:3c:45:b9:2c:b5:4a:59:32:5e:c1:66:ec:
1a:a4:35:da:1e:73:b0:f5:2b:8f:c6:72:f4:43:60:ad:f6:e0:
fa:ff:2b:7a:5e:5e:0c:a1:d2:56:e5:b9:d1:4a:7c:ed:3d:5b:
1e:4a:5a:20:d8:b6:c2:5e:6f:b7:42:d0:fd:8c:5c:46:d1:88:
f6:8c:2d:41:1e:e5:6e:ac:ba:e9:d8:94:9f:33:e1:1d:70:44:
82:c0:bd:04:2a:34:f9:a8:c4:ce:49:74:bc:8e:cc:38:a6:f4:
4b:74:51:91:83:5d:d8:81:6f:22:66:f4:91:21:25:6b:8a:63:
10:83:d4:d9:4b:38:0c:d1:2a:d0:c6:a2:26:fb:81:7c:37:4c:
78:e4:d0:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1xdLxxDUDnQIZztQIEOeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwMTAxMjE0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzNkODJkMzdlMmQzYWMxNzg3ZjM5MmRjMDM3YzViOTE2MmEyMTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+kkB35jU9y4Iy6TS1ABrGF/7Vo7+
1TOPipw+3Bg/wKSfnmbOfheKQUaFwZSjm9I1g/uAX5e7z4RjHRSsjwsiWerE2qid
XDi99rWUyd0iwal5b1HOWDDVKGntKyw76YQGdXFtWvj05JQ/klYXChhZw/UA8AXX
TYrK0JyedrTmafncok7eOEfsSK9zBro/l6dvB1COr0wLetwVfIvD/xXyb5X6Ced1
sjkDm43qX5VQ7OeaU3z2mNU8IHGQTY3cOZ5MQ5PqSXtoO0D3MHDW+uZ6gecVPlGb
ut0Bwv/zFo8w/qoAP79BTj4kxxmhP8mE8Lexoiz2qSkDvoCxJJZBWDFKaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGc9gtN+LTrBeH85LcA3xbkWKiE9MB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvWnoyQzAzNHRPc0Y0ZnprdHdEZkZ1UllxSVQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABfx3MA0G
CSqGSIb3DQEBCwUAA4IBAQBJUh7tkJSdFmxqqkfGXoiPh8y9XBvMueLMVfYO0l9U
7tQrGqJ8KXipwtpVmJihRtslDabkOHrMAfWkvOoxfHL02sJATY+Ub2fURO/lpD4J
gEBSYZ330jlwH9MSBWTK/LFr7VXIo/QDxX1BQIOrJmJwDpY8RbkstUpZMl7BZuwa
pDXaHnOw9SuPxnL0Q2Ct9uD6/yt6Xl4ModJW5bnRSnztPVseSlog2LbCXm+3QtD9
jFxG0Yj2jC1BHuVurLrp2JSfM+EdcESCwL0EKjT5qMTOSXS8jsw4pvRLdFGRg13Y
gW8iZvSRISVrimMQg9TZSzgM0SrQxqIm+4F8N0x45NBQ
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:46:49 2025 by rpki-client