Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/63efb8-bf24-48c2-8c50-75d9ce5b8d9c/1/ZN7LHZSqu6VYidqfpIPOfCxL2L4.roa
File: ZN7LHZSqu6VYidqfpIPOfCxL2L4.roa (raw, json)
Hash identifier: HOkUkg1LrwSaHvSseUfJQzAJzpgcTNuaZCYPqCnldN0=
Subject key identifier: 64:DE:CB:1D:94:AA:BB:A5:58:89:DA:9F:A4:83:CE:7C:2C:4B:D8:BE
Certificate issuer: /CN=5f0226a704cf620eb2000f27e7a919ce730991be
Certificate serial: 0195D57CF01F9FAFB9BFF506FE4EE97F8284
Authority key identifier: 5F:02:26:A7:04:CF:62:0E:B2:00:0F:27:E7:A9:19:CE:73:09:91:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XwImpwTPYg6yAA8n56kZznMJkb4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/63efb8-bf24-48c2-8c50-75d9ce5b8d9c/1/ZN7LHZSqu6VYidqfpIPOfCxL2L4.roa
Signing time: Thu 27 Mar 2025 02:44:49 +0000
ROA not before: Thu 27 Mar 2025 02:44:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 31.25.10.0/24 maxlen: 24
109.70.236.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d5:7c:f0:1f:9f:af:b9:bf:f5:06:fe:4e:e9:7f:82:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f0226a704cf620eb2000f27e7a919ce730991be
Validity
Not Before: Mar 27 02:44:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=64decb1d94aabba55889da9fa483ce7c2c4bd8be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:5e:ea:b7:31:e2:6a:7f:cd:7e:eb:92:0f:ea:
9f:6e:8b:2a:b0:22:10:e5:39:f3:81:89:77:05:09:
2d:60:5d:c4:36:a4:78:03:16:de:2c:98:c5:da:4e:
13:1c:56:f8:bd:c8:76:70:12:59:e5:bd:04:91:3c:
6a:2e:ed:b5:ff:a7:0d:43:ca:1a:41:39:0f:dd:de:
0e:8b:3e:51:2f:ba:a5:1e:1f:18:5a:00:54:6c:17:
5a:49:2f:f3:98:e0:9d:80:52:63:a5:bf:8f:dc:63:
96:e1:9b:af:71:f0:b5:8f:bc:0a:12:4c:16:6d:ac:
af:f2:7c:33:75:a0:e4:35:0d:98:16:44:b7:09:1b:
4b:b9:21:9a:11:79:77:f6:43:c7:40:1f:cb:d9:9c:
05:c5:2e:cc:34:43:a7:e0:1b:ae:4a:fd:33:db:ec:
4d:6e:36:32:a3:49:96:65:9d:7b:31:7f:9b:83:7a:
46:1f:02:5f:bf:97:36:63:8a:a1:d8:2d:3b:56:4b:
b2:d7:c8:63:45:9a:0d:e3:bf:09:fe:07:46:d9:c1:
48:4f:c4:10:73:a7:ec:14:ac:25:8b:39:cd:15:c9:
ae:8e:8d:55:51:97:30:fd:27:e6:12:29:5f:45:eb:
43:bc:39:84:a3:6d:35:73:e1:60:e3:72:4a:e2:86:
99:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:DE:CB:1D:94:AA:BB:A5:58:89:DA:9F:A4:83:CE:7C:2C:4B:D8:BE
X509v3 Authority Key Identifier:
keyid:5F:02:26:A7:04:CF:62:0E:B2:00:0F:27:E7:A9:19:CE:73:09:91:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XwImpwTPYg6yAA8n56kZznMJkb4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/63efb8-bf24-48c2-8c50-75d9ce5b8d9c/1/ZN7LHZSqu6VYidqfpIPOfCxL2L4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/63efb8-bf24-48c2-8c50-75d9ce5b8d9c/1/XwImpwTPYg6yAA8n56kZznMJkb4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.10.0/24
109.70.236.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:94:da:85:fc:28:e2:c9:c8:1a:7d:89:08:94:38:a8:be:35:
ec:ac:28:99:6a:38:24:97:da:e9:e5:d4:74:5c:1f:6a:fe:d1:
aa:51:08:78:2a:f0:0e:8a:8f:ba:02:74:66:d1:35:4e:cb:83:
06:4c:87:16:c0:3f:42:7b:b4:24:94:fa:76:37:a4:6d:a1:3d:
61:78:1d:2b:0e:6a:5f:c9:4d:d1:87:e3:72:be:73:e0:3b:02:
c1:57:8f:ff:64:5d:c6:cc:d9:19:6e:95:f8:52:34:d7:58:9c:
b0:c8:95:f1:90:9c:91:1a:f1:b4:33:b5:4c:7d:3b:0e:ce:86:
82:13:b8:10:39:ab:4d:3e:26:58:1d:44:75:a4:54:10:f1:c1:
29:3a:3c:c0:fd:2d:ba:cb:3a:37:7f:7e:79:b8:69:d8:31:3d:
c2:ac:a5:a1:5b:b2:12:76:af:7d:59:05:57:55:f0:2e:9e:97:
3f:2f:3b:66:99:ae:5a:a4:af:d2:33:ad:fe:59:96:f9:fb:df:
c1:0a:e6:ee:e8:6c:6e:f7:9d:af:46:9c:ca:a3:80:64:cc:c1:
23:40:a0:a5:ef:c3:71:fb:a8:6a:ba:12:eb:7a:22:0d:62:0e:
ab:12:0b:3b:04:89:c3:49:19:db:33:44:69:58:10:a7:ad:e0:
cf:46:33:87
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZXVfPAfn6+5v/UG/k7pf4KEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMDIyNmE3MDRjZjYyMGViMjAwMGYyN2U3YTkxOWNlNzMw
OTkxYmUwHhcNMjUwMzI3MDI0NDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGRlY2IxZDk0YWFiYmE1NTg4OWRhOWZhNDgzY2U3YzJjNGJkOGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqF7qtzHian/NfuuSD+qfbosqsCIQ
5TnzgYl3BQktYF3ENqR4AxbeLJjF2k4THFb4vch2cBJZ5b0EkTxqLu21/6cNQ8oa
QTkP3d4Oiz5RL7qlHh8YWgBUbBdaSS/zmOCdgFJjpb+P3GOW4ZuvcfC1j7wKEkwW
bayv8nwzdaDkNQ2YFkS3CRtLuSGaEXl39kPHQB/L2ZwFxS7MNEOn4BuuSv0z2+xN
bjYyo0mWZZ17MX+bg3pGHwJfv5c2Y4qh2C07Vkuy18hjRZoN478J/gdG2cFIT8QQ
c6fsFKwliznNFcmujo1VUZcw/SfmEilfRetDvDmEo201c+Fg43JK4oaZLwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGTeyx2UqrulWInan6SDznwsS9i+MB8GA1UdIwQY
MBaAFF8CJqcEz2IOsgAPJ+epGc5zCZG+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHdJbXB3VFBZZzZ5QUE4bjU2a1p6bk1Ka2I0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC82M2VmYjgtYmYyNC00OGMyLThjNTAt
NzVkOWNlNWI4ZDljLzEvWk43TEhaU3F1NlZZaWRxZnBJUE9mQ3hMMkw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC82M2VmYjgtYmYyNC00OGMyLThjNTAtNzVkOWNlNWI4ZDlj
LzEvWHdJbXB3VFBZZzZ5QUE4bjU2a1p6bk1Ka2I0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHxkKAwQA
bUbsMA0GCSqGSIb3DQEBCwUAA4IBAQB/lNqF/CjiycgafYkIlDiovjXsrCiZajgk
l9rp5dR0XB9q/tGqUQh4KvAOio+6AnRm0TVOy4MGTIcWwD9Ce7QklPp2N6RtoT1h
eB0rDmpfyU3Rh+NyvnPgOwLBV4//ZF3GzNkZbpX4UjTXWJywyJXxkJyRGvG0M7VM
fTsOzoaCE7gQOatNPiZYHUR1pFQQ8cEpOjzA/S26yzo3f355uGnYMT3CrKWhW7IS
dq99WQVXVfAunpc/Lztmma5apK/SM63+WZb5+9/BCubu6Gxu952vRpzKo4BkzMEj
QKCl78Nx+6hquhLreiINYg6rEgs7BInDSRnbM0RpWBCnreDPRjOH
-----END CERTIFICATE-----
Generated at Sat Apr 12 07:55:07 2025 by rpki-client