Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/19118c-ae60-48e3-a032-f8af568563e4/1/mZP-bC2L391t5pxlo3-Mr31yrUo.roa
File: mZP-bC2L391t5pxlo3-Mr31yrUo.roa (raw, json)
Hash identifier: N1MBclriLJadAk5vQmXNa480gILUxbu4dUJmlbuXXyA=
Subject key identifier: 99:93:FE:6C:2D:8B:DF:DD:6D:E6:9C:65:A3:7F:8C:AF:7D:72:AD:4A
Certificate issuer: /CN=6647892437160dd5777ed3ed78d49bc72b5e1c5e
Certificate serial: 019155640055048400266A24EF9F46A80275
Authority key identifier: 66:47:89:24:37:16:0D:D5:77:7E:D3:ED:78:D4:9B:C7:2B:5E:1C:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZkeJJDcWDdV3ftPteNSbxyteHF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/19118c-ae60-48e3-a032-f8af568563e4/1/mZP-bC2L391t5pxlo3-Mr31yrUo.roa
Signing time: Thu 15 Aug 2024 09:35:02 +0000
ROA not before: Thu 15 Aug 2024 09:35:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205006
IP address blocks: 62.200.53.0/24 maxlen: 24
62.200.182.0/24 maxlen: 24
213.62.84.0/24 maxlen: 24
213.62.85.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:55:64:00:55:04:84:00:26:6a:24:ef:9f:46:a8:02:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6647892437160dd5777ed3ed78d49bc72b5e1c5e
Validity
Not Before: Aug 15 09:35:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9993fe6c2d8bdfdd6de69c65a37f8caf7d72ad4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:d7:d5:9d:b8:ac:aa:5a:9f:12:a7:70:c0:5f:
45:18:25:71:09:18:6d:ed:ab:67:e5:7a:b7:2a:7d:
61:de:f2:de:df:fd:6e:84:71:52:47:af:0a:00:fd:
81:ab:2e:f0:51:cc:d5:72:01:d3:73:d6:bd:6e:67:
35:90:a3:83:1c:e8:0e:23:40:46:51:46:89:8e:66:
1b:12:30:78:82:41:e6:5e:76:c7:69:08:ac:59:b8:
bf:e6:94:8f:19:a1:77:39:71:5f:81:4d:8a:0c:bf:
e8:c0:34:d4:ce:aa:af:7c:8e:e4:da:ab:9a:eb:79:
ba:07:5b:ce:6c:d7:18:cd:23:ef:8f:99:34:fb:95:
6f:64:7e:28:7d:c5:f1:69:b1:ae:46:3f:c1:6d:60:
cf:94:5d:9b:24:a9:59:70:39:33:e6:63:10:eb:ea:
4f:a8:41:ac:15:27:f4:b3:e6:2d:9d:b2:4b:07:b2:
7c:21:90:71:92:27:64:4b:4f:ce:1f:fe:29:fa:33:
8b:c9:a7:c5:f5:f5:f6:ba:2e:43:fb:98:e5:4b:10:
4b:5b:c7:68:26:03:70:69:33:be:78:c0:e2:1f:44:
01:39:6d:35:95:1d:a2:e0:29:07:e7:bf:1c:1d:9a:
df:0a:da:b1:be:46:07:d5:74:a1:99:41:3d:80:f7:
7e:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:93:FE:6C:2D:8B:DF:DD:6D:E6:9C:65:A3:7F:8C:AF:7D:72:AD:4A
X509v3 Authority Key Identifier:
keyid:66:47:89:24:37:16:0D:D5:77:7E:D3:ED:78:D4:9B:C7:2B:5E:1C:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZkeJJDcWDdV3ftPteNSbxyteHF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/19118c-ae60-48e3-a032-f8af568563e4/1/mZP-bC2L391t5pxlo3-Mr31yrUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/19118c-ae60-48e3-a032-f8af568563e4/1/ZkeJJDcWDdV3ftPteNSbxyteHF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.200.53.0/24
62.200.182.0/24
213.62.84.0/23
Signature Algorithm: sha256WithRSAEncryption
66:a9:1b:6e:fa:8c:a1:fd:35:99:6f:87:b2:61:db:99:44:44:
79:bd:27:44:b5:60:a5:af:ca:d6:e6:ca:0b:a0:0a:76:3c:bf:
1e:b1:6f:2b:31:a2:c7:77:45:22:15:fd:4b:78:62:d2:70:fd:
14:5d:61:3e:21:df:22:77:23:30:80:64:88:7b:fa:90:01:89:
2d:48:fb:68:95:d0:45:95:8e:47:7f:93:49:33:32:7f:f6:11:
3b:ef:14:f4:a6:e4:f2:be:a7:7f:96:f4:70:89:66:f3:f2:44:
e0:67:b7:89:73:7e:d4:d3:a0:a6:17:4b:43:41:f0:7d:f3:c8:
6e:51:6c:1e:0b:b3:dc:57:2d:fa:da:99:59:38:7e:02:6b:1b:
cf:3b:62:50:1e:2a:fb:fa:58:5b:08:f0:bb:7b:90:58:dc:ee:
4f:b2:be:b8:09:5c:f1:df:1a:64:c3:1e:d4:88:0f:46:0c:48:
4d:78:99:3a:2e:f2:d4:90:bc:3c:1c:1c:2a:47:00:9f:3a:95:
1e:5b:a2:57:c9:a2:6d:e0:51:0f:a4:c1:1a:56:0f:c3:f4:8d:
5a:91:de:f1:0a:7f:98:60:52:d2:d2:ad:d8:76:be:06:1e:cf:
4b:71:37:a5:66:cd:43:47:d2:63:d0:ad:65:76:60:8d:11:94:
c6:b8:5b:3a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZFVZABVBIQAJmok759GqAJ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NDc4OTI0MzcxNjBkZDU3NzdlZDNlZDc4ZDQ5YmM3MmI1
ZTFjNWUwHhcNMjQwODE1MDkzNTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTkzZmU2YzJkOGJkZmRkNmRlNjljNjVhMzdmOGNhZjdkNzJhZDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3tfVnbisqlqfEqdwwF9FGCVxCRht
7atn5Xq3Kn1h3vLe3/1uhHFSR68KAP2Bqy7wUczVcgHTc9a9bmc1kKODHOgOI0BG
UUaJjmYbEjB4gkHmXnbHaQisWbi/5pSPGaF3OXFfgU2KDL/owDTUzqqvfI7k2qua
63m6B1vObNcYzSPvj5k0+5VvZH4ofcXxabGuRj/BbWDPlF2bJKlZcDkz5mMQ6+pP
qEGsFSf0s+YtnbJLB7J8IZBxkidkS0/OH/4p+jOLyafF9fX2ui5D+5jlSxBLW8do
JgNwaTO+eMDiH0QBOW01lR2i4CkH578cHZrfCtqxvkYH1XShmUE9gPd+9wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJmT/mwti9/dbeacZaN/jK99cq1KMB8GA1UdIwQY
MBaAFGZHiSQ3Fg3Vd37T7XjUm8crXhxeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmtlSkpEY1dEZFYzZnRQdGVOU2J4eXRlSEY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8xOTExOGMtYWU2MC00OGUzLWEwMzIt
ZjhhZjU2ODU2M2U0LzEvbVpQLWJDMkwzOTF0NXB4bG8zLU1yMzF5clVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8xOTExOGMtYWU2MC00OGUzLWEwMzItZjhhZjU2ODU2M2U0
LzEvWmtlSkpEY1dEZFYzZnRQdGVOU2J4eXRlSEY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAPsg1AwQA
Psi2AwQB1T5UMA0GCSqGSIb3DQEBCwUAA4IBAQBmqRtu+oyh/TWZb4eyYduZRER5
vSdEtWClr8rW5soLoAp2PL8esW8rMaLHd0UiFf1LeGLScP0UXWE+Id8idyMwgGSI
e/qQAYktSPtoldBFlY5Hf5NJMzJ/9hE77xT0puTyvqd/lvRwiWbz8kTgZ7eJc37U
06CmF0tDQfB988huUWweC7PcVy362plZOH4CaxvPO2JQHir7+lhbCPC7e5BY3O5P
sr64CVzx3xpkwx7UiA9GDEhNeJk6LvLUkLw8HBwqRwCfOpUeW6JXyaJt4FEPpMEa
Vg/D9I1akd7xCn+YYFLS0q3Ydr4GHs9LcTelZs1DR9Jj0K1ldmCNEZTGuFs6
-----END CERTIFICATE-----
Generated at Sun Jun 8 08:55:25 2025 by rpki-client