Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/ZrTbzv32FqeDFz-tBHKOOS92U8g.roa
File: ZrTbzv32FqeDFz-tBHKOOS92U8g.roa (raw, json)
Hash identifier: E9Z6cb2gogYdkVe67Kis5vH4twa7HT119jQRINHGzZo=
Subject key identifier: 66:B4:DB:CE:FD:F6:16:A7:83:17:3F:AD:04:72:8E:39:2F:76:53:C8
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 019420682FA4EDF5316E5A1A292910F0D048
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/ZrTbzv32FqeDFz-tBHKOOS92U8g.roa
Signing time: Wed 01 Jan 2025 05:48:06 +0000
ROA not before: Wed 01 Jan 2025 05:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34661
IP address blocks: 45.152.164.0/22 maxlen: 22
89.28.200.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:2f:a4:ed:f5:31:6e:5a:1a:29:29:10:f0:d0:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Jan 1 05:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=66b4dbcefdf616a783173fad04728e392f7653c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b8:fb:57:89:94:00:b0:8a:bc:b0:d2:db:d5:
9b:a7:f9:5a:c1:04:85:fe:3f:fb:a3:93:9a:7f:84:
f7:b5:74:5e:62:4a:a3:25:cd:6a:60:e5:a1:e1:16:
86:71:e2:24:7a:7f:c7:12:ef:f8:c8:79:ee:36:47:
d9:bf:d7:37:da:06:61:05:f6:a2:ed:71:50:37:81:
30:ab:af:06:78:25:bf:2c:28:ae:48:b4:4d:34:cc:
b0:72:a8:d7:e0:05:35:69:29:df:69:61:17:c6:ea:
5d:d9:fa:63:0c:b0:e1:ab:e7:1f:76:cf:73:45:5f:
70:e8:d9:72:da:ab:40:e0:e3:1f:5f:c7:f9:51:be:
3f:81:37:b6:62:d7:a3:ea:11:7c:d3:c7:01:42:08:
84:58:51:9e:f5:e5:1e:56:00:cf:ae:b0:06:01:aa:
ba:fb:5c:37:e8:6f:de:38:f4:8c:62:2f:7d:1b:90:
c5:fa:a5:44:4f:cd:87:12:c6:83:1a:99:3f:87:76:
16:05:0b:c0:78:57:90:1c:0f:7f:93:40:8d:c8:cd:
3f:79:0a:38:bf:5b:b7:3b:ca:dd:6d:a8:77:36:db:
fa:ec:50:5c:f9:96:cc:82:be:62:42:ec:83:93:d5:
ef:b7:81:60:64:b8:83:0a:d1:89:b9:13:fd:72:9b:
9a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:B4:DB:CE:FD:F6:16:A7:83:17:3F:AD:04:72:8E:39:2F:76:53:C8
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/ZrTbzv32FqeDFz-tBHKOOS92U8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.164.0/22
89.28.200.0/21
Signature Algorithm: sha256WithRSAEncryption
92:85:01:fc:5f:6b:00:f2:3a:4d:fe:1c:81:52:af:d8:01:12:
d2:80:2c:2a:fb:72:da:29:6f:f6:e6:17:03:85:3b:09:b8:1d:
33:2f:73:0a:92:41:cd:eb:00:6c:a7:59:b5:38:8b:cf:28:12:
9b:08:93:e9:03:a3:ea:15:51:e2:6c:e0:84:78:b6:c0:85:13:
23:69:6b:8b:23:c6:56:c7:4e:d8:ce:65:bb:d0:d5:c4:0a:71:
1b:df:ca:ad:4a:87:a6:71:4f:d8:07:ce:06:c8:4f:79:e4:5a:
36:95:d9:f4:ca:57:f8:b9:31:90:66:21:d2:04:a4:39:34:60:
72:30:f9:ae:67:7b:01:b6:ff:0d:7f:38:e6:f2:45:69:ca:b7:
6c:94:fb:46:4b:cc:23:82:6b:c7:b8:38:dd:5c:46:25:56:b7:
04:67:9e:36:a6:d3:50:74:4e:21:be:02:b2:db:95:29:4f:8c:
b5:03:dd:0b:3f:f1:37:c8:3b:c5:35:61:ca:53:46:0e:10:f7:
89:e0:04:4a:69:d5:d4:bc:67:35:b2:2a:6e:37:8a:ee:11:fe:
0f:86:ec:37:72:99:50:2e:e1:40:0c:6c:7d:73:51:f4:ea:32:
66:7c:af:5a:e9:a0:d1:05:11:e1:96:3a:45:f7:20:23:17:1f:
1e:25:bb:55
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQgaC+k7fUxbloaKSkQ8NBIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjUwMTAxMDU0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmI0ZGJjZWZkZjYxNmE3ODMxNzNmYWQwNDcyOGUzOTJmNzY1M2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrj7V4mUALCKvLDS29Wbp/lawQSF
/j/7o5Oaf4T3tXReYkqjJc1qYOWh4RaGceIken/HEu/4yHnuNkfZv9c32gZhBfai
7XFQN4Ewq68GeCW/LCiuSLRNNMywcqjX4AU1aSnfaWEXxupd2fpjDLDhq+cfds9z
RV9w6Nly2qtA4OMfX8f5Ub4/gTe2Ytej6hF808cBQgiEWFGe9eUeVgDPrrAGAaq6
+1w36G/eOPSMYi99G5DF+qVET82HEsaDGpk/h3YWBQvAeFeQHA9/k0CNyM0/eQo4
v1u3O8rdbah3Ntv67FBc+ZbMgr5iQuyDk9Xvt4FgZLiDCtGJuRP9cpuawQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGa028799hangxc/rQRyjjkvdlPIMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvWnJUYnp2MzJGcWVERnotdEJIS09PUzkyVThnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLZikAwQD
WRzIMA0GCSqGSIb3DQEBCwUAA4IBAQCShQH8X2sA8jpN/hyBUq/YARLSgCwq+3La
KW/25hcDhTsJuB0zL3MKkkHN6wBsp1m1OIvPKBKbCJPpA6PqFVHibOCEeLbAhRMj
aWuLI8ZWx07YzmW70NXECnEb38qtSoemcU/YB84GyE955Fo2ldn0ylf4uTGQZiHS
BKQ5NGByMPmuZ3sBtv8Nfzjm8kVpyrdslPtGS8wjgmvHuDjdXEYlVrcEZ542ptNQ
dE4hvgKy25UpT4y1A90LP/E3yDvFNWHKU0YOEPeJ4ARKadXUvGc1sipuN4ruEf4P
huw3cplQLuFADGx9c1H06jJmfK9a6aDRBRHhljpF9yAjFx8eJbtV
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:26:16 2025 by rpki-client