Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/ca44ee-01f3-4a29-840b-38d55790c04b/1/ZZCI6zrakZuLAEBfNH-bWssNm1k.roa
File: ZZCI6zrakZuLAEBfNH-bWssNm1k.roa (raw, json)
Hash identifier: WhKyW/SY7GQGsY2HHuefej0WSMNA6pbr60CqHQedvyI=
Subject key identifier: 65:90:88:EB:3A:DA:91:9B:8B:00:40:5F:34:7F:9B:5A:CB:0D:9B:59
Certificate issuer: /CN=52b554da0ebbe41bf54fb2d813e0b2ec6d482c54
Certificate serial: 01857094F8C8EE9D1BD11A3B4508255CD468
Authority key identifier: 52:B5:54:DA:0E:BB:E4:1B:F5:4F:B2:D8:13:E0:B2:EC:6D:48:2C:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UrVU2g675Bv1T7LYE-Cy7G1ILFQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/ca44ee-01f3-4a29-840b-38d55790c04b/1/ZZCI6zrakZuLAEBfNH-bWssNm1k.roa
Signing time: Mon 02 Jan 2023 03:44:49 +0000
ROA not before: Mon 02 Jan 2023 03:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43655
IP address blocks: 193.148.2.0/23 maxlen: 23
78.24.136.0/21 maxlen: 24
2a00:e70::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:94:f8:c8:ee:9d:1b:d1:1a:3b:45:08:25:5c:d4:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52b554da0ebbe41bf54fb2d813e0b2ec6d482c54
Validity
Not Before: Jan 2 03:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=659088eb3ada919b8b00405f347f9b5acb0d9b59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:94:a0:ed:2f:1a:69:e4:e7:9e:03:e4:a5:f5:
53:25:f8:dd:50:65:a8:8f:d9:d7:89:74:db:68:f7:
f7:3a:28:8b:f8:ad:d4:1d:c8:ac:41:0b:59:79:cc:
fd:3c:5d:e8:dd:fb:45:5b:56:97:b6:32:92:ac:98:
a5:5f:f0:9f:bc:72:14:92:54:be:05:26:c3:c3:40:
1d:4e:f0:cd:c9:5a:e3:45:2d:f2:d3:1f:21:1f:47:
8d:b9:4c:67:fe:22:62:0c:7c:1b:00:45:4d:3d:74:
e2:23:a6:44:28:8d:3d:e8:d3:eb:c9:65:72:07:6f:
90:08:30:b3:e2:68:47:0d:9e:7c:b4:39:e8:37:f7:
49:de:08:6a:8d:0f:8b:16:92:1c:4e:e1:3e:b1:b6:
5d:c7:ab:69:39:37:25:b4:fc:98:3a:2f:3b:98:78:
ef:6b:8b:36:74:6c:ba:85:af:72:f4:60:0d:60:66:
46:59:9d:38:35:92:ac:97:04:36:0d:a3:6d:3f:9b:
0e:1a:98:40:f8:cf:ee:8d:11:8f:9c:d5:af:d8:20:
3a:53:8a:0e:d2:5a:0b:53:4b:b3:c0:54:40:2a:b0:
ad:59:54:3b:97:43:a3:91:de:cc:3a:da:a2:a1:4d:
6b:98:04:bf:f3:43:17:cb:d9:61:95:e6:7c:c8:15:
7a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:90:88:EB:3A:DA:91:9B:8B:00:40:5F:34:7F:9B:5A:CB:0D:9B:59
X509v3 Authority Key Identifier:
keyid:52:B5:54:DA:0E:BB:E4:1B:F5:4F:B2:D8:13:E0:B2:EC:6D:48:2C:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UrVU2g675Bv1T7LYE-Cy7G1ILFQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ca44ee-01f3-4a29-840b-38d55790c04b/1/ZZCI6zrakZuLAEBfNH-bWssNm1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ca44ee-01f3-4a29-840b-38d55790c04b/1/UrVU2g675Bv1T7LYE-Cy7G1ILFQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.136.0/21
193.148.2.0/23
IPv6:
2a00:e70::/32
Signature Algorithm: sha256WithRSAEncryption
58:cb:33:d8:6b:a0:fe:5d:9a:3b:34:e3:fe:fa:48:9a:a5:68:
4a:86:6c:8f:fa:0c:47:28:e2:83:b2:31:f3:07:9b:a7:0b:4c:
71:3e:a9:14:83:82:0c:c4:1c:7e:9b:22:93:68:67:ba:df:3a:
ff:6f:88:77:4d:ca:af:52:c0:01:36:9b:5c:d9:25:65:f6:61:
77:3e:ed:08:98:e5:06:a8:0b:8c:ea:cb:a8:e7:56:d2:9c:11:
98:94:ef:6e:7a:d4:a0:e3:69:9b:59:67:6d:ac:0b:2f:ab:98:
a9:55:e5:98:7f:8c:30:dd:f7:ba:c1:86:88:b0:6f:63:c4:70:
ef:e7:43:62:b8:b9:f5:15:3e:9d:78:f3:7b:af:de:2a:2f:59:
a9:ef:95:d0:69:2d:ed:43:4d:e3:14:02:47:05:67:36:0a:9c:
d4:90:5e:65:9c:38:8b:d1:6d:31:26:c7:57:50:39:e2:7a:32:
fa:18:70:59:6b:f7:af:17:ab:92:4e:d2:e9:72:c9:29:aa:ff:
6d:cb:99:99:96:5e:a3:48:df:ba:8a:62:08:99:4e:10:64:56:
e4:1d:c0:c9:79:48:8c:b3:18:b9:58:34:e9:18:5c:ea:c7:3d:
90:03:63:db:2b:a2:d9:f5:34:6c:6b:13:e0:36:e9:ed:c5:98:
0c:66:81:bf
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwlPjI7p0b0Ro7RQglXNRoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyYjU1NGRhMGViYmU0MWJmNTRmYjJkODEzZTBiMmVjNmQ0
ODJjNTQwHhcNMjMwMTAyMDM0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTkwODhlYjNhZGE5MTliOGIwMDQwNWYzNDdmOWI1YWNiMGQ5YjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJSg7S8aaeTnngPkpfVTJfjdUGWo
j9nXiXTbaPf3OiiL+K3UHcisQQtZecz9PF3o3ftFW1aXtjKSrJilX/CfvHIUklS+
BSbDw0AdTvDNyVrjRS3y0x8hH0eNuUxn/iJiDHwbAEVNPXTiI6ZEKI096NPryWVy
B2+QCDCz4mhHDZ58tDnoN/dJ3ghqjQ+LFpIcTuE+sbZdx6tpOTcltPyYOi87mHjv
a4s2dGy6ha9y9GANYGZGWZ04NZKslwQ2DaNtP5sOGphA+M/ujRGPnNWv2CA6U4oO
0loLU0uzwFRAKrCtWVQ7l0Ojkd7MOtqioU1rmAS/80MXy9lhleZ8yBV6TQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGWQiOs62pGbiwBAXzR/m1rLDZtZMB8GA1UdIwQY
MBaAFFK1VNoOu+Qb9U+y2BPgsuxtSCxUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXJWVTJnNjc1QnYxVDdMWUUtQ3k3RzFJTEZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9jYTQ0ZWUtMDFmMy00YTI5LTg0MGIt
MzhkNTU3OTBjMDRiLzEvWlpDSTZ6cmFrWnVMQUVCZk5ILWJXc3NObTFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9jYTQ0ZWUtMDFmMy00YTI5LTg0MGItMzhkNTU3OTBjMDRi
LzEvVXJWVTJnNjc1QnYxVDdMWUUtQ3k3RzFJTEZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDThiIAwQB
wZQCMA0EAgACMAcDBQAqAA5wMA0GCSqGSIb3DQEBCwUAA4IBAQBYyzPYa6D+XZo7
NOP++kiapWhKhmyP+gxHKOKDsjHzB5unC0xxPqkUg4IMxBx+myKTaGe63zr/b4h3
TcqvUsABNptc2SVl9mF3Pu0ImOUGqAuM6suo51bSnBGYlO9uetSg42mbWWdtrAsv
q5ipVeWYf4ww3fe6wYaIsG9jxHDv50NiuLn1FT6dePN7r94qL1mp75XQaS3tQ03j
FAJHBWc2CpzUkF5lnDiL0W0xJsdXUDniejL6GHBZa/evF6uSTtLpcskpqv9ty5mZ
ll6jSN+6imIImU4QZFbkHcDJeUiMsxi5WDTpGFzqxz2QA2PbK6LZ9TRsaxPgNunt
xZgMZoG/
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:22 2025 by rpki-client