Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/440217-c5af-44ac-95d3-adfc72ef0dfa/1/ZRyYFoPWFr4LTQ9gIPHP5w-ddzQ.roa
File: ZRyYFoPWFr4LTQ9gIPHP5w-ddzQ.roa (raw, json)
Hash identifier: GUrbPOCAIn4PH8GnCdvd1SlQ4fdh24I+//UmwqdbMWk=
Subject key identifier: 65:1C:98:16:83:D6:16:BE:0B:4D:0F:60:20:F1:CF:E7:0F:9D:77:34
Certificate issuer: /CN=0c5cf70730512aefa70307662cf59288e8cd264c
Certificate serial: 01941FFA609BEA7CE5ECA123B8BD765E6666
Authority key identifier: 0C:5C:F7:07:30:51:2A:EF:A7:03:07:66:2C:F5:92:88:E8:CD:26:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DFz3BzBRKu-nAwdmLPWSiOjNJkw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/440217-c5af-44ac-95d3-adfc72ef0dfa/1/ZRyYFoPWFr4LTQ9gIPHP5w-ddzQ.roa
Signing time: Wed 01 Jan 2025 03:48:09 +0000
ROA not before: Wed 01 Jan 2025 03:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209242
IP address blocks: 91.209.253.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:60:9b:ea:7c:e5:ec:a1:23:b8:bd:76:5e:66:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c5cf70730512aefa70307662cf59288e8cd264c
Validity
Not Before: Jan 1 03:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=651c981683d616be0b4d0f6020f1cfe70f9d7734
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:8b:d8:4f:8a:d0:bc:24:ed:01:a1:e0:45:cb:
25:b7:9d:31:88:4a:89:60:3b:bc:d6:73:66:b4:87:
7b:a3:d4:98:7b:2c:09:c7:c5:7b:f4:ee:9d:42:e5:
40:96:d9:ba:29:3e:26:c2:05:dd:39:12:8a:29:e2:
9b:b7:c4:f2:e7:8c:74:3f:70:5a:0b:05:e6:15:e0:
d4:db:49:ad:70:5f:cb:e2:be:23:3d:cd:ce:8a:96:
8e:c6:93:11:41:65:9d:a8:d7:54:48:77:9b:c3:1b:
13:cb:03:18:bc:2b:eb:50:86:05:86:aa:33:62:53:
c9:f2:9b:bf:e5:4e:a0:68:f5:59:c6:d8:53:45:cb:
d6:bc:2b:a6:40:64:1e:cb:34:76:33:1f:11:02:26:
c3:e2:ba:d9:e9:cd:7f:c9:95:87:a4:f0:eb:3a:3e:
2e:de:49:ea:64:42:fb:9a:db:7f:2d:b3:67:5c:29:
10:ea:ed:32:ab:f3:77:4c:c8:f0:a7:15:6e:e7:d0:
09:4e:7e:f0:1a:aa:eb:b1:03:40:b1:b4:ea:8c:d0:
a0:de:ac:3d:82:d8:4c:0e:6b:18:f0:40:65:04:9e:
10:04:02:52:73:e3:d5:9c:30:64:d9:dc:66:cf:1f:
98:eb:05:d5:d1:5d:6f:65:04:72:e3:26:2a:89:1d:
09:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:1C:98:16:83:D6:16:BE:0B:4D:0F:60:20:F1:CF:E7:0F:9D:77:34
X509v3 Authority Key Identifier:
keyid:0C:5C:F7:07:30:51:2A:EF:A7:03:07:66:2C:F5:92:88:E8:CD:26:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DFz3BzBRKu-nAwdmLPWSiOjNJkw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/440217-c5af-44ac-95d3-adfc72ef0dfa/1/ZRyYFoPWFr4LTQ9gIPHP5w-ddzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/440217-c5af-44ac-95d3-adfc72ef0dfa/1/DFz3BzBRKu-nAwdmLPWSiOjNJkw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.253.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:a0:75:11:42:29:ce:8c:39:01:f4:46:a1:cf:1f:af:c9:34:
9f:ca:36:a0:a3:c9:da:08:62:fb:65:11:2c:36:57:63:ff:83:
49:79:84:88:d1:be:bf:51:50:ee:a1:37:1b:b1:e1:1a:63:46:
81:65:7c:ae:41:3d:16:d4:a3:cc:65:37:c4:98:04:f1:8f:d9:
77:1a:54:28:92:6b:f3:e0:66:21:fe:8e:0c:af:fc:b4:1c:2d:
86:9e:f4:c3:73:02:02:54:c7:e9:f4:8a:6a:f1:e8:85:7b:4e:
b8:6d:f4:cb:2e:a5:0b:7a:be:23:5f:df:8b:b0:b8:04:ee:3b:
81:3e:24:48:ab:04:80:04:81:f3:3b:f9:ce:86:26:b2:38:71:
94:df:29:4d:f5:ca:c5:87:25:31:d8:cd:b0:d7:d4:4e:22:c3:
94:12:6c:41:72:9f:9a:56:2e:82:c3:bb:0d:b4:c5:a8:0f:11:
2c:db:e7:c6:1c:06:a7:e0:0d:1f:f2:c7:1b:34:da:59:f4:a5:
77:95:9b:47:be:63:30:2f:38:bb:6b:68:0d:06:16:94:0a:7e:
61:15:fb:b8:1e:75:a0:33:b0:52:87:6c:0e:5b:85:e7:60:82:
05:63:2a:cd:1a:06:75:b9:51:e7:fd:ea:51:15:2b:5d:b0:97:
f1:e0:4a:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+mCb6nzl7KEjuL12XmZmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNWNmNzA3MzA1MTJhZWZhNzAzMDc2NjJjZjU5Mjg4ZThj
ZDI2NGMwHhcNMjUwMTAxMDM0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTFjOTgxNjgzZDYxNmJlMGI0ZDBmNjAyMGYxY2ZlNzBmOWQ3NzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIvYT4rQvCTtAaHgRcslt50xiEqJ
YDu81nNmtId7o9SYeywJx8V79O6dQuVAltm6KT4mwgXdORKKKeKbt8Ty54x0P3Ba
CwXmFeDU20mtcF/L4r4jPc3OipaOxpMRQWWdqNdUSHebwxsTywMYvCvrUIYFhqoz
YlPJ8pu/5U6gaPVZxthTRcvWvCumQGQeyzR2Mx8RAibD4rrZ6c1/yZWHpPDrOj4u
3knqZEL7mtt/LbNnXCkQ6u0yq/N3TMjwpxVu59AJTn7wGqrrsQNAsbTqjNCg3qw9
gthMDmsY8EBlBJ4QBAJSc+PVnDBk2dxmzx+Y6wXV0V1vZQRy4yYqiR0JUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGUcmBaD1ha+C00PYCDxz+cPnXc0MB8GA1UdIwQY
MBaAFAxc9wcwUSrvpwMHZiz1kojozSZMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREZ6M0J6QlJLdS1uQXdkbUxQV1NpT2pOSmt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi80NDAyMTctYzVhZi00NGFjLTk1ZDMt
YWRmYzcyZWYwZGZhLzEvWlJ5WUZvUFdGcjRMVFE5Z0lQSFA1dy1kZHpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi80NDAyMTctYzVhZi00NGFjLTk1ZDMtYWRmYzcyZWYwZGZh
LzEvREZ6M0J6QlJLdS1uQXdkbUxQV1NpT2pOSmt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9H9MA0G
CSqGSIb3DQEBCwUAA4IBAQB8oHURQinOjDkB9Eahzx+vyTSfyjago8naCGL7ZREs
Nldj/4NJeYSI0b6/UVDuoTcbseEaY0aBZXyuQT0W1KPMZTfEmATxj9l3GlQokmvz
4GYh/o4Mr/y0HC2GnvTDcwICVMfp9Ipq8eiFe064bfTLLqULer4jX9+LsLgE7juB
PiRIqwSABIHzO/nOhiayOHGU3ylN9crFhyUx2M2w19ROIsOUEmxBcp+aVi6Cw7sN
tMWoDxEs2+fGHAan4A0f8scbNNpZ9KV3lZtHvmMwLzi7a2gNBhaUCn5hFfu4HnWg
M7BSh2wOW4XnYIIFYyrNGgZ1uVHn/epRFStdsJfx4EpI
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:37:17 2025 by rpki-client