Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/sZG-sGNF2g_bzP7UHFWS46eQwHU.roa
File: sZG-sGNF2g_bzP7UHFWS46eQwHU.roa (raw, json)
Hash identifier: ZW7Hklpbp5glvilF6Rijbfiz4n0SIQTxH3Q9fTmMQy4=
Subject key identifier: B1:91:BE:B0:63:45:DA:0F:DB:CC:FE:D4:1C:55:92:E3:A7:90:C0:75
Certificate issuer: /CN=969948d0fe4d7f99d54ba8bffcd99a1a608ae0d3
Certificate serial: 0194228DF3A8DEF1DF7AB7052EB0FD5DD59F
Authority key identifier: 96:99:48:D0:FE:4D:7F:99:D5:4B:A8:BF:FC:D9:9A:1A:60:8A:E0:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lplI0P5Nf5nVS6i__NmaGmCK4NM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/sZG-sGNF2g_bzP7UHFWS46eQwHU.roa
Signing time: Wed 01 Jan 2025 15:48:35 +0000
ROA not before: Wed 01 Jan 2025 15:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61157
IP address blocks: 134.97.4.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:f3:a8:de:f1:df:7a:b7:05:2e:b0:fd:5d:d5:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=969948d0fe4d7f99d54ba8bffcd99a1a608ae0d3
Validity
Not Before: Jan 1 15:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b191beb06345da0fdbccfed41c5592e3a790c075
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b7:b9:ea:c9:9b:33:1c:99:8b:63:c5:5a:37:
f6:26:5e:32:12:c0:99:59:3c:0c:6c:11:03:a1:66:
6a:06:ad:be:94:e1:65:bc:f4:a1:db:c1:ef:1d:df:
55:5c:05:0f:ba:1a:09:f4:6f:b3:87:22:3d:ec:17:
8f:b6:a1:1e:8e:c8:7e:0c:19:86:5e:1e:78:7d:9b:
75:13:96:2f:b6:2f:a0:2e:12:d1:92:b7:69:0d:c4:
d2:4b:20:6b:d0:d2:13:f7:b4:72:81:dd:71:f4:4e:
c2:44:da:2d:06:35:5f:c6:46:16:db:66:b8:f9:12:
1d:45:be:c8:48:42:cd:b5:f7:b4:f7:fb:b5:68:bf:
a3:96:d0:2a:9f:78:fa:f3:7a:78:f3:8c:a3:28:cb:
96:40:e5:6f:ca:b3:29:3f:47:f9:b4:3e:b1:4b:85:
81:e1:5b:76:51:63:6d:89:8b:08:9d:0e:d4:de:0e:
29:33:24:33:39:45:9a:f4:d5:20:ca:93:2c:74:62:
12:9d:ee:e5:2e:1f:9c:a2:d7:4a:d4:04:79:0c:97:
3a:22:1b:cc:a9:2f:6d:c4:1b:f4:59:dc:1f:37:fd:
1f:2b:6d:7b:33:0d:61:9f:78:30:08:3c:78:9e:ca:
6f:4a:f1:07:86:df:07:0a:44:51:a1:48:a5:fc:f3:
af:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:91:BE:B0:63:45:DA:0F:DB:CC:FE:D4:1C:55:92:E3:A7:90:C0:75
X509v3 Authority Key Identifier:
keyid:96:99:48:D0:FE:4D:7F:99:D5:4B:A8:BF:FC:D9:9A:1A:60:8A:E0:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lplI0P5Nf5nVS6i__NmaGmCK4NM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/sZG-sGNF2g_bzP7UHFWS46eQwHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/lplI0P5Nf5nVS6i__NmaGmCK4NM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.97.4.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:ab:bd:e0:64:e8:89:34:88:d5:11:9d:3b:cc:c7:a2:27:45:
ed:62:fe:23:35:52:45:12:88:b2:4b:af:37:eb:a0:8c:a5:1d:
94:a3:4c:0d:32:51:c8:0b:e2:c5:dc:5c:75:85:64:62:a5:fb:
e7:51:c1:96:53:a5:a5:27:dc:2e:f8:3a:a6:69:de:a9:08:22:
2d:00:93:7e:05:bf:a6:ec:de:e3:60:33:78:bf:33:87:97:c7:
6f:23:70:9f:f8:70:c6:63:67:4c:ab:90:fe:13:32:55:f3:ef:
56:74:77:fa:ba:24:c6:a8:cd:ad:ec:82:0d:45:ad:e4:9b:c3:
c3:84:65:1b:ee:13:84:2d:99:17:fc:35:d5:df:ae:19:5f:30:
a3:21:65:56:7a:df:e4:c2:86:cb:cd:76:95:36:99:be:ae:1c:
69:cb:a3:6a:e5:53:4e:7a:a0:07:0d:b3:71:87:c8:1e:b5:50:
30:43:9b:56:2f:73:75:08:20:82:15:be:30:b8:e3:b1:58:1b:
be:6f:a9:d1:de:0a:c7:0a:44:e3:5e:b8:65:11:e4:de:16:61:
97:04:df:f0:d1:f6:5c:66:00:f7:c3:c2:5d:69:ec:a0:40:bf:
26:2e:c1:b9:56:ec:60:87:4b:c6:f4:97:eb:97:b6:9f:a5:4b:
ab:37:0a:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijfOo3vHfercFLrD9XdWfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2OTk0OGQwZmU0ZDdmOTlkNTRiYThiZmZjZDk5YTFhNjA4
YWUwZDMwHhcNMjUwMTAxMTU0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTkxYmViMDYzNDVkYTBmZGJjY2ZlZDQxYzU1OTJlM2E3OTBjMDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7e56smbMxyZi2PFWjf2Jl4yEsCZ
WTwMbBEDoWZqBq2+lOFlvPSh28HvHd9VXAUPuhoJ9G+zhyI97BePtqEejsh+DBmG
Xh54fZt1E5Yvti+gLhLRkrdpDcTSSyBr0NIT97Rygd1x9E7CRNotBjVfxkYW22a4
+RIdRb7ISELNtfe09/u1aL+jltAqn3j683p484yjKMuWQOVvyrMpP0f5tD6xS4WB
4Vt2UWNtiYsInQ7U3g4pMyQzOUWa9NUgypMsdGISne7lLh+cotdK1AR5DJc6IhvM
qS9txBv0WdwfN/0fK217Mw1hn3gwCDx4nspvSvEHht8HCkRRoUil/POvQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLGRvrBjRdoP28z+1BxVkuOnkMB1MB8GA1UdIwQY
MBaAFJaZSND+TX+Z1Uuov/zZmhpgiuDTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHBsSTBQNU5mNW5WUzZpX19ObWFHbUNLNE5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xYTJmYTItZWViMy00MzEyLTkxMzAt
NTNjYzVkYWY1MmNmLzEvc1pHLXNHTkYyZ19ielA3VUhGV1M0NmVRd0hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xYTJmYTItZWViMy00MzEyLTkxMzAtNTNjYzVkYWY1MmNm
LzEvbHBsSTBQNU5mNW5WUzZpX19ObWFHbUNLNE5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAhmEEMA0G
CSqGSIb3DQEBCwUAA4IBAQAdq73gZOiJNIjVEZ07zMeiJ0XtYv4jNVJFEoiyS683
66CMpR2Uo0wNMlHIC+LF3Fx1hWRipfvnUcGWU6WlJ9wu+Dqmad6pCCItAJN+Bb+m
7N7jYDN4vzOHl8dvI3Cf+HDGY2dMq5D+EzJV8+9WdHf6uiTGqM2t7IINRa3km8PD
hGUb7hOELZkX/DXV364ZXzCjIWVWet/kwobLzXaVNpm+rhxpy6Nq5VNOeqAHDbNx
h8getVAwQ5tWL3N1CCCCFb4wuOOxWBu+b6nR3grHCkTjXrhlEeTeFmGXBN/w0fZc
ZgD3w8JdaeygQL8mLsG5Vuxgh0vG9Jfrl7afpUurNwoC
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:05:41 2025 by rpki-client