Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/zUc6DqYBO1sj46wWQ3wAEvpXb-4.roa
File: zUc6DqYBO1sj46wWQ3wAEvpXb-4.roa (raw, json)
Hash identifier: 2PqxyeqgwIjdfRTudpoarQfGLD6f0RaVLu/VTOBZnS4=
Subject key identifier: CD:47:3A:0E:A6:01:3B:5B:23:E3:AC:16:43:7C:00:12:FA:57:6F:EE
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0194282411B9F05546717DD78F1FD0FFC14C
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/zUc6DqYBO1sj46wWQ3wAEvpXb-4.roa
Signing time: Thu 02 Jan 2025 17:50:39 +0000
ROA not before: Thu 02 Jan 2025 17:50:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 5.102.104.0/22 maxlen: 24
31.186.180.0/22 maxlen: 24
82.163.96.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:11:b9:f0:55:46:71:7d:d7:8f:1f:d0:ff:c1:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jan 2 17:50:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd473a0ea6013b5b23e3ac16437c0012fa576fee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:fd:5f:36:93:5e:51:bd:3f:ad:7d:76:6b:b3:
56:65:95:5b:16:ef:07:93:8b:7a:4e:2d:35:55:a1:
91:ea:66:eb:6f:f6:ec:99:23:bf:63:0e:75:15:f5:
c8:25:ea:0f:49:c3:84:53:ee:47:47:79:18:2b:3f:
6b:4f:f7:53:0c:dc:17:65:15:d1:58:ec:df:f2:9b:
45:e1:f7:81:56:2d:9d:8f:b8:c5:20:82:3d:b2:0d:
a2:1d:ec:1c:de:9e:cb:f6:fb:37:ae:10:0d:49:a6:
b7:29:c6:27:95:5e:8c:8f:ed:68:d0:99:30:59:df:
30:e8:ee:4f:f1:2b:5d:d5:03:b1:b9:75:fa:dc:43:
92:dc:a9:96:44:c6:22:10:6f:78:5d:d9:79:68:5b:
5e:2e:4c:a4:df:a7:77:48:f3:6e:b8:9a:83:70:e6:
27:2e:78:74:a8:93:32:42:97:6e:bf:88:8b:31:31:
73:29:9c:5e:00:fb:18:7a:b7:7c:b6:18:5d:6c:c7:
21:ff:d7:32:ed:7e:96:f2:03:20:d3:2d:10:f4:18:
ed:30:76:3c:26:2d:86:8a:a5:f2:9f:51:5b:c6:8f:
14:4c:48:ed:b2:f4:5e:b9:b9:d1:4c:6c:35:38:eb:
9c:60:0b:f1:4c:a7:cb:27:31:cf:5f:82:23:5e:91:
fb:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:47:3A:0E:A6:01:3B:5B:23:E3:AC:16:43:7C:00:12:FA:57:6F:EE
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/zUc6DqYBO1sj46wWQ3wAEvpXb-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.104.0/22
31.186.180.0/22
82.163.96.0/21
Signature Algorithm: sha256WithRSAEncryption
11:2a:b5:55:d6:9e:25:5f:d1:7f:2c:b3:f1:e8:f7:f6:26:59:
57:82:d2:a6:d7:c3:86:cf:30:44:00:d5:39:b8:5c:13:41:9d:
c4:15:8c:30:e4:fd:7e:74:21:1c:d6:83:67:e0:d7:05:6c:77:
b5:9f:b3:03:22:fb:6b:3c:dc:50:09:75:89:6b:1f:01:8f:f9:
8e:c6:5a:cb:de:b6:e8:b1:fb:27:d6:d2:ca:1d:6b:11:d3:6c:
6a:e4:81:c5:13:a0:8a:8b:50:9f:4d:a8:c8:c2:73:0f:b8:e7:
4c:b6:a0:95:9a:1d:ab:33:02:14:be:40:c4:f2:c3:5d:17:f0:
ec:97:df:5b:2d:36:ce:82:a3:0a:40:8c:9b:b4:d4:04:8a:08:
3b:8b:1b:37:5f:67:90:68:c1:83:02:3f:ae:64:d3:7b:6f:a9:
8e:12:09:f4:9d:ed:ca:50:70:96:0f:bd:c1:1e:91:46:51:6a:
de:3b:75:1d:9a:85:96:fd:17:26:c9:95:df:31:95:44:54:31:
e7:16:45:7d:17:c5:b3:d2:6e:3d:2a:08:01:28:d1:0a:3a:d0:
8e:30:7d:44:ea:2e:24:a0:7d:05:a3:6d:fa:c2:ac:3b:1b:b4:
3c:19:d6:3f:b9:56:3a:b6:94:22:50:0e:d2:34:28:09:70:d9:
ce:16:2d:a8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQoJBG58FVGcX3Xjx/Q/8FMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjUwMTAyMTc1MDM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDQ3M2EwZWE2MDEzYjViMjNlM2FjMTY0MzdjMDAxMmZhNTc2ZmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzP1fNpNeUb0/rX12a7NWZZVbFu8H
k4t6Ti01VaGR6mbrb/bsmSO/Yw51FfXIJeoPScOEU+5HR3kYKz9rT/dTDNwXZRXR
WOzf8ptF4feBVi2dj7jFIII9sg2iHewc3p7L9vs3rhANSaa3KcYnlV6Mj+1o0Jkw
Wd8w6O5P8Std1QOxuXX63EOS3KmWRMYiEG94Xdl5aFteLkyk36d3SPNuuJqDcOYn
Lnh0qJMyQpduv4iLMTFzKZxeAPsYerd8thhdbMch/9cy7X6W8gMg0y0Q9BjtMHY8
Ji2GiqXyn1Fbxo8UTEjtsvReubnRTGw1OOucYAvxTKfLJzHPX4IjXpH77wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM1HOg6mATtbI+OsFkN8ABL6V2/uMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvelVjNkRxWUJPMXNqNDZ3V1Ezd0FFdnBYYi00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCBWZoAwQC
H7q0AwQDUqNgMA0GCSqGSIb3DQEBCwUAA4IBAQARKrVV1p4lX9F/LLPx6Pf2JllX
gtKm18OGzzBEANU5uFwTQZ3EFYww5P1+dCEc1oNn4NcFbHe1n7MDIvtrPNxQCXWJ
ax8Bj/mOxlrL3rbosfsn1tLKHWsR02xq5IHFE6CKi1CfTajIwnMPuOdMtqCVmh2r
MwIUvkDE8sNdF/Dsl99bLTbOgqMKQIybtNQEigg7ixs3X2eQaMGDAj+uZNN7b6mO
Egn0ne3KUHCWD73BHpFGUWreO3UdmoWW/RcmyZXfMZVEVDHnFkV9F8Wz0m49KggB
KNEKOtCOMH1E6i4koH0Fo236wqw7G7Q8GdY/uVY6tpQiUA7SNCgJcNnOFi2o
-----END CERTIFICATE-----
Generated at Fri Apr 25 21:47:44 2025 by rpki-client