Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/febab0-d93a-4704-9a71-3ad52e8b9628/1/ZMBjeLkTj38m-a8gfXzcKkyT0ps.roa
File: ZMBjeLkTj38m-a8gfXzcKkyT0ps.roa (raw, json)
Hash identifier: wtbsGN1ps5iHRBW+z3RJAAywZeFzg/YvncrZGMW5Yic=
Subject key identifier: 64:C0:63:78:B9:13:8F:7F:26:F9:AF:20:7D:7C:DC:2A:4C:93:D2:9B
Certificate issuer: /CN=2d28cfa3fd2da9caaa659284758dee67099934f8
Certificate serial: 019427B5B818B74FF624AF6B347D5100B93C
Authority key identifier: 2D:28:CF:A3:FD:2D:A9:CA:AA:65:92:84:75:8D:EE:67:09:99:34:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LSjPo_0tqcqqZZKEdY3uZwmZNPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/febab0-d93a-4704-9a71-3ad52e8b9628/1/ZMBjeLkTj38m-a8gfXzcKkyT0ps.roa
Signing time: Thu 02 Jan 2025 15:50:08 +0000
ROA not before: Thu 02 Jan 2025 15:50:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214739
IP address blocks: 5.1.108.0/24 maxlen: 24
5.1.109.0/24 maxlen: 24
5.1.110.0/24 maxlen: 24
5.1.111.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:b8:18:b7:4f:f6:24:af:6b:34:7d:51:00:b9:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d28cfa3fd2da9caaa659284758dee67099934f8
Validity
Not Before: Jan 2 15:50:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=64c06378b9138f7f26f9af207d7cdc2a4c93d29b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:7a:9f:f4:ab:90:a4:5c:0e:9b:a7:68:8d:01:
28:dc:09:14:e9:3d:6b:af:be:ce:a5:1f:b8:47:86:
3b:ce:64:22:4e:9d:49:80:bb:ad:1a:23:7f:a3:46:
e4:fd:ac:3a:67:7b:61:8a:40:2d:c2:94:da:d4:4e:
f6:ea:57:f2:05:05:4e:18:11:0a:01:36:b2:c2:81:
a7:18:c1:27:20:3b:4f:10:3f:78:26:ef:90:c4:dc:
96:6a:3e:41:fe:42:d2:05:da:d6:72:51:57:f4:49:
78:3c:c0:de:2a:96:fd:71:ee:f1:c1:85:8d:50:b0:
1e:6d:d9:b2:aa:ee:1d:43:a5:86:b3:0a:ee:6c:a2:
ff:86:9f:ae:84:d5:da:5e:97:25:a8:4d:b1:36:21:
4d:6b:95:50:fc:e3:50:70:1e:3a:28:3a:43:93:5c:
49:26:71:e1:dc:06:cb:41:65:98:62:d5:bb:75:b7:
32:34:97:1c:9d:2e:73:83:a8:e9:86:d8:a6:3b:d8:
9e:d0:20:db:e0:f8:26:b3:a2:1c:ed:d5:f8:c7:1e:
54:48:94:02:25:76:fd:e6:dc:d9:76:80:88:99:15:
93:de:57:fb:20:73:bf:1b:bd:7f:7b:33:00:8d:1c:
39:1d:57:38:b9:3d:cd:c1:d3:81:7c:f4:88:d3:1f:
ad:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:C0:63:78:B9:13:8F:7F:26:F9:AF:20:7D:7C:DC:2A:4C:93:D2:9B
X509v3 Authority Key Identifier:
keyid:2D:28:CF:A3:FD:2D:A9:CA:AA:65:92:84:75:8D:EE:67:09:99:34:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LSjPo_0tqcqqZZKEdY3uZwmZNPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/febab0-d93a-4704-9a71-3ad52e8b9628/1/ZMBjeLkTj38m-a8gfXzcKkyT0ps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/febab0-d93a-4704-9a71-3ad52e8b9628/1/LSjPo_0tqcqqZZKEdY3uZwmZNPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.108.0/22
Signature Algorithm: sha256WithRSAEncryption
c0:35:d5:e8:5b:08:2c:4e:9c:55:52:7e:40:f9:bc:7e:e1:a8:
73:4a:a4:49:1f:f6:da:1d:32:71:8c:54:86:87:f5:e4:a3:ad:
cc:d5:82:d1:09:ab:75:33:4d:47:d2:51:05:ea:1a:7a:a7:75:
85:b8:1a:b5:6f:57:2b:d7:a6:e6:f1:43:2f:c3:93:92:25:26:
98:05:b7:cb:ae:2a:23:fc:de:3e:a7:0c:db:bc:35:99:b9:d5:
7f:51:ee:19:e9:63:ad:e5:0d:e2:50:b6:95:2f:f9:78:14:28:
5c:20:dc:bb:e8:5e:1b:22:95:35:bd:b4:93:d1:85:f8:bd:a6:
8c:fa:e1:ed:66:62:2b:93:c4:00:c8:8b:f3:ad:59:5a:95:a9:
c0:2c:89:f2:c0:29:9d:96:56:b8:b7:d4:cc:23:6f:3c:87:94:
1a:39:a4:86:5c:4f:6b:4b:65:70:62:19:61:1a:21:18:e7:b3:
49:4e:5b:6f:22:2f:e3:be:78:0c:f3:05:71:f4:2a:97:f5:69:
84:32:89:ad:9b:bb:fa:6d:f1:28:06:30:44:c0:8b:e1:bb:cc:
c2:c3:35:03:ad:96:11:33:8b:c0:f0:32:93:04:be:fe:04:10:
cd:a9:a6:4c:fa:83:8e:b8:6f:13:e7:10:e2:bc:e5:cf:ea:0a:
71:e6:9c:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntbgYt0/2JK9rNH1RALk8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMjhjZmEzZmQyZGE5Y2FhYTY1OTI4NDc1OGRlZTY3MDk5
OTM0ZjgwHhcNMjUwMTAyMTU1MDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGMwNjM3OGI5MTM4ZjdmMjZmOWFmMjA3ZDdjZGMyYTRjOTNkMjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13qf9KuQpFwOm6dojQEo3AkU6T1r
r77OpR+4R4Y7zmQiTp1JgLutGiN/o0bk/aw6Z3thikAtwpTa1E726lfyBQVOGBEK
ATaywoGnGMEnIDtPED94Ju+QxNyWaj5B/kLSBdrWclFX9El4PMDeKpb9ce7xwYWN
ULAebdmyqu4dQ6WGswrubKL/hp+uhNXaXpclqE2xNiFNa5VQ/ONQcB46KDpDk1xJ
JnHh3AbLQWWYYtW7dbcyNJccnS5zg6jphtimO9ie0CDb4Pgms6Ic7dX4xx5USJQC
JXb95tzZdoCImRWT3lf7IHO/G71/ezMAjRw5HVc4uT3NwdOBfPSI0x+tCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGTAY3i5E49/JvmvIH183CpMk9KbMB8GA1UdIwQY
MBaAFC0oz6P9LanKqmWShHWN7mcJmTT4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFNqUG9fMHRxY3FxWlpLRWRZM3Vad21aTlBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mZWJhYjAtZDkzYS00NzA0LTlhNzEt
M2FkNTJlOGI5NjI4LzEvWk1CamVMa1RqMzhtLWE4Z2ZYemNLa3lUMHBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mZWJhYjAtZDkzYS00NzA0LTlhNzEtM2FkNTJlOGI5NjI4
LzEvTFNqUG9fMHRxY3FxWlpLRWRZM3Vad21aTlBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBQFsMA0G
CSqGSIb3DQEBCwUAA4IBAQDANdXoWwgsTpxVUn5A+bx+4ahzSqRJH/baHTJxjFSG
h/Xko63M1YLRCat1M01H0lEF6hp6p3WFuBq1b1cr16bm8UMvw5OSJSaYBbfLrioj
/N4+pwzbvDWZudV/Ue4Z6WOt5Q3iULaVL/l4FChcINy76F4bIpU1vbST0YX4vaaM
+uHtZmIrk8QAyIvzrVlalanALInywCmdlla4t9TMI288h5QaOaSGXE9rS2VwYhlh
GiEY57NJTltvIi/jvngM8wVx9CqX9WmEMomtm7v6bfEoBjBEwIvhu8zCwzUDrZYR
M4vA8DKTBL7+BBDNqaZM+oOOuG8T5xDivOXP6gpx5pwh
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:01:05 2025 by rpki-client