Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/ziTaHEBzu703E1AnoRdGaeDxKDM.roa
File: ziTaHEBzu703E1AnoRdGaeDxKDM.roa (raw, json)
Hash identifier: eQUr4D3nQGW0Uu+rc2TbhNUKE96ryh4ra9nO6RUZ5yo=
Subject key identifier: CE:24:DA:1C:40:73:BB:BD:37:13:50:27:A1:17:46:69:E0:F1:28:33
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 0194266B62EEF1D843212B3D8E0403CF5E1D
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/ziTaHEBzu703E1AnoRdGaeDxKDM.roa
Signing time: Thu 02 Jan 2025 09:49:19 +0000
ROA not before: Thu 02 Jan 2025 09:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202131
IP address blocks: 185.52.172.0/23 maxlen: 32
2a04:c740::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:62:ee:f1:d8:43:21:2b:3d:8e:04:03:cf:5e:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Jan 2 09:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ce24da1c4073bbbd37135027a1174669e0f12833
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:90:bd:b0:d3:fa:b3:78:61:1a:58:55:25:8d:
13:b9:b0:4a:6b:fd:8a:ca:a3:c0:98:e1:58:21:98:
ab:e8:d9:2a:c3:e5:ec:0f:06:a8:d4:dc:d6:54:18:
fd:bc:20:c3:d5:a0:a6:6a:b6:41:f0:89:84:e1:4e:
a2:d5:fa:04:cc:ea:a7:70:60:c1:22:69:da:39:c0:
0f:1b:b3:27:ae:30:02:68:86:e5:c1:88:09:36:51:
83:67:67:68:a9:31:46:fa:64:5a:84:f9:ec:0c:f6:
4a:48:9b:66:9c:76:15:d2:6d:45:11:3d:54:e5:b9:
75:84:4a:2e:0a:ac:fe:6a:c4:80:71:4a:99:7f:61:
3e:f7:6d:ae:bc:42:8a:3d:85:6f:fb:28:8c:2c:20:
b9:e8:be:c8:90:49:1c:f3:44:31:9f:44:a2:7e:41:
42:17:0a:4f:4f:da:e9:da:97:66:70:b2:6f:5c:a9:
fd:c2:d0:00:2a:6b:16:f4:f4:d3:b4:45:06:7e:aa:
8a:d4:36:a2:aa:3b:f4:06:33:55:15:0d:7a:e7:eb:
13:3b:e5:15:c1:86:4c:f1:75:19:e1:1d:d7:30:ed:
1a:09:11:60:06:57:78:20:66:91:76:eb:77:00:4e:
51:1a:e6:5c:92:79:35:08:29:1e:ce:66:61:38:78:
78:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:24:DA:1C:40:73:BB:BD:37:13:50:27:A1:17:46:69:E0:F1:28:33
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/ziTaHEBzu703E1AnoRdGaeDxKDM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.52.172.0/23
IPv6:
2a04:c740::/29
Signature Algorithm: sha256WithRSAEncryption
16:5a:13:60:d6:8f:0e:cb:b5:fc:05:41:3b:80:3e:33:64:9d:
59:d2:2a:77:2e:99:5b:4e:94:89:d6:e7:9e:62:e2:52:0c:c0:
80:f2:46:74:b4:59:ce:58:95:c5:cd:1f:61:6a:59:8e:cd:57:
c2:8e:63:24:77:69:79:e6:2e:d7:ea:a6:50:dc:a8:52:ce:5e:
a1:2a:25:7c:a5:88:50:bc:7e:30:91:1e:fe:5f:00:a0:6a:13:
60:10:37:0d:b6:bd:58:51:cc:ad:a3:9f:0e:40:56:1b:bd:18:
0e:79:a1:a4:b0:f8:5b:d3:ba:f4:37:0a:af:77:17:db:0d:f6:
21:bc:41:75:75:9b:79:c3:73:7b:7e:89:c6:27:f4:26:3e:28:
52:f3:ca:78:13:81:12:89:b2:d8:69:61:c2:de:38:8b:92:6d:
98:85:36:a5:79:47:ff:80:9d:03:05:9b:3e:26:03:9c:18:22:
dc:cb:cf:00:55:73:cd:3a:c3:ab:57:a7:d9:3d:9f:40:b3:4b:
4e:ff:23:d8:fe:a0:12:0f:9e:b7:b5:4b:d7:2b:94:f3:de:39:
21:ca:a1:42:26:a2:ff:5e:bf:b2:c4:a3:3b:c0:ec:88:dd:e8:
13:04:fc:89:95:e8:f5:3a:49:d2:cc:5c:48:be:4a:9f:be:14:
42:6f:19:d7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQma2Lu8dhDISs9jgQDz14dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2
MGY2ZjMwHhcNMjUwMTAyMDk0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTI0ZGExYzQwNzNiYmJkMzcxMzUwMjdhMTE3NDY2OWUwZjEyODMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZC9sNP6s3hhGlhVJY0TubBKa/2K
yqPAmOFYIZir6Nkqw+XsDwao1NzWVBj9vCDD1aCmarZB8ImE4U6i1foEzOqncGDB
ImnaOcAPG7MnrjACaIblwYgJNlGDZ2doqTFG+mRahPnsDPZKSJtmnHYV0m1FET1U
5bl1hEouCqz+asSAcUqZf2E+922uvEKKPYVv+yiMLCC56L7IkEkc80Qxn0SifkFC
FwpPT9rp2pdmcLJvXKn9wtAAKmsW9PTTtEUGfqqK1Daiqjv0BjNVFQ165+sTO+UV
wYZM8XUZ4R3XMO0aCRFgBld4IGaRdut3AE5RGuZcknk1CCkezmZhOHh4awIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFM4k2hxAc7u9NxNQJ6EXRmng8SgzMB8GA1UdIwQY
MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It
ZDFhYmY0ZWUzMmNiLzEvemlUYUhFQnp1NzAzRTFBbm9SZEdhZUR4S0RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi
LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuTSsMA0E
AgACMAcDBQMqBMdAMA0GCSqGSIb3DQEBCwUAA4IBAQAWWhNg1o8Oy7X8BUE7gD4z
ZJ1Z0ip3LplbTpSJ1ueeYuJSDMCA8kZ0tFnOWJXFzR9halmOzVfCjmMkd2l55i7X
6qZQ3KhSzl6hKiV8pYhQvH4wkR7+XwCgahNgEDcNtr1YUcyto58OQFYbvRgOeaGk
sPhb07r0NwqvdxfbDfYhvEF1dZt5w3N7fonGJ/QmPihS88p4E4ESibLYaWHC3jiL
km2YhTaleUf/gJ0DBZs+JgOcGCLcy88AVXPNOsOrV6fZPZ9As0tO/yPY/qASD563
tUvXK5Tz3jkhyqFCJqL/Xr+yxKM7wOyI3egTBPyJlej1OknSzFxIvkqfvhRCbxnX
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:00:45 2025 by rpki-client