Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/ZjHl0XpQM8CCJz6Om67G0wOmvS4.roa
File: ZjHl0XpQM8CCJz6Om67G0wOmvS4.roa (raw, json)
Hash identifier: xCetPcOL8RFsZEGexQBgMW05eQfuM1TVnSNp6oyXZtQ=
Subject key identifier: 66:31:E5:D1:7A:50:33:C0:82:27:3E:8E:9B:AE:C6:D3:03:A6:BD:2E
Certificate issuer: /CN=b4852ffba7d57c5a8afbb6ea5beaf7dfec0c145a
Certificate serial: 01942369056EDE6958C7260E14F1A67C2CC9
Authority key identifier: B4:85:2F:FB:A7:D5:7C:5A:8A:FB:B6:EA:5B:EA:F7:DF:EC:0C:14:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/ZjHl0XpQM8CCJz6Om67G0wOmvS4.roa
Signing time: Wed 01 Jan 2025 19:47:52 +0000
ROA not before: Wed 01 Jan 2025 19:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35950
IP address blocks: 153.112.216.0/23 maxlen: 23
153.112.216.0/24 maxlen: 24
153.112.217.0/24 maxlen: 24
153.112.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:05:6e:de:69:58:c7:26:0e:14:f1:a6:7c:2c:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4852ffba7d57c5a8afbb6ea5beaf7dfec0c145a
Validity
Not Before: Jan 1 19:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6631e5d17a5033c082273e8e9baec6d303a6bd2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c9:1f:18:0b:f4:58:13:82:22:81:7f:90:1a:
f4:a0:fb:09:37:6d:f4:34:c7:f8:5c:63:96:32:6d:
15:fc:2a:a7:05:01:d9:0e:8d:ef:60:f2:10:63:d3:
17:dc:a5:a0:66:58:61:70:26:31:21:e1:2e:ea:f9:
54:74:a6:7b:ab:8f:21:a3:5e:44:11:d3:a5:a8:b3:
56:0a:cc:b2:ae:e0:bb:d1:72:f8:28:56:79:9b:24:
da:a0:99:88:df:00:fe:b2:6e:22:6b:f9:54:d3:fe:
87:e9:3a:f3:00:36:9a:5b:5d:7b:04:a0:dd:db:e8:
9d:2b:52:52:00:30:74:08:08:2b:c1:1f:69:33:e3:
ee:9c:83:ba:a1:12:6a:28:17:24:8c:b3:bb:dd:82:
46:23:9b:ac:02:6b:9d:9c:b9:4d:73:90:83:fb:55:
ac:08:aa:23:02:aa:31:a9:72:a7:9a:0b:9a:33:2b:
1b:61:2c:5b:b5:5d:f2:24:d2:22:4b:24:41:c2:3b:
7d:10:a2:9b:a8:49:72:ac:39:5c:5f:1d:3b:5a:a1:
1c:10:c4:f5:98:fb:21:16:40:b2:2f:53:da:23:83:
b4:a8:25:b6:39:7b:cc:d3:d3:45:22:ed:d0:a9:eb:
96:90:de:44:d4:9d:7a:d6:4b:c0:e9:8e:83:14:5e:
43:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:31:E5:D1:7A:50:33:C0:82:27:3E:8E:9B:AE:C6:D3:03:A6:BD:2E
X509v3 Authority Key Identifier:
keyid:B4:85:2F:FB:A7:D5:7C:5A:8A:FB:B6:EA:5B:EA:F7:DF:EC:0C:14:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/ZjHl0XpQM8CCJz6Om67G0wOmvS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/tIUv-6fVfFqK-7bqW-r33-wMFFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.112.216.0/23
153.112.223.0/24
Signature Algorithm: sha256WithRSAEncryption
83:a3:8d:bd:2e:7d:57:03:ba:e0:cf:44:fb:51:fa:3c:77:3e:
e1:1a:5c:ed:7b:f3:e3:d6:27:5f:a0:18:41:31:c9:f9:ea:ff:
fa:14:d8:79:12:0c:8a:dc:71:62:db:6c:c8:da:2d:1f:30:1a:
a2:07:78:48:08:e4:1f:f0:f7:14:48:45:77:60:e5:b8:c1:73:
7b:d7:93:18:03:45:d3:6b:72:d0:5e:d8:a1:08:48:b6:11:1e:
9e:9f:90:62:2a:71:a6:25:e6:cf:87:1c:41:a2:e1:d6:3d:04:
24:2a:0e:e5:91:bb:96:3f:e8:62:94:d7:70:4b:9b:e5:f9:dd:
ce:03:6c:11:2d:ec:01:59:2f:4e:93:60:64:2c:fd:12:c7:23:
ba:f6:ea:b9:75:68:a8:19:54:0d:35:f5:74:65:67:c7:74:b0:
ed:b4:98:db:3b:d2:48:91:08:0b:d2:e4:1d:e9:6a:0c:45:24:
68:28:38:13:21:2c:ee:e6:c2:14:e0:9b:fa:31:4a:5a:76:92:
85:86:4e:15:00:7b:74:09:54:bf:5f:6e:92:a0:ac:75:ac:f8:
6c:f8:b3:bc:a5:f0:37:05:f6:19:3a:0b:fa:49:4e:24:68:67:
8b:26:f0:c4:9a:8d:34:46:7a:a4:fd:0b:ae:55:3a:99:66:2a:
f1:ed:04:5c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQjaQVu3mlYxyYOFPGmfCzJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ODUyZmZiYTdkNTdjNWE4YWZiYjZlYTViZWFmN2RmZWMw
YzE0NWEwHhcNMjUwMTAxMTk0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjMxZTVkMTdhNTAzM2MwODIyNzNlOGU5YmFlYzZkMzAzYTZiZDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMkfGAv0WBOCIoF/kBr0oPsJN230
NMf4XGOWMm0V/CqnBQHZDo3vYPIQY9MX3KWgZlhhcCYxIeEu6vlUdKZ7q48ho15E
EdOlqLNWCsyyruC70XL4KFZ5myTaoJmI3wD+sm4ia/lU0/6H6TrzADaaW117BKDd
2+idK1JSADB0CAgrwR9pM+PunIO6oRJqKBckjLO73YJGI5usAmudnLlNc5CD+1Ws
CKojAqoxqXKnmguaMysbYSxbtV3yJNIiSyRBwjt9EKKbqElyrDlcXx07WqEcEMT1
mPshFkCyL1PaI4O0qCW2OXvM09NFIu3QqeuWkN5E1J161kvA6Y6DFF5DZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGYx5dF6UDPAgic+jpuuxtMDpr0uMB8GA1UdIwQY
MBaAFLSFL/un1Xxaivu26lvq99/sDBRaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdElVdi02ZlZmRnFLLTdicVctcjMzLXdNRkZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9lNDVlMzAtZTdkOC00ZmI4LTkwYWQt
ZjcxMDM4ZTk2N2E0LzEvWmpIbDBYcFFNOENDSno2T202N0cwd09tdlM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9lNDVlMzAtZTdkOC00ZmI4LTkwYWQtZjcxMDM4ZTk2N2E0
LzEvdElVdi02ZlZmRnFLLTdicVctcjMzLXdNRkZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBmXDYAwQA
mXDfMA0GCSqGSIb3DQEBCwUAA4IBAQCDo429Ln1XA7rgz0T7Ufo8dz7hGlzte/Pj
1idfoBhBMcn56v/6FNh5EgyK3HFi22zI2i0fMBqiB3hICOQf8PcUSEV3YOW4wXN7
15MYA0XTa3LQXtihCEi2ER6en5BiKnGmJebPhxxBouHWPQQkKg7lkbuWP+hilNdw
S5vl+d3OA2wRLewBWS9Ok2BkLP0SxyO69uq5dWioGVQNNfV0ZWfHdLDttJjbO9JI
kQgL0uQd6WoMRSRoKDgTISzu5sIU4Jv6MUpadpKFhk4VAHt0CVS/X26SoKx1rPhs
+LO8pfA3BfYZOgv6SU4kaGeLJvDEmo00Rnqk/QuuVTqZZirx7QRc
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:05:47 2025 by rpki-client