Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/90f62b-7ae2-49d6-a42c-899f1e1b7360/1/ZXKWQfRE88E_ZwRT5Glhot_mt4w.roa
File: ZXKWQfRE88E_ZwRT5Glhot_mt4w.roa (raw, json)
Hash identifier: XeEunBfn7xXqkXVhGJTEJsHjOb84Sh1nBv8wJiQd6M8=
Subject key identifier: 65:72:96:41:F4:44:F3:C1:3F:67:04:53:E4:69:61:A2:DF:E6:B7:8C
Certificate issuer: /CN=59c4cfbd871c42dd55a57bd0ff567134f322b23e
Certificate serial: 0194266B6D51A6526A7671B474184D6DC169
Authority key identifier: 59:C4:CF:BD:87:1C:42:DD:55:A5:7B:D0:FF:56:71:34:F3:22:B2:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WcTPvYccQt1VpXvQ_1ZxNPMisj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/90f62b-7ae2-49d6-a42c-899f1e1b7360/1/ZXKWQfRE88E_ZwRT5Glhot_mt4w.roa
Signing time: Thu 02 Jan 2025 09:49:21 +0000
ROA not before: Thu 02 Jan 2025 09:49:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210869
IP address blocks: 45.13.68.0/22 maxlen: 23
45.13.71.0/24 maxlen: 24
2a0e:df00::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:6d:51:a6:52:6a:76:71:b4:74:18:4d:6d:c1:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59c4cfbd871c42dd55a57bd0ff567134f322b23e
Validity
Not Before: Jan 2 09:49:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=65729641f444f3c13f670453e46961a2dfe6b78c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:8c:a7:18:cf:ed:41:0c:79:0b:8a:dc:28:54:
67:3e:64:45:51:1c:12:5e:84:ea:5a:1c:8d:55:95:
69:24:40:30:19:24:1e:89:e0:ff:31:a7:fa:91:28:
87:3e:b5:28:01:a1:e0:26:85:5c:6e:b5:c1:61:a2:
3b:53:63:1e:9c:97:cb:80:78:4b:f9:dd:fc:a2:ff:
85:d7:76:73:3f:eb:67:92:79:95:19:46:1c:71:74:
7b:db:e4:0c:dd:c3:0d:1f:dd:ac:ca:6a:d4:47:ec:
fc:1e:06:38:e1:c9:1b:fa:0c:d7:71:4c:f3:c8:4b:
29:ef:98:8b:64:98:53:cd:12:13:26:5e:30:b0:d1:
54:47:f8:dc:09:d5:92:5b:a6:33:cf:fc:90:a0:db:
d0:38:a0:05:dd:de:33:a2:87:a2:13:c1:0c:39:75:
6a:56:4f:5e:3a:f2:c8:9b:9b:53:d3:ce:f2:27:a6:
e2:92:c9:5c:43:80:1a:6e:f0:13:9d:b0:a8:4d:13:
df:e3:78:52:07:af:16:35:fe:e7:f5:53:ad:aa:b0:
a3:ac:8c:c5:dd:7d:00:cd:c9:69:67:c9:c5:3e:33:
5f:d1:cd:1c:43:84:6b:c3:a4:b3:4d:98:a5:f4:53:
68:57:cb:8e:a0:27:0b:3d:f3:05:3a:00:61:c2:05:
33:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:72:96:41:F4:44:F3:C1:3F:67:04:53:E4:69:61:A2:DF:E6:B7:8C
X509v3 Authority Key Identifier:
keyid:59:C4:CF:BD:87:1C:42:DD:55:A5:7B:D0:FF:56:71:34:F3:22:B2:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WcTPvYccQt1VpXvQ_1ZxNPMisj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/90f62b-7ae2-49d6-a42c-899f1e1b7360/1/ZXKWQfRE88E_ZwRT5Glhot_mt4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/90f62b-7ae2-49d6-a42c-899f1e1b7360/1/WcTPvYccQt1VpXvQ_1ZxNPMisj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.68.0/22
IPv6:
2a0e:df00::/32
Signature Algorithm: sha256WithRSAEncryption
2f:11:4b:a9:3a:44:d0:8a:df:4f:55:03:95:a9:b0:83:04:84:
d0:c5:59:6e:6c:ae:fe:5d:d2:aa:0b:76:ae:f0:88:fb:98:ff:
8c:f9:65:14:1d:5f:11:75:25:18:88:13:51:d9:8b:df:99:96:
a8:5e:b8:04:3b:c0:3e:b0:1d:8d:d0:8e:c9:8c:62:eb:a3:aa:
25:61:4a:0d:e6:f0:5c:89:e1:1c:71:74:07:b4:b9:19:64:06:
b1:dd:7b:5f:e0:66:8b:31:f1:fb:f7:84:df:d1:08:03:0b:f2:
3d:1d:05:9c:3d:66:b4:bb:26:e9:ff:85:6b:6f:95:19:d7:f3:
b1:6a:66:bc:fa:d4:7f:02:53:c7:e2:3f:35:17:f6:c2:6b:72:
83:de:56:fa:3b:48:47:17:82:b9:ef:4a:b1:fa:0c:b1:d8:48:
21:d1:64:c6:33:09:92:3e:73:ed:a7:0f:79:e4:bb:35:fd:59:
bf:47:a5:42:be:11:ac:b9:0a:e9:c1:dd:db:3f:a8:9d:3f:36:
0f:79:d6:2c:ae:76:61:e5:c4:ef:68:5c:76:9d:44:f3:8a:e6:
ad:23:53:e0:c3:e1:47:e1:3c:52:f3:74:9e:84:e0:53:b5:ef:
43:62:a3:92:97:41:3f:2f:04:d6:f0:dc:76:e6:9a:7d:ef:ee:
bd:b1:61:63
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQma21RplJqdnG0dBhNbcFpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5YzRjZmJkODcxYzQyZGQ1NWE1N2JkMGZmNTY3MTM0ZjMy
MmIyM2UwHhcNMjUwMTAyMDk0OTIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTcyOTY0MWY0NDRmM2MxM2Y2NzA0NTNlNDY5NjFhMmRmZTZiNzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYynGM/tQQx5C4rcKFRnPmRFURwS
XoTqWhyNVZVpJEAwGSQeieD/Maf6kSiHPrUoAaHgJoVcbrXBYaI7U2MenJfLgHhL
+d38ov+F13ZzP+tnknmVGUYccXR72+QM3cMNH92symrUR+z8HgY44ckb+gzXcUzz
yEsp75iLZJhTzRITJl4wsNFUR/jcCdWSW6Yzz/yQoNvQOKAF3d4zooeiE8EMOXVq
Vk9eOvLIm5tT087yJ6bikslcQ4AabvATnbCoTRPf43hSB68WNf7n9VOtqrCjrIzF
3X0AzclpZ8nFPjNf0c0cQ4Rrw6SzTZil9FNoV8uOoCcLPfMFOgBhwgUz8QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGVylkH0RPPBP2cEU+RpYaLf5reMMB8GA1UdIwQY
MBaAFFnEz72HHELdVaV70P9WcTTzIrI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2NUUHZZY2NRdDFWcFh2UV8xWnhOUE1pc2o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy85MGY2MmItN2FlMi00OWQ2LWE0MmMt
ODk5ZjFlMWI3MzYwLzEvWlhLV1FmUkU4OEVfWndSVDVHbGhvdF9tdDR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy85MGY2MmItN2FlMi00OWQ2LWE0MmMtODk5ZjFlMWI3MzYw
LzEvV2NUUHZZY2NRdDFWcFh2UV8xWnhOUE1pc2o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLQ1EMA0E
AgACMAcDBQAqDt8AMA0GCSqGSIb3DQEBCwUAA4IBAQAvEUupOkTQit9PVQOVqbCD
BITQxVlubK7+XdKqC3au8Ij7mP+M+WUUHV8RdSUYiBNR2YvfmZaoXrgEO8A+sB2N
0I7JjGLro6olYUoN5vBcieEccXQHtLkZZAax3Xtf4GaLMfH794Tf0QgDC/I9HQWc
PWa0uybp/4Vrb5UZ1/Oxama8+tR/AlPH4j81F/bCa3KD3lb6O0hHF4K570qx+gyx
2Egh0WTGMwmSPnPtpw955Ls1/Vm/R6VCvhGsuQrpwd3bP6idPzYPedYsrnZh5cTv
aFx2nUTziuatI1Pgw+FH4TxS83SehOBTte9DYqOSl0E/LwTW8Nx25pp97+69sWFj
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:48:37 2025 by rpki-client