Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/zc9cQRp5tcfGO6USlcPc4vXnR38.roa
File: zc9cQRp5tcfGO6USlcPc4vXnR38.roa (raw, json)
Hash identifier: NJqiRA5OkAsHxG2dQEONBXresE5/PI/ys00ss/uVX5U=
Subject key identifier: CD:CF:5C:41:1A:79:B5:C7:C6:3B:A5:12:95:C3:DC:E2:F5:E7:47:7F
Certificate issuer: /CN=80f376df5f9ef487c82b31a875c6a496d79ca0d7
Certificate serial: 018571309E1217760BF95E27BA05B70FCCD8
Authority key identifier: 80:F3:76:DF:5F:9E:F4:87:C8:2B:31:A8:75:C6:A4:96:D7:9C:A0:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gPN231-e9IfIKzGodcakltecoNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/zc9cQRp5tcfGO6USlcPc4vXnR38.roa
Signing time: Mon 02 Jan 2023 06:34:49 +0000
ROA not before: Mon 02 Jan 2023 06:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49515
IP address blocks: 104.160.13.0/24 maxlen: 24
5.157.31.0/24 maxlen: 24
104.160.12.0/24 maxlen: 24
5.157.30.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:30:9e:12:17:76:0b:f9:5e:27:ba:05:b7:0f:cc:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80f376df5f9ef487c82b31a875c6a496d79ca0d7
Validity
Not Before: Jan 2 06:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cdcf5c411a79b5c7c63ba51295c3dce2f5e7477f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:29:9b:53:fa:0d:4c:5c:62:80:fa:4a:36:1d:
90:85:30:f2:54:a7:a4:f8:ad:a1:42:1f:39:45:b9:
9a:b4:b9:10:aa:33:37:c9:30:eb:e2:7d:2f:71:db:
62:54:b0:b4:d6:f8:ae:77:1f:c7:56:b6:ae:32:89:
a5:8b:30:5e:a1:58:a5:b4:9f:67:fa:c3:22:17:98:
fc:14:54:ad:14:7f:32:0e:61:2f:5d:88:89:eb:cd:
43:ce:62:29:a9:cb:ca:3e:a0:dc:94:45:1f:96:15:
bb:91:be:f2:2b:a5:49:0b:33:46:1f:a3:99:0d:63:
f1:68:da:da:25:ce:25:96:d6:b3:9e:c7:a9:68:fe:
16:2f:f4:e5:df:73:10:00:ff:ee:85:51:10:4e:0d:
da:f4:b2:c1:9b:cb:5f:3b:71:94:ca:15:23:be:56:
eb:bd:d2:99:59:a6:04:7c:8b:d1:14:46:d6:75:1d:
df:15:78:ce:0c:e7:04:fe:4b:d7:b6:6d:69:0f:de:
7c:ff:66:db:9c:6f:30:8a:fd:07:2b:2c:a2:41:5d:
02:b2:21:9d:9c:03:cd:28:92:5f:d3:29:6d:5a:53:
4a:b4:09:c1:17:9d:30:ae:ca:3a:c6:18:95:ae:a2:
10:7b:45:44:84:a5:02:da:a4:c9:3b:d3:3c:b5:17:
48:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:CF:5C:41:1A:79:B5:C7:C6:3B:A5:12:95:C3:DC:E2:F5:E7:47:7F
X509v3 Authority Key Identifier:
keyid:80:F3:76:DF:5F:9E:F4:87:C8:2B:31:A8:75:C6:A4:96:D7:9C:A0:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gPN231-e9IfIKzGodcakltecoNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/zc9cQRp5tcfGO6USlcPc4vXnR38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/gPN231-e9IfIKzGodcakltecoNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.30.0/23
104.160.12.0/23
Signature Algorithm: sha256WithRSAEncryption
16:91:91:21:9c:8a:99:0d:33:c6:a7:3b:52:ab:b7:a3:5c:84:
be:d0:9e:35:5a:a8:df:ac:9c:22:8b:22:f0:fa:c0:97:99:e5:
93:12:06:3a:82:d5:b6:04:9b:6a:54:d2:be:b5:86:74:cf:5c:
75:57:cd:7a:f2:22:c7:d9:b5:0e:12:71:37:75:56:7b:66:15:
2c:27:5f:f7:b7:9b:ef:5a:d7:58:08:f4:7d:9c:3d:9b:38:f8:
56:df:24:17:2c:82:de:8e:96:75:2f:7d:ac:cd:c7:41:12:54:
af:a3:76:6e:ec:43:37:47:2d:af:da:78:de:f7:5a:c4:f7:e0:
e2:44:c7:ca:4d:60:d9:ee:a6:2d:b0:87:ac:dd:f8:98:28:f1:
af:74:14:f8:a9:28:25:c7:f1:b0:4c:d4:0a:75:43:75:e9:b3:
64:43:70:36:bb:37:bd:32:c8:47:ae:cc:00:95:f0:a0:b2:21:
7d:25:dc:5f:c9:9e:90:c1:5e:2e:f4:5b:f3:f0:f2:ae:cf:cc:
c2:eb:ab:16:8b:20:75:66:6a:5c:36:95:63:e3:bc:92:17:03:
f8:4b:8b:46:f7:4e:40:6f:13:1e:2a:12:1b:3e:27:e7:1f:72:
eb:1e:9f:27:7b:c0:f2:c7:59:48:36:17:36:4f:0c:29:60:d9:
08:a3:ef:cf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxMJ4SF3YL+V4nugW3D8zYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZjM3NmRmNWY5ZWY0ODdjODJiMzFhODc1YzZhNDk2ZDc5
Y2EwZDcwHhcNMjMwMTAyMDYzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGNmNWM0MTFhNzliNWM3YzYzYmE1MTI5NWMzZGNlMmY1ZTc0NzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjymbU/oNTFxigPpKNh2QhTDyVKek
+K2hQh85RbmatLkQqjM3yTDr4n0vcdtiVLC01viudx/HVrauMomlizBeoViltJ9n
+sMiF5j8FFStFH8yDmEvXYiJ681DzmIpqcvKPqDclEUflhW7kb7yK6VJCzNGH6OZ
DWPxaNraJc4lltaznsepaP4WL/Tl33MQAP/uhVEQTg3a9LLBm8tfO3GUyhUjvlbr
vdKZWaYEfIvRFEbWdR3fFXjODOcE/kvXtm1pD958/2bbnG8wiv0HKyyiQV0CsiGd
nAPNKJJf0yltWlNKtAnBF50wrso6xhiVrqIQe0VEhKUC2qTJO9M8tRdIQwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM3PXEEaebXHxjulEpXD3OL150d/MB8GA1UdIwQY
MBaAFIDzdt9fnvSHyCsxqHXGpJbXnKDXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1BOMjMxLWU5SWZJS3pHb2RjYWtsdGVjb05jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi83OTVkZWQtZmNkZi00N2NmLWFmODMt
YTRiYzI4MTY2NDNhLzEvemM5Y1FScDV0Y2ZHTzZVU2xjUGM0dlhuUjM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi83OTVkZWQtZmNkZi00N2NmLWFmODMtYTRiYzI4MTY2NDNh
LzEvZ1BOMjMxLWU5SWZJS3pHb2RjYWtsdGVjb05jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBBZ0eAwQB
aKAMMA0GCSqGSIb3DQEBCwUAA4IBAQAWkZEhnIqZDTPGpztSq7ejXIS+0J41Wqjf
rJwiiyLw+sCXmeWTEgY6gtW2BJtqVNK+tYZ0z1x1V8168iLH2bUOEnE3dVZ7ZhUs
J1/3t5vvWtdYCPR9nD2bOPhW3yQXLILejpZ1L32szcdBElSvo3Zu7EM3Ry2v2nje
91rE9+DiRMfKTWDZ7qYtsIes3fiYKPGvdBT4qSglx/GwTNQKdUN16bNkQ3A2uze9
MshHrswAlfCgsiF9JdxfyZ6QwV4u9Fvz8PKuz8zC66sWiyB1ZmpcNpVj47ySFwP4
S4tG905AbxMeKhIbPifnH3LrHp8ne8Dyx1lINhc2TwwpYNkIo+/P
-----END CERTIFICATE-----
Generated at Wed Apr 30 05:52:14 2025 by rpki-client