Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/3af1e6-7f6d-4ac8-a022-fab9bab2f894/1/ZTrCGlWVKT5q0tZsqzzr5exq87k.roa
File: ZTrCGlWVKT5q0tZsqzzr5exq87k.roa (raw, json)
Hash identifier: xTK2z8PptfLQ9VWF6kdCi7DDTYxzTgihXhnqElP4cdU=
Subject key identifier: 65:3A:C2:1A:55:95:29:3E:6A:D2:D6:6C:AB:3C:EB:E5:EC:6A:F3:B9
Certificate issuer: /CN=166dcaf076c3ec103117deaa67990c968bcd644d
Certificate serial: 0185728C77C3A51748ACB1C373BC48AA9254
Authority key identifier: 16:6D:CA:F0:76:C3:EC:10:31:17:DE:AA:67:99:0C:96:8B:CD:64:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fm3K8HbD7BAxF96qZ5kMlovNZE0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/3af1e6-7f6d-4ac8-a022-fab9bab2f894/1/ZTrCGlWVKT5q0tZsqzzr5exq87k.roa
Signing time: Mon 02 Jan 2023 12:54:46 +0000
ROA not before: Mon 02 Jan 2023 12:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205361
IP address blocks: 213.109.154.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:77:c3:a5:17:48:ac:b1:c3:73:bc:48:aa:92:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=166dcaf076c3ec103117deaa67990c968bcd644d
Validity
Not Before: Jan 2 12:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=653ac21a5595293e6ad2d66cab3cebe5ec6af3b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:39:a1:5e:42:b2:34:29:45:01:e8:fb:90:92:
95:d7:29:b7:1f:5f:58:a9:31:27:f1:7b:53:a2:3d:
fd:e2:60:59:72:e6:59:52:f6:4b:54:7d:8a:90:e7:
47:3c:2e:3b:42:4b:85:e5:4a:13:e8:66:3b:93:9c:
cf:db:4c:32:90:ce:27:5c:4f:d9:79:8b:d9:34:ab:
55:e4:52:f8:e5:d5:a2:26:c8:18:8a:f3:89:c0:f2:
9b:85:5e:bb:61:23:d0:87:ea:ee:46:f2:45:76:39:
d6:f8:ea:77:fa:87:94:06:75:eb:eb:23:40:44:45:
5c:33:ca:2b:09:7e:d6:58:18:ab:ef:cc:e9:28:b9:
4d:6a:b1:f4:29:ea:93:33:65:ef:a0:bf:4c:94:3c:
45:7d:b4:b5:e2:a3:80:3e:af:ba:25:9d:98:1d:2d:
a9:1d:06:2f:fc:a4:d8:2f:4f:35:f2:ae:4b:bb:b1:
8b:f5:29:87:2b:01:71:94:1f:e0:6d:65:c3:cd:b6:
ce:97:1b:22:f0:f9:5c:ec:1d:2d:94:8b:f0:f3:12:
1a:82:2b:e3:fc:30:9b:8f:7c:77:a3:f3:3f:0a:f1:
a3:95:ac:52:ec:ff:f8:0c:72:f6:cc:fd:c1:4b:bf:
ac:89:57:a9:42:9b:2e:52:4b:4a:8d:f8:c5:70:21:
8a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:3A:C2:1A:55:95:29:3E:6A:D2:D6:6C:AB:3C:EB:E5:EC:6A:F3:B9
X509v3 Authority Key Identifier:
keyid:16:6D:CA:F0:76:C3:EC:10:31:17:DE:AA:67:99:0C:96:8B:CD:64:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fm3K8HbD7BAxF96qZ5kMlovNZE0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/3af1e6-7f6d-4ac8-a022-fab9bab2f894/1/ZTrCGlWVKT5q0tZsqzzr5exq87k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/3af1e6-7f6d-4ac8-a022-fab9bab2f894/1/Fm3K8HbD7BAxF96qZ5kMlovNZE0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.109.154.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:94:46:08:da:69:f0:f5:7c:32:ee:2d:25:96:3c:57:bd:2d:
99:36:39:55:5d:9c:b6:8f:0c:e6:dc:8f:16:5e:65:b8:72:fc:
32:20:5c:39:5a:ee:8f:78:fc:91:70:7d:d8:42:91:fc:11:f0:
83:40:30:df:6f:8e:ec:d8:99:8f:8c:14:cf:72:04:d4:e0:9c:
6b:ae:48:b4:04:3b:4f:f7:35:57:a0:50:71:21:16:cc:5d:62:
81:ff:93:10:9d:9b:97:42:63:c3:9f:61:0c:c8:c9:65:84:d2:
c0:b3:36:92:8f:b1:c6:e6:2b:c4:c6:ab:18:bd:31:2f:5b:45:
ce:00:9f:51:f6:8e:94:6a:52:e8:c6:ba:9f:63:83:eb:e6:19:
b9:16:df:9b:00:1b:9d:cc:5f:3d:0d:b0:e9:e2:80:fe:3f:c5:
33:d5:f0:41:d4:9f:33:fe:6b:b2:44:7d:2c:28:32:3b:ed:16:
a0:82:d4:ab:05:33:19:c0:37:f8:91:e7:1f:85:fe:a4:8d:c4:
d1:23:fe:80:f0:89:05:37:6d:39:23:ee:e0:c6:46:d9:9d:7c:
7f:57:9d:95:68:ef:20:ee:fd:10:83:0d:17:20:14:28:1a:1c:
83:0c:a2:9a:f8:91:3f:cb:04:b7:0a:9e:ee:52:47:79:41:66:
de:41:12:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyjHfDpRdIrLHDc7xIqpJUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NmRjYWYwNzZjM2VjMTAzMTE3ZGVhYTY3OTkwYzk2OGJj
ZDY0NGQwHhcNMjMwMTAyMTI1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTNhYzIxYTU1OTUyOTNlNmFkMmQ2NmNhYjNjZWJlNWVjNmFmM2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzmhXkKyNClFAej7kJKV1ym3H19Y
qTEn8XtToj394mBZcuZZUvZLVH2KkOdHPC47QkuF5UoT6GY7k5zP20wykM4nXE/Z
eYvZNKtV5FL45dWiJsgYivOJwPKbhV67YSPQh+ruRvJFdjnW+Op3+oeUBnXr6yNA
REVcM8orCX7WWBir78zpKLlNarH0KeqTM2XvoL9MlDxFfbS14qOAPq+6JZ2YHS2p
HQYv/KTYL0818q5Lu7GL9SmHKwFxlB/gbWXDzbbOlxsi8Plc7B0tlIvw8xIagivj
/DCbj3x3o/M/CvGjlaxS7P/4DHL2zP3BS7+siVepQpsuUktKjfjFcCGKYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGU6whpVlSk+atLWbKs86+XsavO5MB8GA1UdIwQY
MBaAFBZtyvB2w+wQMRfeqmeZDJaLzWRNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm0zSzhIYkQ3QkF4Rjk2cVo1a01sb3ZOWkUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8zYWYxZTYtN2Y2ZC00YWM4LWEwMjIt
ZmFiOWJhYjJmODk0LzEvWlRyQ0dsV1ZLVDVxMHRac3F6enI1ZXhxODdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8zYWYxZTYtN2Y2ZC00YWM4LWEwMjItZmFiOWJhYjJmODk0
LzEvRm0zSzhIYkQ3QkF4Rjk2cVo1a01sb3ZOWkUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1W2aMA0G
CSqGSIb3DQEBCwUAA4IBAQCtlEYI2mnw9Xwy7i0lljxXvS2ZNjlVXZy2jwzm3I8W
XmW4cvwyIFw5Wu6PePyRcH3YQpH8EfCDQDDfb47s2JmPjBTPcgTU4Jxrrki0BDtP
9zVXoFBxIRbMXWKB/5MQnZuXQmPDn2EMyMllhNLAszaSj7HG5ivExqsYvTEvW0XO
AJ9R9o6UalLoxrqfY4Pr5hm5Ft+bABudzF89DbDp4oD+P8Uz1fBB1J8z/muyRH0s
KDI77RaggtSrBTMZwDf4kecfhf6kjcTRI/6A8IkFN205I+7gxkbZnXx/V52VaO8g
7v0Qgw0XIBQoGhyDDKKa+JE/ywS3Cp7uUkd5QWbeQRKn
-----END CERTIFICATE-----
Generated at Fri May 2 06:40:20 2025 by rpki-client