Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/ZKFkmx-a5lk1SIGdlR2TsNr_R80.roa
File: ZKFkmx-a5lk1SIGdlR2TsNr_R80.roa (raw, json)
Hash identifier: iXMjKuNG3FCrEW7ifDFDoklyYMoo+mC5G2Ub09BpPT4=
Subject key identifier: 64:A1:64:9B:1F:9A:E6:59:35:48:81:9D:95:1D:93:B0:DA:FF:47:CD
Certificate issuer: /CN=80f376df5f9ef487c82b31a875c6a496d79ca0d7
Certificate serial: 018571309F90A67438C2726FDEF06F6E2E9E
Authority key identifier: 80:F3:76:DF:5F:9E:F4:87:C8:2B:31:A8:75:C6:A4:96:D7:9C:A0:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gPN231-e9IfIKzGodcakltecoNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/ZKFkmx-a5lk1SIGdlR2TsNr_R80.roa
Signing time: Mon 02 Jan 2023 06:34:50 +0000
ROA not before: Mon 02 Jan 2023 06:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57972
IP address blocks: 37.72.184.0/23 maxlen: 23
5.157.2.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:30:9f:90:a6:74:38:c2:72:6f:de:f0:6f:6e:2e:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80f376df5f9ef487c82b31a875c6a496d79ca0d7
Validity
Not Before: Jan 2 06:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64a1649b1f9ae6593548819d951d93b0daff47cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a0:a9:90:50:f2:13:0e:82:b3:4a:00:72:96:
b9:86:a9:36:1b:d5:72:0d:00:16:53:84:02:d8:88:
b7:64:91:dc:e8:02:39:c4:81:7e:83:e5:b1:42:a3:
ce:0c:10:18:dc:58:61:f5:74:a7:41:d2:38:0f:cb:
7d:a4:0f:55:f2:5b:12:1a:bd:68:e7:8a:c0:a7:e3:
76:10:38:6b:c1:fa:4e:de:1d:3c:e5:25:b8:9b:b5:
5c:ea:2f:f8:4d:58:39:3b:25:51:7a:c0:35:34:51:
31:0b:ac:04:7a:08:53:95:6f:96:8b:4e:20:98:12:
0b:d6:1d:d6:ce:39:b1:e3:83:10:9b:13:f7:0b:32:
02:65:9d:09:06:1b:d2:d6:82:46:2f:c7:3a:50:b9:
99:9b:63:e6:f5:8b:a7:e2:e5:6d:c5:54:38:45:3b:
9f:38:a0:b8:9d:a7:3d:69:2c:6f:25:51:9f:a0:4b:
4e:44:2e:d3:36:33:7e:28:63:89:23:54:0a:c8:fd:
3b:e0:ef:99:be:1a:8c:2a:2b:9d:94:2d:3f:1b:92:
39:93:77:c4:42:fe:75:e2:02:17:0d:6b:2c:b7:35:
53:ec:14:de:4a:65:c0:9c:ef:4c:91:8d:2e:3a:52:
26:a2:39:f6:29:25:3f:a3:82:4d:0b:96:52:50:2a:
79:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:A1:64:9B:1F:9A:E6:59:35:48:81:9D:95:1D:93:B0:DA:FF:47:CD
X509v3 Authority Key Identifier:
keyid:80:F3:76:DF:5F:9E:F4:87:C8:2B:31:A8:75:C6:A4:96:D7:9C:A0:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gPN231-e9IfIKzGodcakltecoNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/ZKFkmx-a5lk1SIGdlR2TsNr_R80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/gPN231-e9IfIKzGodcakltecoNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.2.0/23
37.72.184.0/23
Signature Algorithm: sha256WithRSAEncryption
01:48:12:b4:28:74:76:38:43:5a:00:54:0a:6f:5e:fe:05:55:
bd:07:d8:df:c6:2f:57:1c:57:12:28:2d:84:39:96:b3:00:15:
a7:78:f7:ed:7c:f0:c8:76:a5:fa:53:fe:5f:19:42:a9:be:34:
52:69:32:a4:e7:75:c3:1d:bf:21:f5:7e:6c:c1:51:32:89:90:
7b:f3:e9:76:fe:f7:54:1d:87:a5:1b:9d:17:16:a7:9c:63:a2:
0d:bf:09:fb:65:53:3a:7e:77:87:9c:57:88:2d:3f:f0:00:f2:
6b:d5:34:dd:8a:02:18:1e:66:4a:7a:46:49:0f:4d:a4:34:87:
b3:e3:2e:c9:a1:d2:64:01:5e:b3:1b:ed:ba:29:e6:c6:e7:fd:
d7:6e:3f:e8:f8:97:e5:81:bc:9a:31:91:6a:66:6b:4e:93:c6:
96:04:9b:00:6c:83:12:a3:d0:5a:c1:cf:cb:00:05:b2:dd:19:
73:f5:1f:54:38:04:7d:64:1d:28:0e:ab:58:ed:7a:51:4d:66:
e5:92:fc:73:c6:c7:84:01:02:e9:9c:0c:fb:69:2e:b4:32:7a:
45:34:23:63:1f:2e:b0:a0:ca:ba:25:5a:5e:44:a0:7b:33:09:
0a:d7:73:aa:02:58:a9:2c:d2:38:8e:fe:c8:2a:92:f5:d9:1d:
7a:d3:dc:52
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxMJ+QpnQ4wnJv3vBvbi6eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZjM3NmRmNWY5ZWY0ODdjODJiMzFhODc1YzZhNDk2ZDc5
Y2EwZDcwHhcNMjMwMTAyMDYzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGExNjQ5YjFmOWFlNjU5MzU0ODgxOWQ5NTFkOTNiMGRhZmY0N2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKCpkFDyEw6Cs0oAcpa5hqk2G9Vy
DQAWU4QC2Ii3ZJHc6AI5xIF+g+WxQqPODBAY3Fhh9XSnQdI4D8t9pA9V8lsSGr1o
54rAp+N2EDhrwfpO3h085SW4m7Vc6i/4TVg5OyVResA1NFExC6wEeghTlW+Wi04g
mBIL1h3Wzjmx44MQmxP3CzICZZ0JBhvS1oJGL8c6ULmZm2Pm9Yun4uVtxVQ4RTuf
OKC4nac9aSxvJVGfoEtORC7TNjN+KGOJI1QKyP074O+ZvhqMKiudlC0/G5I5k3fE
Qv514gIXDWsstzVT7BTeSmXAnO9MkY0uOlImojn2KSU/o4JNC5ZSUCp5tQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGShZJsfmuZZNUiBnZUdk7Da/0fNMB8GA1UdIwQY
MBaAFIDzdt9fnvSHyCsxqHXGpJbXnKDXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1BOMjMxLWU5SWZJS3pHb2RjYWtsdGVjb05jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi83OTVkZWQtZmNkZi00N2NmLWFmODMt
YTRiYzI4MTY2NDNhLzEvWktGa214LWE1bGsxU0lHZGxSMlRzTnJfUjgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi83OTVkZWQtZmNkZi00N2NmLWFmODMtYTRiYzI4MTY2NDNh
LzEvZ1BOMjMxLWU5SWZJS3pHb2RjYWtsdGVjb05jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBBZ0CAwQB
JUi4MA0GCSqGSIb3DQEBCwUAA4IBAQABSBK0KHR2OENaAFQKb17+BVW9B9jfxi9X
HFcSKC2EOZazABWnePftfPDIdqX6U/5fGUKpvjRSaTKk53XDHb8h9X5swVEyiZB7
8+l2/vdUHYelG50XFqecY6INvwn7ZVM6fneHnFeILT/wAPJr1TTdigIYHmZKekZJ
D02kNIez4y7JodJkAV6zG+26KebG5/3Xbj/o+JflgbyaMZFqZmtOk8aWBJsAbIMS
o9Bawc/LAAWy3Rlz9R9UOAR9ZB0oDqtY7XpRTWblkvxzxseEAQLpnAz7aS60MnpF
NCNjHy6woMq6JVpeRKB7MwkK13OqAlipLNI4jv7IKpL12R1609xS
-----END CERTIFICATE-----
Generated at Thu May 8 18:01:52 2025 by rpki-client