Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/LZ4tnH9lGxh0iu-rU3u9Fkm-pFk.roa
File: LZ4tnH9lGxh0iu-rU3u9Fkm-pFk.roa (raw, json)
Hash identifier: +JM6B0zdaawDdz8KRtRSCTdjUiYYSokishxaS8i4x7Y=
Subject key identifier: 2D:9E:2D:9C:7F:65:1B:18:74:8A:EF:AB:53:7B:BD:16:49:BE:A4:59
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 01941F8C471A18800FA1272C34E9226FCA28
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/LZ4tnH9lGxh0iu-rU3u9Fkm-pFk.roa
Signing time: Wed 01 Jan 2025 01:47:54 +0000
ROA not before: Wed 01 Jan 2025 01:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41689
IP address blocks: 5.202.135.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:47:1a:18:80:0f:a1:27:2c:34:e9:22:6f:ca:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Jan 1 01:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d9e2d9c7f651b18748aefab537bbd1649bea459
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:20:3a:90:a9:40:d3:7b:8a:91:4e:a2:33:c2:
ff:8b:86:e0:ab:a8:e9:83:e7:db:a7:8d:ee:ca:8e:
b9:91:af:83:fd:be:94:40:f8:9f:10:5f:3f:83:84:
7d:07:02:71:c7:18:ea:1e:0a:6f:9e:97:d3:44:80:
21:c7:5a:36:f9:4f:51:a4:4e:6f:1b:ae:27:4e:23:
d0:07:d2:75:59:8c:49:8c:33:92:a3:84:05:00:25:
f4:64:26:95:4a:b2:78:94:f7:81:6c:3d:0b:22:05:
66:59:7e:4b:dc:49:11:b7:ac:3b:95:42:83:37:51:
bf:ca:18:52:6d:72:6f:33:8c:1a:62:3d:8e:1b:3b:
4c:05:16:7d:26:ed:e5:0e:9d:7c:8e:3a:ad:b6:df:
92:0f:c7:13:bb:6a:d1:e9:97:0b:b3:84:8c:1f:31:
bb:d7:65:d1:36:bb:28:43:e5:42:ad:89:3f:53:86:
ff:d8:75:d0:53:b6:8b:c6:ef:db:2d:21:f7:11:e7:
2a:a1:f0:d9:b8:ec:98:dd:81:cd:24:26:4c:8e:86:
a9:1b:d6:27:e6:19:fd:6b:bc:91:36:d9:69:76:a2:
92:f4:38:d3:9d:68:ad:4b:a3:fd:bb:d1:d3:07:5f:
49:cc:56:09:dc:b5:30:f7:36:15:2d:b6:22:fb:e5:
e7:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:9E:2D:9C:7F:65:1B:18:74:8A:EF:AB:53:7B:BD:16:49:BE:A4:59
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/LZ4tnH9lGxh0iu-rU3u9Fkm-pFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.202.135.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:c4:9f:56:df:d7:41:c7:13:f6:39:3f:59:68:62:6f:ef:21:
82:71:47:e0:0a:04:2e:f9:ff:f8:9e:1f:0e:be:a9:e9:55:d8:
09:82:8a:6e:3c:49:9c:1b:08:4d:1d:b5:63:84:34:1f:fb:b3:
26:ab:00:f3:f2:3f:ea:5e:0a:9d:a1:8e:09:1e:ce:d5:8b:59:
e7:93:4d:a1:06:0e:c2:72:81:20:65:13:ef:a9:1a:67:66:d5:
f1:fb:11:8e:4e:55:27:b5:96:fc:b2:11:f1:42:52:e2:db:27:
ce:0e:39:f3:aa:9a:53:d9:af:28:cb:fe:28:d7:ab:11:84:30:
82:40:44:2b:ce:de:e5:9e:94:6b:74:85:50:a9:e2:55:74:6b:
14:a1:2e:67:6b:ce:77:5b:34:6a:74:40:dd:a2:a7:61:dc:ce:
93:41:8b:1b:9b:07:fc:c6:82:5e:63:34:c1:37:14:2f:ab:b0:
87:af:a2:15:4d:ff:5c:92:d2:e3:2a:bd:0f:4c:05:a2:ae:7d:
57:af:a7:c8:07:8e:ae:57:d9:7b:50:b0:52:55:70:58:88:f4:
2f:a3:3b:6c:ba:97:8c:9d:fe:b0:2e:80:6c:2b:7d:09:79:b1:
32:42:47:a4:cb:6f:04:d2:6d:10:a5:32:8d:1c:ba:14:c9:88:
36:75:33:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjEcaGIAPoScsNOkib8ooMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjUwMTAxMDE0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDllMmQ5YzdmNjUxYjE4NzQ4YWVmYWI1MzdiYmQxNjQ5YmVhNDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0CA6kKlA03uKkU6iM8L/i4bgq6jp
g+fbp43uyo65ka+D/b6UQPifEF8/g4R9BwJxxxjqHgpvnpfTRIAhx1o2+U9RpE5v
G64nTiPQB9J1WYxJjDOSo4QFACX0ZCaVSrJ4lPeBbD0LIgVmWX5L3EkRt6w7lUKD
N1G/yhhSbXJvM4waYj2OGztMBRZ9Ju3lDp18jjqttt+SD8cTu2rR6ZcLs4SMHzG7
12XRNrsoQ+VCrYk/U4b/2HXQU7aLxu/bLSH3EecqofDZuOyY3YHNJCZMjoapG9Yn
5hn9a7yRNtlpdqKS9DjTnWitS6P9u9HTB19JzFYJ3LUw9zYVLbYi++XnfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC2eLZx/ZRsYdIrvq1N7vRZJvqRZMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvTFo0dG5IOWxHeGgwaXUtclUzdTlGa20tcEZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABcqHMA0G
CSqGSIb3DQEBCwUAA4IBAQA+xJ9W39dBxxP2OT9ZaGJv7yGCcUfgCgQu+f/4nh8O
vqnpVdgJgopuPEmcGwhNHbVjhDQf+7MmqwDz8j/qXgqdoY4JHs7Vi1nnk02hBg7C
coEgZRPvqRpnZtXx+xGOTlUntZb8shHxQlLi2yfODjnzqppT2a8oy/4o16sRhDCC
QEQrzt7lnpRrdIVQqeJVdGsUoS5na853WzRqdEDdoqdh3M6TQYsbmwf8xoJeYzTB
NxQvq7CHr6IVTf9cktLjKr0PTAWirn1Xr6fIB46uV9l7ULBSVXBYiPQvoztsupeM
nf6wLoBsK30JebEyQkeky28E0m0QpTKNHLoUyYg2dTMF
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:25 2025 by rpki-client on console.sobornost.net