Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/eb1cd5-c871-4d4f-ac3f-4b599d08ed1c/1/z3tn_2xIG1GBo80F_xIMEUc6sh4.roa
File: z3tn_2xIG1GBo80F_xIMEUc6sh4.roa (raw, json)
Hash identifier: PckuY9kvaFZ8XsDCMDYFA678q5coWi/zIY0RD71NON8=
Subject key identifier: CF:7B:67:FF:6C:48:1B:51:81:A3:CD:05:FF:12:0C:11:47:3A:B2:1E
Certificate issuer: /CN=cafd3133df47ce2bb07c472fbe6bb4e9178c6233
Certificate serial: D8399F
Authority key identifier: CA:FD:31:33:DF:47:CE:2B:B0:7C:47:2F:BE:6B:B4:E9:17:8C:62:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yv0xM99HziuwfEcvvmu06ReMYjM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/eb1cd5-c871-4d4f-ac3f-4b599d08ed1c/1/z3tn_2xIG1GBo80F_xIMEUc6sh4.roa
Signing time: Sat 01 Jan 2022 11:56:40 +0000
ROA not before: Sat 01 Jan 2022 11:56:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41171
IP address blocks: 37.72.133.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14170527 (0xd8399f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cafd3133df47ce2bb07c472fbe6bb4e9178c6233
Validity
Not Before: Jan 1 11:56:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cf7b67ff6c481b5181a3cd05ff120c11473ab21e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c5:7e:71:4c:4e:17:a6:18:a3:c5:da:fe:a6:
5f:65:3b:e2:48:88:27:85:b1:13:b6:98:f4:ab:08:
4a:87:a1:ba:d4:b1:76:aa:81:d2:5f:7e:f2:1e:ea:
2e:93:1e:5d:87:0f:50:08:f5:73:14:87:62:0f:84:
b8:96:cf:ad:df:2e:e0:4e:36:bf:56:5b:2a:6a:d2:
22:65:31:56:69:8a:91:dc:67:46:72:69:d3:58:2e:
82:6c:ca:d7:7a:7a:43:c0:75:81:dd:eb:39:e0:55:
0b:7f:18:39:35:2a:80:70:46:ae:7d:ea:b4:09:8f:
0c:97:14:a6:ab:6c:fb:d7:b3:8e:cf:b1:68:ae:f8:
c3:5d:44:80:1f:ad:4a:2f:05:9d:c0:d3:b6:b1:4d:
6e:49:6e:a3:36:5e:ce:cb:d0:dc:f2:b2:42:20:5f:
cc:a5:3a:3e:14:13:ce:1b:72:3a:d6:b5:69:47:4d:
88:66:13:22:9e:4a:c0:b1:86:f1:1f:d2:c0:1c:20:
96:2b:bf:fa:80:1a:17:bd:40:cc:20:98:22:76:13:
24:ce:03:6f:ce:90:f9:13:4d:f8:4a:47:7a:ee:25:
13:4b:22:e0:43:02:3f:c3:22:df:82:18:b5:3f:78:
22:9a:13:cb:4b:ad:3d:67:26:50:4c:78:7c:06:2c:
bc:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:7B:67:FF:6C:48:1B:51:81:A3:CD:05:FF:12:0C:11:47:3A:B2:1E
X509v3 Authority Key Identifier:
keyid:CA:FD:31:33:DF:47:CE:2B:B0:7C:47:2F:BE:6B:B4:E9:17:8C:62:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yv0xM99HziuwfEcvvmu06ReMYjM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/eb1cd5-c871-4d4f-ac3f-4b599d08ed1c/1/z3tn_2xIG1GBo80F_xIMEUc6sh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/eb1cd5-c871-4d4f-ac3f-4b599d08ed1c/1/yv0xM99HziuwfEcvvmu06ReMYjM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.133.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:fc:36:62:b8:82:0f:4f:e6:3a:01:0a:24:8e:61:ed:7e:60:
d0:9a:f5:ec:6b:5d:ad:e6:f5:b4:97:66:7f:04:fa:20:44:8c:
db:e2:fb:d5:08:d5:bb:23:f6:30:ac:cf:42:fe:e0:a9:73:62:
07:24:b4:eb:12:a4:97:f5:6f:e4:93:68:d4:ad:15:a9:25:f8:
2b:60:f6:af:02:a0:29:eb:8b:20:e5:94:5b:42:98:1b:9b:5d:
1e:44:63:c4:e4:4a:2b:ef:35:9f:e2:4e:74:a4:77:00:72:3c:
6e:30:40:98:e2:29:e4:0e:2b:df:b3:f8:10:bb:72:bc:c2:d9:
d5:40:67:5a:42:c7:d6:36:f3:e7:54:bf:4e:10:76:3f:79:3d:
0e:6e:6f:df:fa:cc:32:28:68:a3:79:c3:39:8d:be:ed:9f:f0:
c7:2c:e8:a6:d4:13:f8:6b:a6:5a:d5:2e:7b:30:e0:b3:49:ae:
e3:c7:ba:d5:11:23:56:b2:14:ff:70:16:04:8f:0a:d6:24:c7:
5d:ae:6d:02:66:2a:07:24:f3:ae:b9:a5:35:4e:38:1b:50:82:
eb:15:91:2f:a4:a7:e9:41:72:3c:87:cb:c9:6a:00:d9:d8:16:
8f:f9:81:bd:c8:8b:b8:4d:ed:b7:f9:15:5d:1e:9b:be:92:72:
3d:38:4c:32
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEANg5nzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YWZkMzEzM2RmNDdjZTJiYjA3YzQ3MmZiZTZiYjRlOTE3OGM2MjMzMB4XDTIyMDEw
MTExNTY0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2Y3YjY3ZmY2YzQ4
MWI1MTgxYTNjZDA1ZmYxMjBjMTE0NzNhYjIxZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL7FfnFMThemGKPF2v6mX2U74kiIJ4WxE7aY9KsISoehutSx
dqqB0l9+8h7qLpMeXYcPUAj1cxSHYg+EuJbPrd8u4E42v1ZbKmrSImUxVmmKkdxn
RnJp01gugmzK13p6Q8B1gd3rOeBVC38YOTUqgHBGrn3qtAmPDJcUpqts+9ezjs+x
aK74w11EgB+tSi8FncDTtrFNbkluozZezsvQ3PKyQiBfzKU6PhQTzhtyOta1aUdN
iGYTIp5KwLGG8R/SwBwgliu/+oAaF71AzCCYInYTJM4Db86Q+RNN+EpHeu4lE0si
4EMCP8Mi34IYtT94IpoTy0utPWcmUEx4fAYsvMECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTPe2f/bEgbUYGjzQX/EgwRRzqyHjAfBgNVHSMEGDAWgBTK/TEz30fOK7B8
Ry++a7TpF4xiMzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3l2MHhNOTlIeml1d2ZFY3Z2bXUwNlJlTVlqTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZWIxY2Q1LWM4NzEtNGQ0Zi1hYzNmLTRiNTk5ZDA4ZWQxYy8x
L3ozdG5fMnhJRzFHQm84MEZfeElNRVVjNnNoNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ZWIxY2Q1LWM4NzEtNGQ0Zi1hYzNmLTRiNTk5ZDA4ZWQxYy8xL3l2MHhNOTlIeml1
d2ZFY3Z2bXUwNlJlTVlqTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACVIhTANBgkqhkiG9w0BAQsFAAOC
AQEAb/w2YriCD0/mOgEKJI5h7X5g0Jr17Gtdreb1tJdmfwT6IESM2+L71QjVuyP2
MKzPQv7gqXNiByS06xKkl/Vv5JNo1K0VqSX4K2D2rwKgKeuLIOWUW0KYG5tdHkRj
xORKK+81n+JOdKR3AHI8bjBAmOIp5A4r37P4ELtyvMLZ1UBnWkLH1jbz51S/ThB2
P3k9Dm5v3/rMMihoo3nDOY2+7Z/wxyzoptQT+GumWtUuezDgs0mu48e61REjVrIU
/3AWBI8K1iTHXa5tAmYqByTzrrmlNU44G1CC6xWRL6Sn6UFyPIfLyWoA2dgWj/mB
vciLuE3tt/kVXR6bvpJyPThMMg==
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:40:32 2025 by rpki-client