Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/ZY3-zkEA47bb68gAr-BLS6MXgAI.roa
File: ZY3-zkEA47bb68gAr-BLS6MXgAI.roa (raw, json)
Hash identifier: owBfVhEEhXmaXiLFCIuZgzPEz3z5B9+LhWl+kJOCGVw=
Subject key identifier: 65:8D:FE:CE:41:00:E3:B6:DB:EB:C8:00:AF:E0:4B:4B:A3:17:80:02
Certificate issuer: /CN=706d3abbb478b74ef2adef9bb7c4336e34111d51
Certificate serial: 018BD3530D8B0203EA07A55B503C270B7E37
Authority key identifier: 70:6D:3A:BB:B4:78:B7:4E:F2:AD:EF:9B:B7:C4:33:6E:34:11:1D:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cG06u7R4t07yre-bt8QzbjQRHVE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/ZY3-zkEA47bb68gAr-BLS6MXgAI.roa
Signing time: Wed 15 Nov 2023 14:11:57 +0000
ROA not before: Wed 15 Nov 2023 14:11:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213373
IP address blocks: 109.205.187.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d3:53:0d:8b:02:03:ea:07:a5:5b:50:3c:27:0b:7e:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=706d3abbb478b74ef2adef9bb7c4336e34111d51
Validity
Not Before: Nov 15 14:11:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=658dfece4100e3b6dbebc800afe04b4ba3178002
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:3e:1d:80:ff:96:3e:9a:ba:79:d8:3e:98:31:
ed:d9:cd:78:f9:dc:9f:87:46:dd:f7:6f:fe:97:ed:
ca:09:4f:85:66:e0:45:0d:b5:fd:fa:6c:8c:cb:25:
3f:bd:b9:ab:29:ee:a3:92:87:b5:37:b2:08:cd:80:
31:ba:0c:28:2b:ad:dd:8c:f5:7b:e8:18:4c:f4:86:
87:86:c1:f3:45:eb:aa:92:10:7d:97:48:31:0e:c7:
4f:bc:36:7b:48:60:d8:3a:af:21:0f:d8:dd:6c:74:
ff:91:1b:85:23:57:03:0a:80:14:bb:77:19:ec:92:
67:92:67:e8:9a:20:04:13:56:65:6e:04:77:5e:f8:
58:e8:6b:fd:6c:6f:6b:b8:4e:e8:be:28:af:2a:e8:
00:fb:df:04:43:92:1c:fa:7d:3a:3b:1a:0d:00:f9:
d3:ff:b8:7d:c7:8e:11:0d:e1:3d:bd:db:bc:b3:fb:
d5:08:04:fe:26:82:e5:48:79:21:35:4a:ac:41:ef:
61:92:43:44:bc:b9:c1:fc:cf:9a:30:33:fd:42:6c:
3c:8d:f1:20:d9:f1:ea:b9:3f:81:09:39:90:50:84:
e9:b0:cf:32:a3:c2:68:35:3d:a4:73:12:50:08:02:
b7:80:92:11:cc:df:79:fc:7e:41:52:b4:32:55:53:
b8:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:8D:FE:CE:41:00:E3:B6:DB:EB:C8:00:AF:E0:4B:4B:A3:17:80:02
X509v3 Authority Key Identifier:
keyid:70:6D:3A:BB:B4:78:B7:4E:F2:AD:EF:9B:B7:C4:33:6E:34:11:1D:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cG06u7R4t07yre-bt8QzbjQRHVE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/ZY3-zkEA47bb68gAr-BLS6MXgAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/cG06u7R4t07yre-bt8QzbjQRHVE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.187.0/24
Signature Algorithm: sha256WithRSAEncryption
01:5b:89:b8:2d:60:f8:3f:47:0a:24:a3:11:73:8a:ab:d1:fd:
8e:31:d8:fe:a0:65:cc:56:ae:69:c7:fe:95:a3:35:2c:d6:83:
67:e4:aa:9a:81:a9:c9:26:f8:3c:39:62:f6:e5:bc:94:0d:dc:
37:37:e1:d8:82:a4:c2:f2:75:12:59:0e:2b:4c:3b:79:1e:b7:
16:da:2c:23:49:ef:c4:d6:b5:22:c4:fa:49:ce:aa:fc:b6:df:
3e:19:03:91:ef:dd:bb:8b:3a:6b:fa:bc:22:0e:f1:d3:9f:4b:
b1:ab:93:02:38:92:1e:b7:b3:81:aa:5e:bb:22:ef:de:86:13:
5c:92:38:ee:b0:29:3f:25:7b:83:f1:de:c0:0d:7f:1b:44:fd:
1c:14:b5:c8:e7:6a:7f:af:8a:86:64:4a:92:ee:b4:6e:2b:f5:
7c:d5:a2:2c:e3:3f:97:81:7d:c3:8b:fe:28:7f:47:37:73:f8:
b4:ba:7f:f7:50:83:27:31:2b:f6:0b:e7:c5:4b:9b:74:e8:ca:
9a:d0:2e:6e:24:79:df:4a:19:5d:2c:65:b4:1e:1e:4e:10:b4:
f1:ae:f4:f1:86:cf:6b:be:61:ec:44:e6:7a:4e:b5:5b:31:6a:
d3:ac:92:06:b5:b8:5b:ae:73:d3:c2:38:46:bf:aa:c8:7c:d6:
54:51:06:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvTUw2LAgPqB6VbUDwnC343MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNmQzYWJiYjQ3OGI3NGVmMmFkZWY5YmI3YzQzMzZlMzQx
MTFkNTEwHhcNMjMxMTE1MTQxMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NThkZmVjZTQxMDBlM2I2ZGJlYmM4MDBhZmUwNGI0YmEzMTc4MDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjD4dgP+WPpq6edg+mDHt2c14+dyf
h0bd92/+l+3KCU+FZuBFDbX9+myMyyU/vbmrKe6jkoe1N7IIzYAxugwoK63djPV7
6BhM9IaHhsHzReuqkhB9l0gxDsdPvDZ7SGDYOq8hD9jdbHT/kRuFI1cDCoAUu3cZ
7JJnkmfomiAEE1ZlbgR3XvhY6Gv9bG9ruE7oviivKugA+98EQ5Ic+n06OxoNAPnT
/7h9x44RDeE9vdu8s/vVCAT+JoLlSHkhNUqsQe9hkkNEvLnB/M+aMDP9Qmw8jfEg
2fHquT+BCTmQUITpsM8yo8JoNT2kcxJQCAK3gJIRzN95/H5BUrQyVVO43wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGWN/s5BAOO22+vIAK/gS0ujF4ACMB8GA1UdIwQY
MBaAFHBtOru0eLdO8q3vm7fEM240ER1RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0cwNnU3UjR0MDd5cmUtYnQ4UXpialFSSFZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wYzZmNDctNDcxMy00NDcxLWIwOGYt
YTQyMTNjOTNmMWY3LzEvWlkzLXprRUE0N2JiNjhnQXItQkxTNk1YZ0FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wYzZmNDctNDcxMy00NDcxLWIwOGYtYTQyMTNjOTNmMWY3
LzEvY0cwNnU3UjR0MDd5cmUtYnQ4UXpialFSSFZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbc27MA0G
CSqGSIb3DQEBCwUAA4IBAQABW4m4LWD4P0cKJKMRc4qr0f2OMdj+oGXMVq5px/6V
ozUs1oNn5KqaganJJvg8OWL25byUDdw3N+HYgqTC8nUSWQ4rTDt5HrcW2iwjSe/E
1rUixPpJzqr8tt8+GQOR7927izpr+rwiDvHTn0uxq5MCOJIet7OBql67Iu/ehhNc
kjjusCk/JXuD8d7ADX8bRP0cFLXI52p/r4qGZEqS7rRuK/V81aIs4z+XgX3Di/4o
f0c3c/i0un/3UIMnMSv2C+fFS5t06Mqa0C5uJHnfShldLGW0Hh5OELTxrvTxhs9r
vmHsROZ6TrVbMWrTrJIGtbhbrnPTwjhGv6rIfNZUUQYq
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:51 2025 by rpki-client