Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Zfmjz0gLGU5mvznFNjk_i6lSgOo.roa
File: Zfmjz0gLGU5mvznFNjk_i6lSgOo.roa (raw, json)
Hash identifier: tsvJUQD5tRsPvgpSj2WHEYyXtYIfVQ1mCpnUMspiLRg=
Subject key identifier: 65:F9:A3:CF:48:0B:19:4E:66:BF:39:C5:36:39:3F:8B:A9:52:80:EA
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 019420684FEDD065B924306DE6772100DAC8
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Zfmjz0gLGU5mvznFNjk_i6lSgOo.roa
Signing time: Wed 01 Jan 2025 05:48:14 +0000
ROA not before: Wed 01 Jan 2025 05:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203344
IP address blocks: 193.233.153.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:4f:ed:d0:65:b9:24:30:6d:e6:77:21:00:da:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 05:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=65f9a3cf480b194e66bf39c536393f8ba95280ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:42:4a:19:2c:bb:c5:b7:8f:00:3b:80:de:3f:
a3:72:94:85:bc:b6:76:6e:c0:bf:38:ee:4d:c5:ab:
33:a3:7e:2e:db:f4:2f:cc:b3:64:35:10:45:35:f9:
5f:24:bc:f8:b5:6c:83:f2:47:f7:b7:2a:4a:fa:55:
6a:48:42:12:d3:05:57:a7:11:05:c7:fc:53:fd:8f:
76:fc:af:6a:8a:7e:01:39:18:f5:04:c7:c0:fa:1a:
7a:43:83:20:85:2c:9b:98:f2:a1:b9:82:be:58:70:
86:ea:e2:d1:d7:80:ca:c4:10:ee:6a:73:2a:f3:a3:
3b:d7:0f:bc:29:1e:85:1d:37:e8:06:4e:59:ba:6a:
43:88:5a:9a:25:56:65:27:e4:d4:9b:ec:89:69:40:
8b:2e:1d:fa:ba:62:0b:72:90:0e:10:67:f7:34:c6:
b9:60:fb:df:51:d4:de:44:52:53:bc:2e:e9:37:e6:
ea:b3:e5:2b:bf:c8:c3:62:c8:df:33:ea:53:36:f4:
34:e9:e9:e8:d4:90:0b:c1:79:dd:f5:be:6a:5f:d5:
f0:f7:c1:c8:eb:17:62:99:20:60:02:a5:e7:1e:14:
bd:d9:63:04:e6:44:8a:af:51:5b:d9:5f:d4:d9:e4:
77:94:70:2d:04:f3:7e:6f:eb:8e:36:86:3e:f4:18:
c0:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:F9:A3:CF:48:0B:19:4E:66:BF:39:C5:36:39:3F:8B:A9:52:80:EA
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Zfmjz0gLGU5mvznFNjk_i6lSgOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.153.0/24
Signature Algorithm: sha256WithRSAEncryption
33:a0:f7:ac:cc:ee:56:49:11:a8:56:1f:a9:62:e0:07:1a:a8:
b4:80:67:82:ee:03:bb:a1:9c:e3:36:51:4e:44:b0:54:96:3a:
d2:33:8c:82:86:4b:93:c0:52:58:ed:ed:45:15:0b:7e:cd:47:
19:d4:4f:f8:a8:56:12:81:d7:ee:ee:e0:1e:c1:e8:9a:a3:51:
54:65:44:f1:66:57:a9:00:80:b3:68:1b:87:be:ce:1b:96:84:
de:43:45:e0:84:7f:39:0b:99:2e:87:d6:63:db:ea:bd:c6:3c:
35:93:2b:fe:46:70:9a:2c:fa:6e:b3:2d:ea:fe:11:9a:d3:1f:
93:17:6e:52:b0:8c:a4:16:93:a1:1f:65:48:f9:0e:87:89:61:
70:fe:19:ed:54:b2:21:68:c0:97:24:24:16:e9:a5:8a:50:89:
69:bc:49:bf:8f:0b:32:68:6f:59:f8:aa:42:00:f8:3d:4c:f6:
4e:d0:48:0f:23:0d:a0:12:cd:3c:fc:bc:e6:bd:e5:11:fe:8f:
84:78:0b:fc:ba:19:91:5e:c5:1c:6b:4f:f2:49:a9:7f:43:2e:
8f:48:67:b4:4e:21:a2:7b:8b:7c:e2:a4:16:85:4e:29:63:2a:
e7:ef:f8:fd:47:e7:28:2f:46:3a:83:31:84:88:54:f5:9b:11:
33:51:cf:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaE/t0GW5JDBt5nchANrIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUwMTAxMDU0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWY5YTNjZjQ4MGIxOTRlNjZiZjM5YzUzNjM5M2Y4YmE5NTI4MGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA40JKGSy7xbePADuA3j+jcpSFvLZ2
bsC/OO5Nxaszo34u2/QvzLNkNRBFNflfJLz4tWyD8kf3typK+lVqSEIS0wVXpxEF
x/xT/Y92/K9qin4BORj1BMfA+hp6Q4MghSybmPKhuYK+WHCG6uLR14DKxBDuanMq
86M71w+8KR6FHTfoBk5ZumpDiFqaJVZlJ+TUm+yJaUCLLh36umILcpAOEGf3NMa5
YPvfUdTeRFJTvC7pN+bqs+Urv8jDYsjfM+pTNvQ06eno1JALwXnd9b5qX9Xw98HI
6xdimSBgAqXnHhS92WME5kSKr1Fb2V/U2eR3lHAtBPN+b+uONoY+9BjA6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGX5o89ICxlOZr85xTY5P4upUoDqMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvWmZtanowZ0xHVTVtdnpuRk5qa19pNmxTZ09vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwemZMA0G
CSqGSIb3DQEBCwUAA4IBAQAzoPeszO5WSRGoVh+pYuAHGqi0gGeC7gO7oZzjNlFO
RLBUljrSM4yChkuTwFJY7e1FFQt+zUcZ1E/4qFYSgdfu7uAeweiao1FUZUTxZlep
AICzaBuHvs4bloTeQ0XghH85C5kuh9Zj2+q9xjw1kyv+RnCaLPpusy3q/hGa0x+T
F25SsIykFpOhH2VI+Q6HiWFw/hntVLIhaMCXJCQW6aWKUIlpvEm/jwsyaG9Z+KpC
APg9TPZO0EgPIw2gEs08/LzmveUR/o+EeAv8uhmRXsUca0/ySal/Qy6PSGe0TiGi
e4t84qQWhU4pYyrn7/j9R+coL0Y6gzGEiFT1mxEzUc93
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:07:50 2025 by rpki-client