Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/zvHY3nYLySMUxAf4lrZ6kMNd5RY.roa
File: zvHY3nYLySMUxAf4lrZ6kMNd5RY.roa (raw, json)
Hash identifier: bQx43x7ME2ehdwZm1+4IyAr4tWVqWvN69ik7d75Y6MU=
Subject key identifier: CE:F1:D8:DE:76:0B:C9:23:14:C4:07:F8:96:B6:7A:90:C3:5D:E5:16
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 019420685014143D6A559F0AB105A634D26A
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/zvHY3nYLySMUxAf4lrZ6kMNd5RY.roa
Signing time: Wed 01 Jan 2025 05:48:14 +0000
ROA not before: Wed 01 Jan 2025 05:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204833
IP address blocks: 193.233.6.0/24 maxlen: 24
193.233.17.0/24 maxlen: 24
193.233.78.0/24 maxlen: 24
193.233.160.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:50:14:14:3d:6a:55:9f:0a:b1:05:a6:34:d2:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 05:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cef1d8de760bc92314c407f896b67a90c35de516
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:45:97:7f:00:2a:1e:d6:89:2c:6b:c0:2b:a7:
97:85:d5:4f:c5:95:ea:f4:b3:8b:c3:2a:e9:bd:5c:
17:aa:71:97:a7:49:ee:94:5e:de:ec:25:6e:78:81:
9c:38:73:0f:6b:fc:34:32:93:13:80:c6:a8:29:39:
37:86:54:fc:a6:ba:37:ae:a2:96:20:1f:b2:f0:b5:
26:8c:83:c9:70:13:a4:0b:2d:35:ef:40:3a:bc:b3:
59:e2:9f:90:54:46:ce:93:07:17:77:e5:79:b8:1b:
5c:db:fc:c8:6a:a4:83:37:05:83:ee:57:d0:1c:64:
71:99:36:a1:6f:f6:c4:62:3f:e5:c0:39:b1:19:3f:
f5:81:e5:b4:f8:50:50:f7:79:62:10:18:cb:a8:45:
06:06:46:4c:8d:0f:01:35:68:d2:6d:62:5c:a4:7c:
37:25:e2:9d:36:f4:c1:c1:da:a9:83:ea:65:5d:7c:
8b:9b:1a:4d:bd:79:96:a1:9b:c1:73:3e:4f:5e:93:
45:55:b9:70:bf:ec:85:d5:12:7a:a1:3f:2c:89:d9:
4f:89:4d:f1:36:d6:64:a6:a9:92:a8:6f:dc:d1:df:
e0:cc:35:45:46:61:ce:d6:74:ce:66:60:c6:09:ba:
e3:57:22:e1:13:ce:66:97:12:eb:99:a9:f0:e3:ab:
0e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:F1:D8:DE:76:0B:C9:23:14:C4:07:F8:96:B6:7A:90:C3:5D:E5:16
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/zvHY3nYLySMUxAf4lrZ6kMNd5RY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.6.0/24
193.233.17.0/24
193.233.78.0/24
193.233.160.0/24
Signature Algorithm: sha256WithRSAEncryption
79:23:9d:f9:16:7e:b1:03:ee:80:3c:17:f3:9f:cb:7b:88:63:
05:30:fb:7c:ab:3e:63:b7:8c:b3:3f:34:1a:10:af:a8:67:6e:
45:09:8b:97:b1:f9:9f:32:be:0f:5c:1d:bf:c7:b6:ba:36:d3:
e3:d0:3e:0e:f8:3c:1a:24:69:31:57:9f:68:79:d4:67:7c:79:
f9:47:6e:90:9b:b6:ca:e6:eb:a2:ee:01:ad:83:99:2d:ce:48:
13:a5:40:57:d8:4c:f0:1b:05:97:5d:ea:64:1e:47:34:51:c8:
4b:8a:03:1a:1f:3a:42:70:48:b7:10:8d:f0:f8:41:07:a2:2e:
c9:e5:8f:04:54:89:07:9a:b9:99:7f:24:00:96:4b:b5:36:5b:
9c:ab:bf:71:d5:e4:bb:5b:87:0d:40:81:3e:9f:a9:c1:59:df:
91:14:ab:dc:90:89:02:4c:e8:7c:f8:2f:e9:f5:4b:fd:81:7e:
ae:d9:6b:62:dd:51:2e:42:38:76:5b:0f:ae:53:18:e5:d2:63:
ec:4f:ce:88:3b:df:56:fd:02:98:60:85:6d:78:7e:a4:b8:54:
07:8c:0b:35:8f:36:c2:58:1d:cb:2d:6b:26:bc:f8:2f:ad:1d:
b6:ab:2e:ba:74:2c:34:2c:ab:ac:78:a8:4b:b7:ff:27:69:b9:
21:1d:f8:7a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQgaFAUFD1qVZ8KsQWmNNJqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUwMTAxMDU0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWYxZDhkZTc2MGJjOTIzMTRjNDA3Zjg5NmI2N2E5MGMzNWRlNTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUWXfwAqHtaJLGvAK6eXhdVPxZXq
9LOLwyrpvVwXqnGXp0nulF7e7CVueIGcOHMPa/w0MpMTgMaoKTk3hlT8pro3rqKW
IB+y8LUmjIPJcBOkCy0170A6vLNZ4p+QVEbOkwcXd+V5uBtc2/zIaqSDNwWD7lfQ
HGRxmTahb/bEYj/lwDmxGT/1geW0+FBQ93liEBjLqEUGBkZMjQ8BNWjSbWJcpHw3
JeKdNvTBwdqpg+plXXyLmxpNvXmWoZvBcz5PXpNFVblwv+yF1RJ6oT8sidlPiU3x
NtZkpqmSqG/c0d/gzDVFRmHO1nTOZmDGCbrjVyLhE85mlxLrmanw46sO1wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM7x2N52C8kjFMQH+Ja2epDDXeUWMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvenZIWTNuWUx5U01VeEFmNGxyWjZrTU5kNVJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwekGAwQA
wekRAwQAwelOAwQAwemgMA0GCSqGSIb3DQEBCwUAA4IBAQB5I535Fn6xA+6APBfz
n8t7iGMFMPt8qz5jt4yzPzQaEK+oZ25FCYuXsfmfMr4PXB2/x7a6NtPj0D4O+Dwa
JGkxV59oedRnfHn5R26Qm7bK5uui7gGtg5ktzkgTpUBX2EzwGwWXXepkHkc0UchL
igMaHzpCcEi3EI3w+EEHoi7J5Y8EVIkHmrmZfyQAlku1Nlucq79x1eS7W4cNQIE+
n6nBWd+RFKvckIkCTOh8+C/p9Uv9gX6u2Wti3VEuQjh2Ww+uUxjl0mPsT86IO99W
/QKYYIVteH6kuFQHjAs1jzbCWB3LLWsmvPgvrR22qy66dCw0LKuseKhLt/8nabkh
Hfh6
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:17:18 2025 by rpki-client