Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7a1a62-e481-4a14-ad6e-35bff96da4c5/1/Z56gzm_M-tZaGarhBiqNO4W42Cc.roa
File: Z56gzm_M-tZaGarhBiqNO4W42Cc.roa (raw, json)
Hash identifier: eJvhCQP7S5z1RSJpXEGy+oeJyOGcYFdrvMSaf3V9W9o=
Subject key identifier: 67:9E:A0:CE:6F:CC:FA:D6:5A:19:AA:E1:06:2A:8D:3B:85:B8:D8:27
Certificate issuer: /CN=d1ca67610286ab738f86ce935fdf5ed620f02d96
Certificate serial: 019460EC60FE8E85758C295494412FA89121
Authority key identifier: D1:CA:67:61:02:86:AB:73:8F:86:CE:93:5F:DF:5E:D6:20:F0:2D:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0cpnYQKGq3OPhs6TX99e1iDwLZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7a1a62-e481-4a14-ad6e-35bff96da4c5/1/Z56gzm_M-tZaGarhBiqNO4W42Cc.roa
Signing time: Mon 13 Jan 2025 18:28:11 +0000
ROA not before: Mon 13 Jan 2025 18:28:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3320
IP address blocks: 193.104.33.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:60:ec:60:fe:8e:85:75:8c:29:54:94:41:2f:a8:91:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1ca67610286ab738f86ce935fdf5ed620f02d96
Validity
Not Before: Jan 13 18:28:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=679ea0ce6fccfad65a19aae1062a8d3b85b8d827
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:bd:e6:c0:03:2f:3d:26:bd:45:3c:eb:36:30:
9a:21:13:fb:b9:f0:ba:e1:79:97:8d:8e:f1:a5:46:
89:68:eb:21:ab:81:cf:f7:a7:4e:03:24:97:6c:47:
62:d8:f1:34:cc:15:fb:60:f1:3a:93:54:e6:0e:e1:
5b:f8:82:3e:a4:c9:5b:4c:2e:73:a7:aa:aa:da:a3:
0b:ab:20:db:c4:5d:3f:26:6a:cc:c9:69:9d:41:69:
60:99:83:d8:42:d7:79:6a:3c:3f:27:83:64:fb:09:
2c:ef:fb:5c:3c:4e:eb:b8:ed:10:78:25:24:9b:6e:
56:87:a3:0a:4c:1a:68:87:66:a2:15:14:9f:bd:cf:
d6:c6:90:fb:36:f5:74:f3:f6:f1:10:d8:1e:5d:45:
a2:f0:93:96:24:db:3e:e4:ac:fb:c6:05:93:83:54:
c1:a0:f2:8f:10:b9:54:97:95:30:08:f4:de:6e:3d:
e7:51:53:cd:32:8c:ac:a3:13:40:e2:e1:ed:ab:6e:
75:8f:b2:c0:8b:63:2e:2f:94:b3:6e:88:1f:4a:18:
92:d1:4a:a6:ee:55:93:3f:e0:66:77:b6:e7:fa:cc:
e0:9a:1c:70:6f:ba:d3:cf:82:cb:01:5f:04:72:b2:
f1:73:c0:be:aa:0c:51:c7:52:6e:32:ad:04:ee:40:
87:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:9E:A0:CE:6F:CC:FA:D6:5A:19:AA:E1:06:2A:8D:3B:85:B8:D8:27
X509v3 Authority Key Identifier:
keyid:D1:CA:67:61:02:86:AB:73:8F:86:CE:93:5F:DF:5E:D6:20:F0:2D:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0cpnYQKGq3OPhs6TX99e1iDwLZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7a1a62-e481-4a14-ad6e-35bff96da4c5/1/Z56gzm_M-tZaGarhBiqNO4W42Cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7a1a62-e481-4a14-ad6e-35bff96da4c5/1/0cpnYQKGq3OPhs6TX99e1iDwLZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.33.0/24
Signature Algorithm: sha256WithRSAEncryption
15:ad:4c:22:4a:6e:62:f9:69:86:09:98:21:08:6d:e3:32:34:
6b:13:f6:a4:d3:cc:2c:c0:a2:53:af:5e:62:9d:92:4c:f8:a4:
0c:22:53:ba:de:78:50:92:3e:86:4e:a9:14:fc:be:f0:6b:b1:
8e:07:c3:98:90:f9:33:e9:5b:2d:57:af:1c:5a:ea:fb:7a:91:
1b:f2:1d:05:78:27:ef:d4:09:f2:8d:d1:14:eb:db:f7:34:73:
89:66:97:b5:54:56:31:8f:23:04:80:ee:e9:48:c2:5b:e1:98:
56:93:55:de:d4:c8:e1:ac:ba:c2:ac:5c:53:bb:62:88:00:1f:
69:b9:68:90:83:24:56:36:89:bf:65:a2:9b:b0:57:05:4e:6c:
b7:90:94:8b:a2:83:38:12:a5:80:d2:0f:00:88:2a:d0:bd:cb:
ad:b5:0e:8f:3a:59:26:50:9e:ca:9e:43:f6:ac:77:5b:29:cb:
77:b2:6f:00:ee:55:5c:5b:95:f4:cb:29:25:bd:dc:75:0f:aa:
5b:41:ba:9e:57:de:47:b4:8d:d5:66:6b:62:0f:32:58:93:d3:
3f:8e:b8:5e:f9:5a:47:38:2b:87:57:90:67:ba:58:1b:9d:72:
08:50:04:39:e7:27:a7:7a:ee:02:8e:d3:bd:17:ec:00:2c:18:
1d:51:04:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRg7GD+joV1jClUlEEvqJEhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxY2E2NzYxMDI4NmFiNzM4Zjg2Y2U5MzVmZGY1ZWQ2MjBm
MDJkOTYwHhcNMjUwMTEzMTgyODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzllYTBjZTZmY2NmYWQ2NWExOWFhZTEwNjJhOGQzYjg1YjhkODI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1L3mwAMvPSa9RTzrNjCaIRP7ufC6
4XmXjY7xpUaJaOshq4HP96dOAySXbEdi2PE0zBX7YPE6k1TmDuFb+II+pMlbTC5z
p6qq2qMLqyDbxF0/JmrMyWmdQWlgmYPYQtd5ajw/J4Nk+wks7/tcPE7ruO0QeCUk
m25Wh6MKTBpoh2aiFRSfvc/WxpD7NvV08/bxENgeXUWi8JOWJNs+5Kz7xgWTg1TB
oPKPELlUl5UwCPTebj3nUVPNMoysoxNA4uHtq251j7LAi2MuL5SzbogfShiS0Uqm
7lWTP+Bmd7bn+szgmhxwb7rTz4LLAV8EcrLxc8C+qgxRx1JuMq0E7kCHIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGeeoM5vzPrWWhmq4QYqjTuFuNgnMB8GA1UdIwQY
MBaAFNHKZ2EChqtzj4bOk1/fXtYg8C2WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGNwbllRS0dxM09QaHM2VFg5OWUxaUR3TFpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YTFhNjItZTQ4MS00YTE0LWFkNmUt
MzViZmY5NmRhNGM1LzEvWjU2Z3ptX00tdFphR2FyaEJpcU5PNFc0MkNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YTFhNjItZTQ4MS00YTE0LWFkNmUtMzViZmY5NmRhNGM1
LzEvMGNwbllRS0dxM09QaHM2VFg5OWUxaUR3TFpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWghMA0G
CSqGSIb3DQEBCwUAA4IBAQAVrUwiSm5i+WmGCZghCG3jMjRrE/ak08wswKJTr15i
nZJM+KQMIlO63nhQkj6GTqkU/L7wa7GOB8OYkPkz6VstV68cWur7epEb8h0FeCfv
1AnyjdEU69v3NHOJZpe1VFYxjyMEgO7pSMJb4ZhWk1Xe1MjhrLrCrFxTu2KIAB9p
uWiQgyRWNom/ZaKbsFcFTmy3kJSLooM4EqWA0g8AiCrQvcuttQ6POlkmUJ7KnkP2
rHdbKct3sm8A7lVcW5X0yyklvdx1D6pbQbqeV95HtI3VZmtiDzJYk9M/jrhe+VpH
OCuHV5BnulgbnXIIUAQ55yeneu4CjtO9F+wALBgdUQT0
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:40:51 2025 by rpki-client