Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/Z0NstpNFGmZvTmitOe-bpzN3pog.roa
File: Z0NstpNFGmZvTmitOe-bpzN3pog.roa (raw, json)
Hash identifier: vOxHYK5BHjTLsLb9PBk4RNol3oeaceKJ5r4uuQeEoSc=
Subject key identifier: 67:43:6C:B6:93:45:1A:66:6F:4E:68:AD:39:EF:9B:A7:33:77:A6:88
Certificate issuer: /CN=0d4ee193b301665b56f6780f225fd44d144093af
Certificate serial: 019421B18AFCAB7D2EF61F419CBE4469506F
Authority key identifier: 0D:4E:E1:93:B3:01:66:5B:56:F6:78:0F:22:5F:D4:4D:14:40:93:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DU7hk7MBZltW9ngPIl_UTRRAk68.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/Z0NstpNFGmZvTmitOe-bpzN3pog.roa
Signing time: Wed 01 Jan 2025 11:47:51 +0000
ROA not before: Wed 01 Jan 2025 11:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199155
IP address blocks: 193.236.16.0/20 maxlen: 20
2001:697::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:8a:fc:ab:7d:2e:f6:1f:41:9c:be:44:69:50:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d4ee193b301665b56f6780f225fd44d144093af
Validity
Not Before: Jan 1 11:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67436cb693451a666f4e68ad39ef9ba73377a688
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:14:74:4e:5b:32:a8:99:eb:27:7d:83:35:45:
8b:74:54:72:89:c4:d4:2d:2c:11:1e:dc:33:47:d2:
ab:4f:48:ce:47:f9:9c:10:b9:02:de:e0:21:1e:5f:
62:4c:7e:2f:ea:6d:14:53:03:cc:c7:96:37:e8:c5:
d1:59:46:95:84:d1:d2:7d:a4:46:fd:b8:d2:65:ac:
d1:26:60:12:66:11:17:3f:00:65:0c:fb:18:48:39:
fc:fb:80:02:d3:6e:17:ca:24:1c:cf:d9:6f:60:d7:
8b:e4:ae:17:d2:32:ff:99:f6:d1:13:23:b1:6d:d9:
1b:58:e5:06:8b:b2:a2:36:b6:44:6a:6a:ca:b7:d6:
eb:58:6f:79:5d:31:e1:60:60:df:70:c3:83:ff:15:
94:e2:19:1a:0a:e6:d7:08:60:fb:d9:ca:24:97:f2:
af:29:e9:72:fa:86:fa:6c:9c:71:5c:fd:4b:07:c2:
1f:6d:32:3d:e8:d0:4a:73:09:a3:a7:8b:cd:d8:77:
05:7d:b4:7a:0e:f0:42:5f:d3:a9:db:de:4b:f9:6c:
71:7c:b1:e2:cf:a7:81:57:3f:82:e6:e9:a7:1a:65:
c0:4c:f1:9b:ae:d3:fa:c4:bf:d0:0c:60:c7:a3:ae:
71:bf:ea:c8:6a:0f:ec:77:00:7d:f2:54:74:62:68:
f7:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:43:6C:B6:93:45:1A:66:6F:4E:68:AD:39:EF:9B:A7:33:77:A6:88
X509v3 Authority Key Identifier:
keyid:0D:4E:E1:93:B3:01:66:5B:56:F6:78:0F:22:5F:D4:4D:14:40:93:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DU7hk7MBZltW9ngPIl_UTRRAk68.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/Z0NstpNFGmZvTmitOe-bpzN3pog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/DU7hk7MBZltW9ngPIl_UTRRAk68.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.236.16.0/20
IPv6:
2001:697::/32
Signature Algorithm: sha256WithRSAEncryption
8a:a8:02:1e:b2:58:6d:c5:eb:db:2b:f5:b2:98:31:47:a4:2a:
7e:03:86:f1:77:1c:9c:a5:b3:21:b5:69:4c:41:23:3a:29:2b:
c8:02:ff:97:d7:f7:79:83:5d:7d:fc:7c:6a:1f:b2:91:34:c3:
57:b3:2c:a2:02:46:86:38:31:39:6f:c0:09:b5:d2:90:fe:3b:
69:c2:47:78:b3:84:21:16:3e:c9:c5:33:59:ce:47:53:48:4a:
66:b6:04:35:d1:b3:b0:25:ff:05:8d:ca:c5:71:d1:64:9f:ed:
ed:97:81:4f:23:b7:9e:8e:7c:d2:11:c2:c0:7e:5d:d9:a9:dd:
ba:67:22:aa:d1:11:ac:c5:a4:14:1d:93:7c:01:00:eb:1d:82:
69:62:28:7f:4a:aa:28:38:36:c9:8f:28:1a:0c:9f:3a:49:f5:
56:44:d3:c5:d9:22:9c:ff:cb:96:e6:90:d8:f5:dc:30:73:dc:
ca:93:d2:21:a7:56:3b:68:d9:fc:e1:31:b5:80:be:46:54:8d:
cc:a4:c4:65:00:36:9d:a9:50:b5:96:03:dc:15:e4:c1:8e:2c:
aa:1c:ee:8f:97:ba:07:54:77:36:aa:58:a6:9a:47:9a:f3:75:
ea:22:64:26:7a:70:76:6d:14:14:f6:c1:8b:7a:bf:ec:56:94:
cf:e5:f8:5e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhsYr8q30u9h9BnL5EaVBvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNGVlMTkzYjMwMTY2NWI1NmY2NzgwZjIyNWZkNDRkMTQ0
MDkzYWYwHhcNMjUwMTAxMTE0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzQzNmNiNjkzNDUxYTY2NmY0ZTY4YWQzOWVmOWJhNzMzNzdhNjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBR0TlsyqJnrJ32DNUWLdFRyicTU
LSwRHtwzR9KrT0jOR/mcELkC3uAhHl9iTH4v6m0UUwPMx5Y36MXRWUaVhNHSfaRG
/bjSZazRJmASZhEXPwBlDPsYSDn8+4AC024XyiQcz9lvYNeL5K4X0jL/mfbREyOx
bdkbWOUGi7KiNrZEamrKt9brWG95XTHhYGDfcMOD/xWU4hkaCubXCGD72cokl/Kv
Kely+ob6bJxxXP1LB8IfbTI96NBKcwmjp4vN2HcFfbR6DvBCX9Op295L+WxxfLHi
z6eBVz+C5umnGmXATPGbrtP6xL/QDGDHo65xv+rIag/sdwB98lR0Ymj3mQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGdDbLaTRRpmb05orTnvm6czd6aIMB8GA1UdIwQY
MBaAFA1O4ZOzAWZbVvZ4DyJf1E0UQJOvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFU3aGs3TUJabHRXOW5nUElsX1VUUlJBazY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wOTcxMTEtMzA5OC00Y2Y3LWFjMGYt
OWY3ZTBmODYyZjFlLzEvWjBOc3RwTkZHbVp2VG1pdE9lLWJwek4zcG9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wOTcxMTEtMzA5OC00Y2Y3LWFjMGYtOWY3ZTBmODYyZjFl
LzEvRFU3aGs3TUJabHRXOW5nUElsX1VUUlJBazY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEwewQMA0E
AgACMAcDBQAgAQaXMA0GCSqGSIb3DQEBCwUAA4IBAQCKqAIeslhtxevbK/WymDFH
pCp+A4bxdxycpbMhtWlMQSM6KSvIAv+X1/d5g119/HxqH7KRNMNXsyyiAkaGODE5
b8AJtdKQ/jtpwkd4s4QhFj7JxTNZzkdTSEpmtgQ10bOwJf8FjcrFcdFkn+3tl4FP
I7eejnzSEcLAfl3Zqd26ZyKq0RGsxaQUHZN8AQDrHYJpYih/SqooODbJjygaDJ86
SfVWRNPF2SKc/8uW5pDY9dwwc9zKk9Ihp1Y7aNn84TG1gL5GVI3MpMRlADadqVC1
lgPcFeTBjiyqHO6Pl7oHVHc2qlimmkea83XqImQmenB2bRQU9sGLer/sVpTP5fhe
-----END CERTIFICATE-----
Generated at Tue Apr 8 01:05:04 2025 by rpki-client