Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/331874-7b31-4879-bf0b-0585e9edc330/1/zd1TadsFdkDRbaDn6de93U3QGzg.roa
File: zd1TadsFdkDRbaDn6de93U3QGzg.roa (raw, json)
Hash identifier: 3y34pfznptay8iJNHTIdskxBHxaww5H8QXxFU6fcGRk=
Subject key identifier: CD:DD:53:69:DB:05:76:40:D1:6D:A0:E7:E9:D7:BD:DD:4D:D0:1B:38
Certificate issuer: /CN=eb02b523bd3af6fc6c37ddd66cdf47993db8632b
Certificate serial: 01942067D1FD1D47094DC2674840D2DF015A
Authority key identifier: EB:02:B5:23:BD:3A:F6:FC:6C:37:DD:D6:6C:DF:47:99:3D:B8:63:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6wK1I7069vxsN93WbN9HmT24Yys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/331874-7b31-4879-bf0b-0585e9edc330/1/zd1TadsFdkDRbaDn6de93U3QGzg.roa
Signing time: Wed 01 Jan 2025 05:47:42 +0000
ROA not before: Wed 01 Jan 2025 05:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202269
IP address blocks: 217.197.97.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:d1:fd:1d:47:09:4d:c2:67:48:40:d2:df:01:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb02b523bd3af6fc6c37ddd66cdf47993db8632b
Validity
Not Before: Jan 1 05:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cddd5369db057640d16da0e7e9d7bddd4dd01b38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:60:d7:28:76:c2:0a:cf:b1:90:96:b5:c3:9f:
ef:9d:7b:f5:cc:ef:d2:96:c6:a0:e8:e4:d4:63:30:
e9:71:55:70:81:c9:0e:48:55:9a:dd:40:dd:0b:d3:
c9:32:bd:1c:7a:fc:be:1f:82:23:bc:95:85:61:7d:
d6:36:28:18:37:40:e4:71:a7:55:40:93:a1:e2:a1:
94:d1:8b:df:89:05:53:f3:8d:72:7f:9a:c5:45:9b:
86:41:64:9d:f8:01:4c:55:4b:dc:0a:85:01:e8:91:
9c:4a:df:dd:0f:28:09:04:db:2e:fa:de:22:12:bb:
4f:56:0d:38:4a:dd:f1:a6:06:91:e6:59:fe:c8:06:
03:06:a5:1b:3f:93:ef:eb:a0:ab:ab:63:3b:25:94:
c6:f3:f7:40:dd:cb:59:5c:e6:bc:26:9f:21:1b:94:
e0:5f:41:c0:3e:35:00:49:69:a3:a0:93:e5:96:9e:
e3:5e:d6:7d:14:87:09:60:ea:67:ca:59:77:3a:68:
13:b3:25:ee:44:a8:45:33:e4:9c:4a:ce:7c:f1:b8:
6c:59:03:8d:a7:79:0e:69:85:05:47:75:9e:f6:eb:
d0:16:9a:b0:d2:ae:30:cb:0f:67:68:e0:b3:15:2a:
99:53:27:e6:bb:69:4c:9c:61:9b:e2:d0:15:f4:69:
bc:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:DD:53:69:DB:05:76:40:D1:6D:A0:E7:E9:D7:BD:DD:4D:D0:1B:38
X509v3 Authority Key Identifier:
keyid:EB:02:B5:23:BD:3A:F6:FC:6C:37:DD:D6:6C:DF:47:99:3D:B8:63:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6wK1I7069vxsN93WbN9HmT24Yys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/331874-7b31-4879-bf0b-0585e9edc330/1/zd1TadsFdkDRbaDn6de93U3QGzg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/331874-7b31-4879-bf0b-0585e9edc330/1/6wK1I7069vxsN93WbN9HmT24Yys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.197.97.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:4c:9a:45:3e:75:b2:2b:6b:1a:1b:8f:b0:cf:ed:26:c4:35:
19:5f:fe:95:b5:b6:9c:af:5f:47:aa:1c:3a:4c:d1:82:c7:01:
33:f3:96:1f:33:7f:67:d9:c2:cb:6e:13:73:f6:7a:26:24:36:
37:c1:a1:7b:fe:9a:60:6d:cf:09:a2:47:76:98:4e:6f:46:2e:
35:2c:c2:e0:ca:cc:ec:74:e9:a2:e3:94:83:22:ad:7e:27:b5:
1e:f9:4d:74:2b:66:8f:5e:b1:3a:fc:ad:89:c4:e4:44:f6:65:
71:b1:54:b1:f2:6b:5d:c5:9b:03:32:87:ce:51:aa:c1:38:c5:
dc:32:7a:62:67:0b:fb:35:61:9e:a0:8b:e0:c8:0b:c3:39:c8:
92:18:bf:69:a7:27:22:3c:8b:b4:04:b0:d2:ce:34:0f:50:99:
d6:a0:96:76:d7:16:16:25:02:94:04:f5:6b:a4:0b:d5:0c:a2:
ab:ad:af:4e:eb:ce:1a:b9:dc:25:6a:bd:3d:e3:41:67:57:ff:
63:f7:3e:e8:b3:73:d2:2c:b4:4e:59:31:52:88:ff:e5:b6:4b:
8b:18:2c:c5:38:36:c1:19:5c:f8:ed:a9:b9:bc:a0:00:a2:4e:
61:b3:2e:75:9b:9a:a6:ab:6d:9f:60:5a:b1:20:ac:47:63:a8:
12:ca:76:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgZ9H9HUcJTcJnSEDS3wFaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViMDJiNTIzYmQzYWY2ZmM2YzM3ZGRkNjZjZGY0Nzk5M2Ri
ODYzMmIwHhcNMjUwMTAxMDU0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGRkNTM2OWRiMDU3NjQwZDE2ZGEwZTdlOWQ3YmRkZDRkZDAxYjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmDXKHbCCs+xkJa1w5/vnXv1zO/S
lsag6OTUYzDpcVVwgckOSFWa3UDdC9PJMr0cevy+H4IjvJWFYX3WNigYN0DkcadV
QJOh4qGU0YvfiQVT841yf5rFRZuGQWSd+AFMVUvcCoUB6JGcSt/dDygJBNsu+t4i
ErtPVg04St3xpgaR5ln+yAYDBqUbP5Pv66Crq2M7JZTG8/dA3ctZXOa8Jp8hG5Tg
X0HAPjUASWmjoJPllp7jXtZ9FIcJYOpnyll3OmgTsyXuRKhFM+ScSs588bhsWQON
p3kOaYUFR3We9uvQFpqw0q4wyw9naOCzFSqZUyfmu2lMnGGb4tAV9Gm8rQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM3dU2nbBXZA0W2g5+nXvd1N0Bs4MB8GA1UdIwQY
MBaAFOsCtSO9Ovb8bDfd1mzfR5k9uGMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNndLMUk3MDY5dnhzTjkzV2JOOUhtVDI0WXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zMzE4NzQtN2IzMS00ODc5LWJmMGIt
MDU4NWU5ZWRjMzMwLzEvemQxVGFkc0Zka0RSYmFEbjZkZTkzVTNRR3pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zMzE4NzQtN2IzMS00ODc5LWJmMGItMDU4NWU5ZWRjMzMw
LzEvNndLMUk3MDY5dnhzTjkzV2JOOUhtVDI0WXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2cVhMA0G
CSqGSIb3DQEBCwUAA4IBAQBtTJpFPnWyK2saG4+wz+0mxDUZX/6Vtbacr19Hqhw6
TNGCxwEz85YfM39n2cLLbhNz9nomJDY3waF7/ppgbc8Jokd2mE5vRi41LMLgyszs
dOmi45SDIq1+J7Ue+U10K2aPXrE6/K2JxORE9mVxsVSx8mtdxZsDMofOUarBOMXc
MnpiZwv7NWGeoIvgyAvDOciSGL9ppyciPIu0BLDSzjQPUJnWoJZ21xYWJQKUBPVr
pAvVDKKrra9O684audwlar0940FnV/9j9z7os3PSLLROWTFSiP/ltkuLGCzFODbB
GVz47am5vKAAok5hsy51m5qmq22fYFqxIKxHY6gSynYT
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:07 2025 by rpki-client