Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/5f5589-4c32-493f-924e-bae7aa0a18a0/1/ZYpOnf_RMjUdQRpY5DSmoRhYWXo.roa
File: ZYpOnf_RMjUdQRpY5DSmoRhYWXo.roa (raw, json)
Hash identifier: 1MZ14FF0b6BfjlsKqzDJT2k9XMlDgyRHFf/YVDEx3LU=
Subject key identifier: 65:8A:4E:9D:FF:D1:32:35:1D:41:1A:58:E4:34:A6:A1:18:58:59:7A
Certificate issuer: /CN=1716ebd40a744a0c84f2535457047808ad2f17c4
Certificate serial: 019421B208F081BAEA439E3720621BAD9436
Authority key identifier: 17:16:EB:D4:0A:74:4A:0C:84:F2:53:54:57:04:78:08:AD:2F:17:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fxbr1Ap0SgyE8lNUVwR4CK0vF8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/5f5589-4c32-493f-924e-bae7aa0a18a0/1/ZYpOnf_RMjUdQRpY5DSmoRhYWXo.roa
Signing time: Wed 01 Jan 2025 11:48:23 +0000
ROA not before: Wed 01 Jan 2025 11:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 63023
IP address blocks: 193.108.116.0/24 maxlen: 24
193.108.117.0/24 maxlen: 24
193.108.118.0/24 maxlen: 24
193.108.119.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:08:f0:81:ba:ea:43:9e:37:20:62:1b:ad:94:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1716ebd40a744a0c84f2535457047808ad2f17c4
Validity
Not Before: Jan 1 11:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=658a4e9dffd132351d411a58e434a6a11858597a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:9c:4e:3a:16:5a:1d:2f:02:c5:b8:90:6b:4b:
10:f2:b0:b5:a2:12:2a:7c:2a:10:08:45:af:ed:ab:
b7:e3:20:de:5b:96:62:40:ae:2e:bf:9f:44:f0:c2:
bf:fe:dd:67:04:7b:24:d5:3d:2b:1e:00:a4:1c:25:
86:7b:8b:6d:21:a9:5c:39:e8:47:54:65:37:58:8a:
08:ca:66:24:fd:41:d9:81:84:95:47:60:2c:be:9a:
8c:af:34:38:07:29:12:fb:c2:0c:6e:00:91:7d:fd:
b6:b2:f6:0e:75:96:55:d3:b3:cb:6c:3f:f1:89:46:
c7:38:7a:08:39:66:06:82:42:ec:89:f1:75:ef:e2:
dc:9d:99:1b:4f:cb:f4:9c:7e:75:f4:c6:c9:97:6c:
8a:96:80:79:61:db:fc:21:e6:48:f8:8c:d4:a3:3a:
74:2c:a0:00:4a:88:d0:d4:5d:80:83:f7:bf:00:9d:
54:67:37:7c:62:47:69:96:61:b6:21:91:9c:6d:b1:
83:3c:48:43:2c:29:fd:98:4f:8a:7d:5e:48:53:91:
99:c6:9c:4c:4f:8c:c1:02:00:15:ad:95:88:f7:6c:
2a:05:16:b9:07:a7:19:9c:13:ba:04:97:75:63:fd:
3c:8e:f6:32:db:16:dd:d7:51:ce:21:03:73:bc:35:
07:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:8A:4E:9D:FF:D1:32:35:1D:41:1A:58:E4:34:A6:A1:18:58:59:7A
X509v3 Authority Key Identifier:
keyid:17:16:EB:D4:0A:74:4A:0C:84:F2:53:54:57:04:78:08:AD:2F:17:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fxbr1Ap0SgyE8lNUVwR4CK0vF8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5f5589-4c32-493f-924e-bae7aa0a18a0/1/ZYpOnf_RMjUdQRpY5DSmoRhYWXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5f5589-4c32-493f-924e-bae7aa0a18a0/1/Fxbr1Ap0SgyE8lNUVwR4CK0vF8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.116.0/22
Signature Algorithm: sha256WithRSAEncryption
83:da:44:8e:27:32:5a:e1:4e:7c:18:b1:61:42:49:79:72:c2:
14:ec:b3:bf:a8:9c:dc:68:ab:3f:6a:8e:14:f1:ad:af:f0:40:
1c:ea:8c:ee:b0:75:ed:fa:17:ba:2a:93:c9:1b:80:b3:9b:b2:
c5:47:1b:43:f5:ed:99:70:f4:5d:4d:22:4a:c7:06:c7:a5:2f:
ac:99:bd:77:61:79:94:9a:ff:78:10:1b:c0:bb:47:52:38:75:
69:30:bb:5a:7b:9c:76:1b:27:d5:39:f8:f9:b7:ce:c0:0d:3c:
3a:fa:6c:9c:1d:94:50:32:c9:8e:5b:89:cb:7d:21:d9:87:38:
64:de:2d:6c:77:fb:99:cf:40:04:67:79:2d:0a:fb:ec:99:c7:
25:1b:be:f4:c6:cb:40:b1:46:e9:0f:6f:a8:0c:23:83:a7:10:
9b:de:65:0a:b0:82:cb:42:67:48:c2:bb:de:91:25:d6:e0:22:
4b:f6:43:32:f8:0c:49:02:c2:f9:f6:7e:4f:49:f4:09:7a:24:
19:aa:1d:68:1c:15:53:e7:6a:3a:05:2d:4a:2d:66:f5:91:5d:
2c:c4:ba:3f:b8:6b:82:6e:19:89:df:c8:ce:a5:d8:03:89:90:
4f:53:2e:f3:f4:a6:22:35:c2:8f:c7:e8:03:bc:1c:63:ce:14:
28:eb:f7:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsgjwgbrqQ543IGIbrZQ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MTZlYmQ0MGE3NDRhMGM4NGYyNTM1NDU3MDQ3ODA4YWQy
ZjE3YzQwHhcNMjUwMTAxMTE0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NThhNGU5ZGZmZDEzMjM1MWQ0MTFhNThlNDM0YTZhMTE4NTg1OTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA75xOOhZaHS8CxbiQa0sQ8rC1ohIq
fCoQCEWv7au34yDeW5ZiQK4uv59E8MK//t1nBHsk1T0rHgCkHCWGe4ttIalcOehH
VGU3WIoIymYk/UHZgYSVR2AsvpqMrzQ4BykS+8IMbgCRff22svYOdZZV07PLbD/x
iUbHOHoIOWYGgkLsifF17+LcnZkbT8v0nH519MbJl2yKloB5Ydv8IeZI+IzUozp0
LKAASojQ1F2Ag/e/AJ1UZzd8YkdplmG2IZGcbbGDPEhDLCn9mE+KfV5IU5GZxpxM
T4zBAgAVrZWI92wqBRa5B6cZnBO6BJd1Y/08jvYy2xbd11HOIQNzvDUH3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGWKTp3/0TI1HUEaWOQ0pqEYWFl6MB8GA1UdIwQY
MBaAFBcW69QKdEoMhPJTVFcEeAitLxfEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnhicjFBcDBTZ3lFOGxOVVZ3UjRDSzB2RjhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS81ZjU1ODktNGMzMi00OTNmLTkyNGUt
YmFlN2FhMGExOGEwLzEvWllwT25mX1JNalVkUVJwWTVEU21vUmhZV1hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS81ZjU1ODktNGMzMi00OTNmLTkyNGUtYmFlN2FhMGExOGEw
LzEvRnhicjFBcDBTZ3lFOGxOVVZ3UjRDSzB2RjhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwWx0MA0G
CSqGSIb3DQEBCwUAA4IBAQCD2kSOJzJa4U58GLFhQkl5csIU7LO/qJzcaKs/ao4U
8a2v8EAc6ozusHXt+he6KpPJG4Czm7LFRxtD9e2ZcPRdTSJKxwbHpS+smb13YXmU
mv94EBvAu0dSOHVpMLtae5x2GyfVOfj5t87ADTw6+mycHZRQMsmOW4nLfSHZhzhk
3i1sd/uZz0AEZ3ktCvvsmcclG770xstAsUbpD2+oDCODpxCb3mUKsILLQmdIwrve
kSXW4CJL9kMy+AxJAsL59n5PSfQJeiQZqh1oHBVT52o6BS1KLWb1kV0sxLo/uGuC
bhmJ38jOpdgDiZBPUy7z9KYiNcKPx+gDvBxjzhQo6/fO
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:00:05 2025 by rpki-client