Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Z1u0bEmI2fbXL2ez9bjORREGgw0.roa
File: Z1u0bEmI2fbXL2ez9bjORREGgw0.roa (raw, json)
Hash identifier: GOaV9HXSeIfYC+I9z/ykY0FIvBwlBAmIWl4P3ztL7Ds=
Subject key identifier: 67:5B:B4:6C:49:88:D9:F6:D7:2F:67:B3:F5:B8:CE:45:11:06:83:0D
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CBCC8B092DD950189272AF3ECBD30F6B1
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Z1u0bEmI2fbXL2ez9bjORREGgw0.roa
Signing time: Sat 30 Dec 2023 22:11:58 +0000
ROA not before: Sat 30 Dec 2023 22:11:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:bc:c8:b0:92:dd:95:01:89:27:2a:f3:ec:bd:30:f6:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 30 22:11:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=675bb46c4988d9f6d72f67b3f5b8ce451106830d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:56:f6:da:5d:c1:fb:38:45:44:b7:52:2b:e8:
71:62:a3:79:57:43:19:44:fe:b4:62:2c:67:68:d9:
b0:d6:d9:61:a7:1f:14:d0:b6:6d:b4:d7:97:17:4f:
5f:42:09:a4:71:e2:9e:03:f4:fd:ec:9f:54:1e:0c:
53:f9:64:a0:7e:d2:67:43:8b:a5:4c:5a:a2:82:6f:
54:27:fe:5b:d3:6b:5d:e3:a6:f0:27:30:1b:de:9c:
eb:de:28:dc:5d:53:f4:c9:2c:ab:1d:9f:c1:94:4b:
b9:9c:6f:fa:12:99:95:82:ed:6b:45:60:70:50:13:
1e:b2:00:00:81:6e:b3:33:5e:bd:79:3a:e7:5b:2c:
28:30:d9:24:a5:0f:d4:0b:b7:8f:d5:b6:de:66:81:
82:47:69:d4:fb:0f:5a:21:0c:b5:48:98:31:46:41:
5a:35:1d:22:06:75:1e:2c:4c:42:9b:ff:d1:8d:24:
c3:cb:dc:b5:4e:37:3a:d7:68:0f:23:85:38:63:d6:
59:7a:a8:5d:e9:e6:3c:be:c6:cf:4e:d2:57:ab:f4:
9a:22:94:a8:42:49:fc:a6:aa:bd:bb:e2:72:2b:8c:
b1:ad:d7:6c:2f:46:93:95:b5:27:2f:c0:06:e4:ea:
ad:e5:64:5c:98:30:72:d6:5d:d5:04:4a:0d:50:13:
33:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:5B:B4:6C:49:88:D9:F6:D7:2F:67:B3:F5:B8:CE:45:11:06:83:0D
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Z1u0bEmI2fbXL2ez9bjORREGgw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
84:18:88:55:23:55:ab:72:b7:69:d6:28:d5:80:70:60:83:f7:
86:1f:b3:b8:c8:5b:05:ee:46:8b:78:69:ce:9e:f7:33:09:8c:
bc:ea:bd:78:10:47:7f:67:fc:88:85:c0:76:bc:73:98:89:6a:
af:ec:6e:f4:ee:cf:ad:4b:47:ab:c4:a8:f3:38:96:5f:f4:a4:
6c:4a:e4:b5:c8:fc:fa:5a:9d:1a:77:f5:9f:f0:18:f3:02:4b:
a2:6e:b6:68:c8:bc:9f:c5:27:78:c5:18:77:5e:c0:16:e6:8d:
a3:26:37:4a:1b:9f:5b:5d:2c:eb:22:db:97:0e:a5:12:b2:bb:
02:8e:7a:bb:3a:a5:50:19:20:d1:0f:c8:45:85:54:f9:90:30:
52:a0:86:32:04:90:57:4c:66:29:55:0f:81:cc:2d:ee:5f:08:
9a:d9:af:5a:2c:6b:3b:87:0e:3f:88:05:2c:db:23:14:95:20:
39:c6:4a:21:c8:b6:a3:31:30:aa:2a:30:2c:de:dc:d3:9d:69:
73:30:44:c1:be:39:ae:39:23:44:99:c9:42:92:a3:80:cd:54:
94:84:1b:a8:67:1e:31:7e:85:a4:de:f4:a5:38:f5:ea:64:56:
92:ef:8a:ed:e5:02:10:39:57:f2:87:46:09:07:a3:51:22:58:
f4:a7:55:e6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYy8yLCS3ZUBiScq8+y9MPaxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjMwMjIxMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzViYjQ2YzQ5ODhkOWY2ZDcyZjY3YjNmNWI4Y2U0NTExMDY4MzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1b22l3B+zhFRLdSK+hxYqN5V0MZ
RP60YixnaNmw1tlhpx8U0LZttNeXF09fQgmkceKeA/T97J9UHgxT+WSgftJnQ4ul
TFqigm9UJ/5b02td46bwJzAb3pzr3ijcXVP0ySyrHZ/BlEu5nG/6EpmVgu1rRWBw
UBMesgAAgW6zM169eTrnWywoMNkkpQ/UC7eP1bbeZoGCR2nU+w9aIQy1SJgxRkFa
NR0iBnUeLExCm//RjSTDy9y1Tjc612gPI4U4Y9ZZeqhd6eY8vsbPTtJXq/SaIpSo
Qkn8pqq9u+JyK4yxrddsL0aTlbUnL8AG5Oqt5WRcmDBy1l3VBEoNUBMzuwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGdbtGxJiNn21y9ns/W4zkURBoMNMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWjF1MGJFbUkyZmJYTDJlejliak9SUkVHZ3cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIQYiFUjVatyt2nWKNWA
cGCD94Yfs7jIWwXuRot4ac6e9zMJjLzqvXgQR39n/IiFwHa8c5iJaq/sbvTuz61L
R6vEqPM4ll/0pGxK5LXI/PpanRp39Z/wGPMCS6JutmjIvJ/FJ3jFGHdewBbmjaMm
N0obn1tdLOsi25cOpRKyuwKOers6pVAZINEPyEWFVPmQMFKghjIEkFdMZilVD4HM
Le5fCJrZr1osazuHDj+IBSzbIxSVIDnGSiHItqMxMKoqMCze3NOdaXMwRMG+Oa45
I0SZyUKSo4DNVJSEG6hnHjF+haTe9KU49epkVpLviu3lAhA5V/KHRgkHo1EiWPSn
VeY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:20 2025 by rpki-client