Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ZTHLwqvFXvvP_YKlhq0B3DzMi8Y.roa
File: ZTHLwqvFXvvP_YKlhq0B3DzMi8Y.roa (raw, json)
Hash identifier: WKu4BPP0WrU4oLLSsiPADOln93wGWcyGFHKtX7NCYFc=
Subject key identifier: 65:31:CB:C2:AB:C5:5E:FB:CF:FD:82:A5:86:AD:01:DC:3C:CC:8B:C6
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DB08E24076D9A54EA2D2A86ADB99CA57F
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ZTHLwqvFXvvP_YKlhq0B3DzMi8Y.roa
Signing time: Fri 16 Feb 2024 06:15:21 +0000
ROA not before: Fri 16 Feb 2024 06:15:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b0:8e:24:07:6d:9a:54:ea:2d:2a:86:ad:b9:9c:a5:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 16 06:15:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6531cbc2abc55efbcffd82a586ad01dc3ccc8bc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:45:62:a0:f2:b5:69:45:1f:16:6c:40:25:e1:
85:a6:5b:54:76:1e:03:90:74:aa:5a:64:17:aa:e9:
ff:66:d0:be:7f:67:9c:d3:da:14:eb:ab:99:62:2e:
46:bc:3f:66:9a:b7:1e:4d:e1:1b:d4:7d:4f:8c:3c:
ed:66:b6:e7:1a:62:d8:7f:2a:b8:32:76:58:53:1a:
1b:e3:e6:75:bf:c2:a6:56:51:2b:b9:8c:76:6b:6b:
3b:94:02:6f:e6:95:3e:3d:2d:f6:24:7d:b3:d0:54:
71:f7:72:ca:24:b3:57:0c:80:c1:af:50:7d:7b:33:
7f:93:01:8f:7c:ac:24:80:32:03:5f:5a:af:c1:be:
9c:76:2a:a2:57:6b:ea:1a:09:d8:51:e7:0f:5f:b2:
15:66:76:48:d3:47:88:bc:a4:a8:91:ad:f1:9f:8b:
a5:ff:4e:c7:34:84:67:cf:85:d5:ca:89:dc:ef:ca:
0e:ac:ca:3e:d7:e5:f6:fc:57:57:f8:d7:40:da:64:
ef:fd:86:51:d3:71:8f:bd:a3:03:0e:23:19:9f:d2:
79:45:06:ee:d7:78:c4:64:cf:46:db:85:77:79:48:
8a:a9:96:84:77:de:6c:81:ad:8d:73:4d:f7:14:c8:
3e:73:91:65:b1:30:84:0a:6f:66:0f:9c:73:47:0c:
6d:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:31:CB:C2:AB:C5:5E:FB:CF:FD:82:A5:86:AD:01:DC:3C:CC:8B:C6
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ZTHLwqvFXvvP_YKlhq0B3DzMi8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2b:24:f3:1f:ca:90:33:39:58:93:6b:7b:f0:af:ca:2c:e6:cf:
77:82:5c:6a:8e:6c:10:6e:b8:5e:b6:ad:1d:0b:41:da:43:11:
f7:77:78:bb:a6:a3:67:43:03:5f:5a:89:a1:0b:2a:8b:11:e9:
d1:f0:58:aa:7e:ca:c8:25:26:ec:ae:b9:94:11:18:c4:46:7c:
6d:47:94:e6:4f:21:91:e8:86:98:f0:de:14:59:18:3a:0d:d2:
bf:99:a5:f7:7e:f3:dc:03:c5:36:ae:01:7e:7d:7f:18:98:b6:
d7:90:4e:80:fc:da:ef:40:0f:c3:95:7b:0c:a6:bd:c0:c3:05:
f2:26:92:d5:54:3b:37:a0:f8:1e:8c:64:19:05:04:bb:c3:46:
e1:5a:f0:33:8c:11:7e:36:5a:20:09:d1:d3:25:c5:f4:ea:c9:
d1:b3:7f:ea:7c:6c:e4:f8:7f:fa:b7:e7:94:11:2b:6f:0d:50:
d9:c1:52:88:b5:ee:59:79:54:1d:f8:a5:44:61:b6:20:76:ba:
41:3c:2e:80:1f:b3:cb:bc:fd:02:bd:9f:ad:90:8e:fa:7e:83:
bf:90:37:70:7e:3f:18:81:4d:f4:f4:5f:5a:a9:46:c6:c6:79:
ab:0d:93:a0:54:38:03:ce:22:9a:74:aa:22:c3:1f:c2:5e:f4:
51:bd:24:5b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2wjiQHbZpU6i0qhq25nKV/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE2MDYxNTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTMxY2JjMmFiYzU1ZWZiY2ZmZDgyYTU4NmFkMDFkYzNjY2M4YmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEVioPK1aUUfFmxAJeGFpltUdh4D
kHSqWmQXqun/ZtC+f2ec09oU66uZYi5GvD9mmrceTeEb1H1PjDztZrbnGmLYfyq4
MnZYUxob4+Z1v8KmVlEruYx2a2s7lAJv5pU+PS32JH2z0FRx93LKJLNXDIDBr1B9
ezN/kwGPfKwkgDIDX1qvwb6cdiqiV2vqGgnYUecPX7IVZnZI00eIvKSoka3xn4ul
/07HNIRnz4XVyonc78oOrMo+1+X2/FdX+NdA2mTv/YZR03GPvaMDDiMZn9J5RQbu
13jEZM9G24V3eUiKqZaEd95sga2Nc033FMg+c5FlsTCECm9mD5xzRwxtGwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGUxy8KrxV77z/2CpYatAdw8zIvGMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWlRITHdxdkZYdnZQX1lLbGhxMEIzRHpNaThZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACsk8x/KkDM5WJNre/Cv
yizmz3eCXGqObBBuuF62rR0LQdpDEfd3eLumo2dDA19aiaELKosR6dHwWKp+ysgl
JuyuuZQRGMRGfG1HlOZPIZHohpjw3hRZGDoN0r+Zpfd+89wDxTauAX59fxiYtteQ
ToD82u9AD8OVewymvcDDBfImktVUOzeg+B6MZBkFBLvDRuFa8DOMEX42WiAJ0dMl
xfTqydGzf+p8bOT4f/q355QRK28NUNnBUoi17ll5VB34pURhtiB2ukE8LoAfs8u8
/QK9n62Qjvp+g7+QN3B+PxiBTfT0X1qpRsbGeasNk6BUOAPOIpp0qiLDH8Je9FG9
JFs=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:14 2025 by rpki-client