Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ZYmaAGRTKYJIFZ6tfWKuDSe4VEA.roa
File: ZYmaAGRTKYJIFZ6tfWKuDSe4VEA.roa (raw, json)
Hash identifier: CDnD7ctmn3uyyRBKpky3fG1IwluwoX5TGFoYE4uFbvg=
Subject key identifier: 65:89:9A:00:64:53:29:82:48:15:9E:AD:7D:62:AE:0D:27:B8:54:40
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CD2A725D2E62B07D7CE826205322C867D
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ZYmaAGRTKYJIFZ6tfWKuDSe4VEA.roa
Signing time: Thu 04 Jan 2024 04:06:58 +0000
ROA not before: Thu 04 Jan 2024 04:06:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18c:d2a4:deb4/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d2:a7:25:d2:e6:2b:07:d7:ce:82:62:05:32:2c:86:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 4 04:06:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=65899a006453298248159ead7d62ae0d27b85440
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:94:ad:c9:d7:8d:6c:e9:96:33:8e:c8:b7:16:
2d:4b:be:27:d4:db:48:d0:95:6b:b7:81:5c:e6:3d:
29:b0:21:53:7d:ac:b3:1a:4e:7f:44:fa:88:20:07:
04:22:e5:0a:7a:b9:f6:2f:ab:6e:92:21:14:3f:33:
64:62:80:14:45:8e:30:54:fa:d3:75:82:ba:22:ba:
67:5a:b4:cf:49:8a:c4:35:9d:22:e0:00:39:70:16:
c9:72:1d:87:aa:c1:86:ff:80:72:d9:85:51:2c:38:
40:73:10:1f:0b:6c:c8:42:0c:41:e7:d6:32:34:67:
29:d1:4f:83:d0:9a:30:aa:32:70:7c:3a:5f:23:0f:
36:58:c3:4e:f8:27:c2:82:2b:96:61:6a:dd:eb:4a:
66:06:3d:3b:02:09:5b:a0:5f:6c:2a:28:75:b0:93:
e1:4f:66:12:81:10:eb:5c:26:f6:fb:8a:60:84:c8:
24:4f:e3:ef:09:32:2c:23:d5:5a:94:c8:ac:dd:22:
04:a3:c2:e2:95:af:a2:24:76:f8:79:68:cc:39:8a:
33:eb:9a:eb:d1:1b:6b:af:14:6f:76:51:5c:f1:62:
14:73:e3:4f:52:8e:35:70:ad:f1:15:06:53:b3:4f:
69:88:24:5d:db:c8:53:bd:6c:ed:0e:5c:be:29:3b:
7c:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:89:9A:00:64:53:29:82:48:15:9E:AD:7D:62:AE:0D:27:B8:54:40
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ZYmaAGRTKYJIFZ6tfWKuDSe4VEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5c:9a:b6:4e:e0:00:a2:57:ce:d7:3b:66:e8:4c:9f:00:41:fe:
0f:05:dc:d3:bb:75:b5:4a:90:49:9f:7f:49:43:8c:8d:2f:e9:
36:12:bc:24:1f:6d:35:1e:ba:69:c5:c7:03:62:9a:cf:74:fa:
40:dd:43:ec:e3:ef:9d:32:b7:dc:0a:06:c6:51:56:07:e5:a4:
a7:72:fd:79:47:cc:0a:ca:c2:4c:3a:a7:37:e1:a2:d3:de:79:
3d:00:d1:e5:22:39:de:f1:05:f9:54:27:a0:df:f8:0b:6b:d4:
0b:c2:09:2f:a1:74:52:1b:b9:a7:e4:49:3d:15:8a:b5:d1:91:
00:d7:6c:70:f0:21:01:55:47:3a:4f:b7:da:28:75:97:4b:3a:
87:c7:77:01:75:97:6f:2e:1f:eb:e5:2a:25:5c:32:aa:e2:f6:
17:d1:f8:f9:95:ae:42:ca:3c:95:a9:5a:24:da:d3:90:85:7e:
25:87:c4:97:4f:19:17:a8:67:b4:27:70:9c:96:c5:5f:42:80:
03:e2:d7:71:41:af:6f:2e:5d:22:6a:26:95:f6:6a:6b:83:77:
9c:ec:ab:77:58:58:93:e6:fc:05:1c:7c:39:0b:a2:3e:fd:66:
ca:c4:9d:8a:06:9a:f2:66:ee:4a:1f:cc:d1:11:fe:f8:a0:b0:
33:b8:a0:b6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzSpyXS5isH186CYgUyLIZ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA0MDQwNjU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTg5OWEwMDY0NTMyOTgyNDgxNTllYWQ3ZDYyYWUwZDI3Yjg1NDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJStydeNbOmWM47ItxYtS74n1NtI
0JVrt4Fc5j0psCFTfayzGk5/RPqIIAcEIuUKern2L6tukiEUPzNkYoAURY4wVPrT
dYK6IrpnWrTPSYrENZ0i4AA5cBbJch2HqsGG/4By2YVRLDhAcxAfC2zIQgxB59Yy
NGcp0U+D0JowqjJwfDpfIw82WMNO+CfCgiuWYWrd60pmBj07AglboF9sKih1sJPh
T2YSgRDrXCb2+4pghMgkT+PvCTIsI9ValMis3SIEo8Lila+iJHb4eWjMOYoz65rr
0RtrrxRvdlFc8WIUc+NPUo41cK3xFQZTs09piCRd28hTvWztDly+KTt8hQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGWJmgBkUymCSBWerX1irg0nuFRAMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWlltYUFHUlRLWUpJRlo2dGZXS3VEU2U0VkVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFyatk7gAKJXztc7ZuhM
nwBB/g8F3NO7dbVKkEmff0lDjI0v6TYSvCQfbTUeumnFxwNims90+kDdQ+zj750y
t9wKBsZRVgflpKdy/XlHzArKwkw6pzfhotPeeT0A0eUiOd7xBflUJ6Df+Atr1AvC
CS+hdFIbuafkST0VirXRkQDXbHDwIQFVRzpPt9oodZdLOofHdwF1l28uH+vlKiVc
Mqri9hfR+PmVrkLKPJWpWiTa05CFfiWHxJdPGReoZ7QncJyWxV9CgAPi13FBr28u
XSJqJpX2amuDd5zsq3dYWJPm/AUcfDkLoj79ZsrEnYoGmvJm7kofzNER/vigsDO4
oLY=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:30:42 2025 by rpki-client