Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Z_vICgRKPC6E-KBNqzf8FfCh2ho.roa
File: Z_vICgRKPC6E-KBNqzf8FfCh2ho.roa (raw, json)
Hash identifier: bxW6myQub6v9CuRwhhLE4gP8TbA0NLZGTx09KdD3ieo=
Subject key identifier: 67:FB:C8:0A:04:4A:3C:2E:84:F8:A0:4D:AB:37:FC:15:F0:A1:DA:1A
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E495054961E1BE03BFF124C98670E836D
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Z_vICgRKPC6E-KBNqzf8FfCh2ho.roa
Signing time: Sat 16 Mar 2024 22:09:45 +0000
ROA not before: Sat 16 Mar 2024 22:09:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:49:50:54:96:1e:1b:e0:3b:ff:12:4c:98:67:0e:83:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 16 22:09:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67fbc80a044a3c2e84f8a04dab37fc15f0a1da1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:33:80:f4:db:d3:7c:41:2d:35:3b:88:06:f2:
42:a1:72:2f:59:d0:fa:c5:24:de:f3:a7:8e:cc:72:
ef:51:ec:72:79:97:68:c3:d7:21:7f:d6:92:01:29:
f5:82:3a:bc:a4:54:ef:59:f9:a6:06:22:dc:e2:f7:
9c:0c:b4:b8:d2:df:16:f4:36:fe:8f:e1:11:c0:89:
0b:44:96:5b:97:b6:e6:b7:e6:a9:af:19:aa:2f:cf:
f7:24:41:c1:30:5a:6c:5f:bb:9b:9a:fe:cc:77:be:
59:6d:f0:93:b0:3b:d8:8c:d7:20:f3:2c:14:ef:c5:
0c:c8:2f:e7:df:73:f7:8c:da:61:08:27:11:d5:1a:
5f:aa:a1:ef:f6:9f:3e:8d:51:01:b0:5a:5a:b0:1f:
5d:4a:da:43:6f:e7:dc:e3:83:82:9b:78:73:04:e0:
bd:c2:d0:e7:01:cf:c0:a8:c4:11:84:e3:cd:66:11:
e5:2b:58:30:28:b6:c7:de:26:26:fe:b3:12:d1:d0:
5b:bd:3f:3a:97:ec:04:fc:81:8b:db:a1:8e:4e:cf:
6b:ba:63:b1:39:38:48:20:8b:20:3d:f4:c8:2e:62:
50:3e:76:62:e2:32:5d:aa:ce:a5:1b:51:53:03:7f:
5c:34:af:88:68:3f:c6:fd:ad:75:44:3a:e6:b6:3e:
3f:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:FB:C8:0A:04:4A:3C:2E:84:F8:A0:4D:AB:37:FC:15:F0:A1:DA:1A
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Z_vICgRKPC6E-KBNqzf8FfCh2ho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
57:99:28:95:b0:af:99:06:29:57:65:b0:8e:7a:c9:f3:33:81:
f0:0c:c9:d1:ab:db:ae:4d:f0:2d:42:84:c5:82:e0:4b:3b:0c:
70:2a:fb:ff:ac:d7:97:3a:c3:0a:bd:de:8e:e2:ed:8b:b5:5d:
0e:07:16:85:18:eb:76:a9:6b:d0:64:7e:11:7b:27:f4:f1:49:
0c:68:5f:a8:36:7b:b4:7e:30:49:4c:27:25:ad:6d:41:ff:70:
8b:2d:53:94:6a:4f:1a:d7:5c:5c:af:2f:79:cf:da:db:14:33:
61:64:43:50:f0:df:b4:45:e8:ad:ab:a3:45:0d:d8:aa:36:fb:
18:f5:80:74:53:d9:0f:36:42:7e:6b:d5:bc:e2:3a:47:3f:76:
f7:ae:5c:3a:0b:44:0c:6b:03:86:73:fa:11:d0:c9:04:e6:11:
a6:28:d3:09:00:47:f1:e0:63:61:ff:9e:40:26:03:01:11:3c:
2e:97:14:78:e2:29:8e:d4:60:a2:c4:e6:9c:0b:49:19:f9:d2:
c4:2f:8f:cd:af:1d:a3:83:83:1f:09:dd:e5:8d:44:b7:af:bb:
87:3e:98:cc:62:ee:70:53:0c:1d:df:ea:c1:41:79:b7:dc:97:
ff:9c:a1:23:f7:7a:e4:38:82:14:8b:bc:75:ef:5f:0d:16:a4:
8a:80:ef:2a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5JUFSWHhvgO/8STJhnDoNtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE2MjIwOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2ZiYzgwYTA0NGEzYzJlODRmOGEwNGRhYjM3ZmMxNWYwYTFkYTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjOA9NvTfEEtNTuIBvJCoXIvWdD6
xSTe86eOzHLvUexyeZdow9chf9aSASn1gjq8pFTvWfmmBiLc4vecDLS40t8W9Db+
j+ERwIkLRJZbl7bmt+aprxmqL8/3JEHBMFpsX7ubmv7Md75ZbfCTsDvYjNcg8ywU
78UMyC/n33P3jNphCCcR1RpfqqHv9p8+jVEBsFpasB9dStpDb+fc44OCm3hzBOC9
wtDnAc/AqMQRhOPNZhHlK1gwKLbH3iYm/rMS0dBbvT86l+wE/IGL26GOTs9rumOx
OThIIIsgPfTILmJQPnZi4jJdqs6lG1FTA39cNK+IaD/G/a11RDrmtj4/eQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGf7yAoESjwuhPigTas3/BXwodoaMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWl92SUNnUktQQzZFLUtCTnF6ZjhGZkNoMmhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFeZKJWwr5kGKVdlsI56
yfMzgfAMydGr265N8C1ChMWC4Es7DHAq+/+s15c6wwq93o7i7Yu1XQ4HFoUY63ap
a9BkfhF7J/TxSQxoX6g2e7R+MElMJyWtbUH/cIstU5RqTxrXXFyvL3nP2tsUM2Fk
Q1Dw37RF6K2ro0UN2Ko2+xj1gHRT2Q82Qn5r1bziOkc/dveuXDoLRAxrA4Zz+hHQ
yQTmEaYo0wkAR/HgY2H/nkAmAwERPC6XFHjiKY7UYKLE5pwLSRn50sQvj82vHaOD
gx8J3eWNRLevu4c+mMxi7nBTDB3f6sFBebfcl/+coSP3euQ4ghSLvHXvXw0WpIqA
7yo=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:23:51 2025 by rpki-client