Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/kZzfRd-SRVZexcsSXSKSoADX-RI.roa
File: kZzfRd-SRVZexcsSXSKSoADX-RI.roa (raw, json)
Hash identifier: xMUCc++lcGzaGBsFKGe4EWgJShktspde9JB4tYrgFGs=
Subject key identifier: 91:9C:DF:45:DF:92:45:56:5E:C5:CB:12:5D:22:92:A0:00:D7:F9:12
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DEA0627A471899DF00FEBC00E810B3A13
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/kZzfRd-SRVZexcsSXSKSoADX-RI.roa
Signing time: Tue 27 Feb 2024 10:04:48 +0000
ROA not before: Tue 27 Feb 2024 10:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18d:ea06:1527/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ea:06:27:a4:71:89:9d:f0:0f:eb:c0:0e:81:0b:3a:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 27 10:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=919cdf45df9245565ec5cb125d2292a000d7f912
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:af:2a:0d:8e:04:ab:9f:6a:7a:48:94:e0:6d:
aa:09:15:ff:22:f1:e6:c7:ae:21:21:b9:fa:a9:8f:
c0:f0:6a:65:e9:c3:43:c5:69:8d:78:af:ed:22:af:
3b:56:bc:a6:e5:32:5d:68:d5:34:eb:11:45:1f:cd:
ed:e7:f0:e1:5f:11:c5:cd:86:07:6b:14:65:16:72:
38:64:b6:af:e8:d5:73:51:74:6e:63:a1:ab:3a:b6:
ce:1b:34:f3:a4:6d:ba:84:1c:7e:09:76:72:f6:bb:
82:93:f5:17:a3:75:23:52:a4:91:ee:5a:cf:83:40:
d0:c1:d3:bf:ac:3a:31:16:ee:15:c6:32:d0:be:86:
9f:2e:0d:e4:37:fd:fd:65:ec:5a:46:01:26:3e:85:
93:ed:be:d6:41:f3:4b:cd:34:0a:0f:05:8b:13:0b:
a9:19:1f:09:fb:14:06:dc:ef:60:3c:3a:72:67:8a:
45:b1:de:90:e3:4b:10:57:dd:e7:4d:d0:47:32:e5:
cf:4b:d3:08:19:f6:78:a5:a9:5b:44:79:f6:88:b4:
8f:cc:d6:1a:98:58:a8:75:09:bf:27:20:e0:b0:96:
52:31:74:33:34:a8:ce:06:1a:16:7e:30:44:66:7c:
f5:fd:7c:0a:c6:fa:99:23:3e:16:ea:fe:27:98:bc:
1b:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:9C:DF:45:DF:92:45:56:5E:C5:CB:12:5D:22:92:A0:00:D7:F9:12
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/kZzfRd-SRVZexcsSXSKSoADX-RI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
51:97:1e:2c:7c:7b:0c:dc:21:c1:b2:43:93:57:e7:18:5b:dc:
65:c5:df:8f:3b:5f:33:15:48:d2:07:83:2c:96:c1:58:a7:c3:
02:1a:3b:13:9f:9b:9b:10:73:8a:80:13:98:f6:87:93:b8:04:
0c:53:04:e8:bc:2b:76:fd:a2:b3:fc:1d:4a:96:a9:15:81:99:
42:e8:f9:db:c0:e7:65:fb:af:19:10:37:ce:08:18:12:25:f8:
0c:e3:1f:fc:37:71:0b:b8:1f:d5:60:af:35:f9:05:38:ef:5b:
8f:8a:0b:c6:49:ff:fe:df:46:67:87:bd:bd:29:e3:1a:ab:97:
76:bd:1f:18:1d:a9:20:77:0c:ab:59:ab:f5:e9:2e:4f:f7:fe:
ad:6f:bc:f7:61:52:f0:2a:e1:12:3e:06:41:77:47:34:e7:9a:
05:bd:25:a5:d1:3a:8b:ff:42:7c:c5:30:a7:1b:3f:c4:2b:67:
ba:91:c5:3e:32:44:47:6d:91:3f:01:01:a5:cb:38:98:ef:39:
fe:4b:f0:e4:e9:93:df:13:64:3c:09:53:07:6e:98:04:b1:8f:
0d:41:2b:26:ce:5b:5b:99:ea:00:60:5e:d0:72:ae:f4:ca:6d:
a4:93:f0:27:2e:39:35:63:76:bf:01:32:f3:92:e4:dd:92:9f:
bc:03:bc:6b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3qBiekcYmd8A/rwA6BCzoTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI3MTAwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTljZGY0NWRmOTI0NTU2NWVjNWNiMTI1ZDIyOTJhMDAwZDdmOTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmK8qDY4Eq59qekiU4G2qCRX/IvHm
x64hIbn6qY/A8Gpl6cNDxWmNeK/tIq87Vrym5TJdaNU06xFFH83t5/DhXxHFzYYH
axRlFnI4ZLav6NVzUXRuY6GrOrbOGzTzpG26hBx+CXZy9ruCk/UXo3UjUqSR7lrP
g0DQwdO/rDoxFu4VxjLQvoafLg3kN/39ZexaRgEmPoWT7b7WQfNLzTQKDwWLEwup
GR8J+xQG3O9gPDpyZ4pFsd6Q40sQV93nTdBHMuXPS9MIGfZ4palbRHn2iLSPzNYa
mFiodQm/JyDgsJZSMXQzNKjOBhoWfjBEZnz1/XwKxvqZIz4W6v4nmLwbywIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJGc30XfkkVWXsXLEl0ikqAA1/kSMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEva1p6ZlJkLVNSVlpleGNzU1hTS1NvQURYLVJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFGXHix8ewzcIcGyQ5NX
5xhb3GXF3487XzMVSNIHgyyWwVinwwIaOxOfm5sQc4qAE5j2h5O4BAxTBOi8K3b9
orP8HUqWqRWBmULo+dvA52X7rxkQN84IGBIl+AzjH/w3cQu4H9VgrzX5BTjvW4+K
C8ZJ//7fRmeHvb0p4xqrl3a9HxgdqSB3DKtZq/XpLk/3/q1vvPdhUvAq4RI+BkF3
RzTnmgW9JaXROov/QnzFMKcbP8QrZ7qRxT4yREdtkT8BAaXLOJjvOf5L8OTpk98T
ZDwJUwdumASxjw1BKybOW1uZ6gBgXtByrvTKbaST8CcuOTVjdr8BMvOS5N2Sn7wD
vGs=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:16:05 2025 by rpki-client