Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/pZ4R-SK6mHKS70hg74vTDxBz04U.roa
File: pZ4R-SK6mHKS70hg74vTDxBz04U.roa (raw, json)
Hash identifier: XJKcfhBwDi5GMni4O1yzq2Goo9RhgwG8OcuJHSnuqA8=
Subject key identifier: A5:9E:11:F9:22:BA:98:72:92:EF:48:60:EF:8B:D3:0F:10:73:D3:85
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EE32B90B8B4AA8E2610A3736A51A7794F
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/pZ4R-SK6mHKS70hg74vTDxBz04U.roa
Signing time: Mon 15 Apr 2024 19:11:06 +0000
ROA not before: Mon 15 Apr 2024 19:11:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e3:2b:90:b8:b4:aa:8e:26:10:a3:73:6a:51:a7:79:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 15 19:11:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a59e11f922ba987292ef4860ef8bd30f1073d385
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:89:dc:ab:b6:55:28:ca:57:7c:62:5b:de:8c:
2c:c6:5a:34:de:8b:34:1c:74:f0:51:18:f6:19:19:
fd:b0:7d:33:fe:89:b0:24:dd:9e:83:a9:f2:28:a7:
5d:38:90:94:16:42:f4:e7:98:6b:e6:b8:81:f9:30:
70:60:da:1c:31:f0:c4:cf:02:a4:6d:e2:40:c9:47:
2c:2d:d0:3f:b1:a5:42:d9:70:67:cb:09:51:4b:8d:
34:6e:46:21:8d:88:cd:c6:21:8d:ae:9c:37:1c:9d:
db:df:05:ac:4c:48:07:7d:62:99:42:7c:c0:45:72:
46:79:54:98:ce:7b:c3:a9:8d:dc:63:a6:6a:06:24:
6d:37:37:82:69:11:d0:c9:6c:ab:0e:53:03:b4:40:
b3:a7:e2:6f:40:73:45:72:35:17:c8:b9:29:f0:e5:
79:73:60:52:9a:20:90:d0:48:52:7d:5a:7d:5d:24:
15:b1:a4:04:fa:a1:7b:b5:44:fe:c3:a7:a7:2b:c5:
e6:66:35:87:71:b7:da:ef:e3:3e:aa:ed:59:b3:e9:
f1:90:5e:bb:f4:5f:2b:8c:ad:df:eb:38:b5:66:ff:
20:5d:5b:4b:eb:74:62:63:e2:4b:d4:90:2d:3f:74:
3a:ab:0b:43:9c:5f:71:99:7f:5b:70:6c:16:5d:23:
24:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:9E:11:F9:22:BA:98:72:92:EF:48:60:EF:8B:D3:0F:10:73:D3:85
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/pZ4R-SK6mHKS70hg74vTDxBz04U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
96:fa:b8:08:70:6e:85:7c:c2:1a:fa:55:58:24:05:fc:b7:bf:
3f:cd:f0:40:6b:59:5b:ab:54:0e:7a:fb:76:c2:a7:d2:24:8f:
d3:78:83:9f:10:34:5c:be:d6:af:ff:ab:cb:34:8a:db:7b:06:
34:cc:6c:45:14:dd:a4:4a:54:5e:a4:ac:3c:b9:e1:6d:eb:7c:
0e:69:eb:73:23:78:46:08:ff:db:df:84:e7:9d:98:f9:5c:00:
5b:8e:bd:ce:fa:96:f8:04:26:7b:da:a1:10:83:53:5a:4b:52:
62:c4:6b:2b:dc:dc:b9:f9:e6:94:0a:5a:aa:4a:33:ab:b5:75:
a3:f1:00:39:e2:80:3d:84:61:00:ba:13:12:90:6e:09:55:c1:
f0:52:26:6e:dd:2e:af:97:9d:49:d4:17:9a:30:f4:f1:24:01:
b2:bb:38:3a:1a:2d:c7:30:9a:a9:c5:05:f1:54:cf:65:da:67:
fc:ee:4f:aa:84:71:89:0f:3f:5d:93:7b:2d:fe:88:44:e7:e7:
ce:81:94:f1:24:23:6d:69:cb:1a:f7:67:b2:ce:4d:d6:e6:84:
59:4a:3e:fd:a3:e1:3f:65:3b:e1:12:30:a8:58:1b:1a:d6:a9:
ec:a4:1e:4c:1f:cd:a0:95:b3:e4:5d:fe:49:fa:99:53:d6:52:
3e:c0:6d:0e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7jK5C4tKqOJhCjc2pRp3lPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDE1MTkxMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTllMTFmOTIyYmE5ODcyOTJlZjQ4NjBlZjhiZDMwZjEwNzNkMzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIncq7ZVKMpXfGJb3owsxlo03os0
HHTwURj2GRn9sH0z/omwJN2eg6nyKKddOJCUFkL055hr5riB+TBwYNocMfDEzwKk
beJAyUcsLdA/saVC2XBnywlRS400bkYhjYjNxiGNrpw3HJ3b3wWsTEgHfWKZQnzA
RXJGeVSYznvDqY3cY6ZqBiRtNzeCaRHQyWyrDlMDtECzp+JvQHNFcjUXyLkp8OV5
c2BSmiCQ0EhSfVp9XSQVsaQE+qF7tUT+w6enK8XmZjWHcbfa7+M+qu1Zs+nxkF67
9F8rjK3f6zi1Zv8gXVtL63RiY+JL1JAtP3Q6qwtDnF9xmX9bcGwWXSMkIQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKWeEfkiuphyku9IYO+L0w8Qc9OFMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcFo0Ui1TSzZtSEtTNzBoZzc0dlREeEJ6MDRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJb6uAhwboV8whr6VVgk
Bfy3vz/N8EBrWVurVA56+3bCp9Ikj9N4g58QNFy+1q//q8s0itt7BjTMbEUU3aRK
VF6krDy54W3rfA5p63MjeEYI/9vfhOedmPlcAFuOvc76lvgEJnvaoRCDU1pLUmLE
ayvc3Ln55pQKWqpKM6u1daPxADnigD2EYQC6ExKQbglVwfBSJm7dLq+XnUnUF5ow
9PEkAbK7ODoaLccwmqnFBfFUz2XaZ/zuT6qEcYkPP12Tey3+iETn586BlPEkI21p
yxr3Z7LOTdbmhFlKPv2j4T9lO+ESMKhYGxrWqeykHkwfzaCVs+Rd/kn6mVPWUj7A
bQ4=
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:29:26 2025 by rpki-client