Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/pzOC61ulQrXCsA27gGV1KuEkuq8.roa
File: pzOC61ulQrXCsA27gGV1KuEkuq8.roa (raw, json)
Hash identifier: TQtca7oY8+rVyWGtpDsLvcYfN6gwGkj4MikpIwSSzZY=
Subject key identifier: A7:33:82:EB:5B:A5:42:B5:C2:B0:0D:BB:80:65:75:2A:E1:24:BA:AF
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E995AF608484BBA806AD0BCA9563752F5
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/pzOC61ulQrXCsA27gGV1KuEkuq8.roa
Signing time: Mon 01 Apr 2024 11:10:59 +0000
ROA not before: Mon 01 Apr 2024 11:10:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:99:5a:f6:08:48:4b:ba:80:6a:d0:bc:a9:56:37:52:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 1 11:10:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a73382eb5ba542b5c2b00dbb8065752ae124baaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:5c:d1:e4:08:b4:ab:86:75:60:af:5d:ee:24:
8d:ea:9b:7f:96:e1:df:b4:82:65:e0:d9:f5:6e:9f:
13:67:6a:13:ed:64:c2:33:68:ad:ac:1a:65:6c:db:
bb:11:2b:22:9e:f4:f8:08:6e:20:d5:b3:21:16:db:
f6:3e:40:7f:e5:92:b3:02:20:36:15:4d:9e:e1:69:
50:59:83:ea:5d:f1:7b:5a:8a:37:15:b1:48:50:f7:
d0:e9:3a:d8:b5:d3:42:c3:95:71:6a:70:99:ca:cc:
87:db:bf:fc:c5:b8:22:0d:3e:9b:0d:5e:31:d9:cc:
2b:1e:29:18:2a:c3:14:46:00:42:94:29:fd:2d:7e:
89:e0:64:fb:1d:8a:c3:ee:06:0d:41:a3:d1:9f:c2:
c3:52:67:7f:7c:0a:af:06:38:ce:79:84:ee:29:55:
b4:de:f9:d0:b3:7d:bf:ff:69:32:46:d4:f2:7f:86:
55:e5:a6:4b:c2:fa:18:63:2e:3b:0e:28:ba:54:59:
6c:1f:f2:96:14:91:96:22:9c:e8:32:38:40:d9:b8:
a8:bc:8f:0d:06:5e:93:5d:d6:0b:f1:be:c2:3c:64:
4d:c7:e8:1d:b0:ca:dc:6b:01:4b:dd:b1:88:5d:e8:
ea:64:80:6d:b0:66:e2:28:c9:12:6d:e6:e5:7f:ad:
1e:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:33:82:EB:5B:A5:42:B5:C2:B0:0D:BB:80:65:75:2A:E1:24:BA:AF
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/pzOC61ulQrXCsA27gGV1KuEkuq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
78:08:13:e0:9a:cb:b8:47:8f:21:0d:e0:33:a3:17:da:38:6f:
2c:9d:ce:36:11:e0:2c:ef:57:29:c4:eb:7d:6e:2e:6d:12:a8:
2f:a4:90:e4:ff:90:8c:3e:d3:c0:38:06:16:37:69:27:82:8f:
17:68:cf:51:ec:1f:51:38:0f:a3:9e:9b:e8:82:de:9a:87:66:
29:27:eb:de:37:26:03:93:07:e5:d1:55:62:52:f4:b9:ad:fd:
d1:6e:fc:b3:40:10:ee:28:f7:52:ee:42:0b:94:be:68:9b:be:
5d:b9:57:8e:ec:68:3a:c3:2d:59:d8:7e:37:78:7e:2b:95:e4:
99:dc:e6:82:3f:7d:9c:c6:be:57:14:29:3f:3d:2f:f8:32:3e:
3f:eb:c9:15:7c:5c:ee:a8:d1:02:ab:46:bc:88:02:47:e2:f3:
d1:29:2a:d5:96:75:e2:3d:12:61:5a:c2:b9:c8:10:ad:6e:23:
03:d6:e8:a1:93:a6:ac:d0:db:d7:e5:b2:6e:c2:ad:74:46:7a:
15:55:08:d3:4c:2b:cc:ff:56:70:f0:e2:0b:66:d0:f6:93:f6:
e7:42:7e:16:29:86:44:a4:8f:3d:c8:3d:3e:28:f6:73:ad:03:
df:6f:24:bd:9c:5f:9d:a6:ff:d3:c8:c4:a6:75:15:8b:bc:ad:
7c:51:54:31
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6ZWvYISEu6gGrQvKlWN1L1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDAxMTExMDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzMzODJlYjViYTU0MmI1YzJiMDBkYmI4MDY1NzUyYWUxMjRiYWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlzR5Ai0q4Z1YK9d7iSN6pt/luHf
tIJl4Nn1bp8TZ2oT7WTCM2itrBplbNu7ESsinvT4CG4g1bMhFtv2PkB/5ZKzAiA2
FU2e4WlQWYPqXfF7Woo3FbFIUPfQ6TrYtdNCw5VxanCZysyH27/8xbgiDT6bDV4x
2cwrHikYKsMURgBClCn9LX6J4GT7HYrD7gYNQaPRn8LDUmd/fAqvBjjOeYTuKVW0
3vnQs32//2kyRtTyf4ZV5aZLwvoYYy47Dii6VFlsH/KWFJGWIpzoMjhA2biovI8N
Bl6TXdYL8b7CPGRNx+gdsMrcawFL3bGIXejqZIBtsGbiKMkSbeblf60ebQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKczgutbpUK1wrANu4BldSrhJLqvMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcHpPQzYxdWxRclhDc0EyN2dHVjFLdUVrdXE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHgIE+Cay7hHjyEN4DOj
F9o4byydzjYR4CzvVynE631uLm0SqC+kkOT/kIw+08A4BhY3aSeCjxdoz1HsH1E4
D6Oem+iC3pqHZikn6943JgOTB+XRVWJS9Lmt/dFu/LNAEO4o91LuQguUvmibvl25
V47saDrDLVnYfjd4fiuV5Jnc5oI/fZzGvlcUKT89L/gyPj/ryRV8XO6o0QKrRryI
Akfi89EpKtWWdeI9EmFawrnIEK1uIwPW6KGTpqzQ29flsm7CrXRGehVVCNNMK8z/
VnDw4gtm0PaT9udCfhYphkSkjz3IPT4o9nOtA99vJL2cX52m/9PIxKZ1FYu8rXxR
VDE=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:29:12 2025 by rpki-client