Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/rzr4MDF4o_oCzF2iI_-Y6mmiflQ.roa
File: rzr4MDF4o_oCzF2iI_-Y6mmiflQ.roa (raw, json)
Hash identifier: F1zcMLkL7OQekPDaWCTWr/wBpkWbbh4eg9zR/xzTMt8=
Subject key identifier: AF:3A:F8:30:31:78:A3:FA:02:CC:5D:A2:23:FF:98:EA:69:A2:7E:54
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D288093A05E066EC411016E8CB80121E4
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/rzr4MDF4o_oCzF2iI_-Y6mmiflQ.roa
Signing time: Sat 20 Jan 2024 20:12:11 +0000
ROA not before: Sat 20 Jan 2024 20:12:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:28:80:93:a0:5e:06:6e:c4:11:01:6e:8c:b8:01:21:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 20 20:12:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af3af8303178a3fa02cc5da223ff98ea69a27e54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:d3:2b:84:3f:52:8f:aa:a7:04:d1:11:9c:bd:
a3:47:af:1e:3f:16:94:5a:34:a6:f4:bf:b3:90:aa:
b9:8c:1c:f3:a9:52:05:67:db:31:43:a6:1a:83:22:
b4:a0:bf:5f:a3:c1:1b:22:ef:d7:1a:d5:11:1c:dd:
a5:1b:97:12:7e:43:65:94:30:20:1c:d3:49:d0:f9:
2b:26:73:11:29:79:30:d0:3e:ee:54:dd:13:22:af:
ab:92:9b:ad:67:07:6d:65:95:1d:59:29:2e:a0:dc:
91:46:dc:2f:c9:f6:98:81:03:7a:39:ac:bb:58:01:
01:58:83:8a:e7:88:2d:59:c0:e1:d1:66:33:17:c4:
80:c0:3c:c5:d6:53:9c:5a:c0:10:eb:60:c9:72:02:
3c:6c:c9:46:66:9c:31:e5:0c:20:c2:aa:44:08:ac:
94:ee:49:67:65:ee:1f:04:be:cc:d0:e2:25:e4:0f:
ea:91:8f:11:c1:cd:2b:fb:3b:e9:f0:43:34:76:d0:
ea:3d:be:5c:15:e3:0d:10:2e:c0:ab:41:df:23:8e:
07:58:ef:cf:ed:aa:34:e2:d7:66:2d:ba:94:fe:81:
e4:14:ae:9f:7a:ca:47:d0:6e:00:97:df:cf:65:df:
37:a3:a6:67:81:af:b3:f3:8a:e6:f6:27:85:eb:d9:
fd:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:3A:F8:30:31:78:A3:FA:02:CC:5D:A2:23:FF:98:EA:69:A2:7E:54
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/rzr4MDF4o_oCzF2iI_-Y6mmiflQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
73:63:f8:38:e0:2d:36:a0:f4:7a:21:04:5e:2a:d6:27:fb:0c:
c8:eb:b6:5f:df:8c:06:f1:47:86:4d:bd:a7:39:51:77:9e:b7:
65:3c:88:77:bb:25:ca:06:cb:4a:fe:ff:d9:9e:43:b1:dc:58:
1d:5e:53:d3:6e:8b:e8:07:3e:8e:c3:41:88:25:80:b4:e0:2f:
a1:2a:92:4e:8f:ce:ea:dd:8b:1a:52:66:a0:46:35:20:a9:f3:
50:74:19:e8:ad:b0:9b:19:80:bf:75:cb:88:72:86:1b:5b:75:
45:8a:7c:f6:a0:22:89:f6:15:9a:e6:7a:b5:d6:37:bb:a5:7d:
c0:74:9c:22:4b:23:69:e8:5f:e5:85:0c:9e:fb:05:8e:12:be:
5a:f8:85:50:cf:a6:f1:59:5f:55:58:34:a4:a5:e4:19:78:4f:
ab:c8:89:28:7a:ea:aa:e9:da:bc:82:e6:82:be:56:19:e7:2b:
87:ce:8e:6d:46:5b:d0:cc:39:16:ed:97:4f:08:68:c5:ce:cc:
0c:59:fb:89:c0:51:6e:b2:12:d5:ed:aa:3f:8d:6c:7d:4d:07:
88:c3:de:19:95:f1:a5:d3:7f:c6:27:45:7a:8b:ed:46:6d:16:
db:f2:16:bf:99:a4:ba:62:7c:10:16:d1:5a:b8:51:b3:03:d1:
9b:24:8f:fa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0ogJOgXgZuxBEBboy4ASHkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTIwMjAxMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjNhZjgzMDMxNzhhM2ZhMDJjYzVkYTIyM2ZmOThlYTY5YTI3ZTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdMrhD9Sj6qnBNERnL2jR68ePxaU
WjSm9L+zkKq5jBzzqVIFZ9sxQ6YagyK0oL9fo8EbIu/XGtURHN2lG5cSfkNllDAg
HNNJ0PkrJnMRKXkw0D7uVN0TIq+rkputZwdtZZUdWSkuoNyRRtwvyfaYgQN6Oay7
WAEBWIOK54gtWcDh0WYzF8SAwDzF1lOcWsAQ62DJcgI8bMlGZpwx5QwgwqpECKyU
7klnZe4fBL7M0OIl5A/qkY8Rwc0r+zvp8EM0dtDqPb5cFeMNEC7Aq0HfI44HWO/P
7ao04tdmLbqU/oHkFK6fespH0G4Al9/PZd83o6Znga+z84rm9ieF69n9MQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK86+DAxeKP6AsxdoiP/mOppon5UMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcnpyNE1ERjRvX29DekYyaUlfLVk2bW1pZmxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHNj+DjgLTag9HohBF4q
1if7DMjrtl/fjAbxR4ZNvac5UXeet2U8iHe7JcoGy0r+/9meQ7HcWB1eU9Nui+gH
Po7DQYglgLTgL6Eqkk6PzurdixpSZqBGNSCp81B0GeitsJsZgL91y4hyhhtbdUWK
fPagIon2FZrmerXWN7ulfcB0nCJLI2noX+WFDJ77BY4Svlr4hVDPpvFZX1VYNKSl
5Bl4T6vIiSh66qrp2ryC5oK+VhnnK4fOjm1GW9DMORbtl08IaMXOzAxZ+4nAUW6y
EtXtqj+NbH1NB4jD3hmV8aXTf8YnRXqL7UZtFtvyFr+ZpLpifBAW0Vq4UbMD0Zsk
j/o=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:37:16 2025 by rpki-client