Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/z4hetbl3kZNRJfbDD-bViBrgE2o.roa
File: z4hetbl3kZNRJfbDD-bViBrgE2o.roa (raw, json)
Hash identifier: qp02PkCxYHOoY4inqcjvzYMYIVEVn7L38UT4+H1zP58=
Subject key identifier: CF:88:5E:B5:B9:77:91:93:51:25:F6:C3:0F:E6:D5:88:1A:E0:13:6A
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D84BED543CD95DB061E04E4F30D637B0F
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/z4hetbl3kZNRJfbDD-bViBrgE2o.roa
Signing time: Wed 07 Feb 2024 18:05:15 +0000
ROA not before: Wed 07 Feb 2024 18:05:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:84be:6c7/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:84:be:d5:43:cd:95:db:06:1e:04:e4:f3:0d:63:7b:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 7 18:05:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf885eb5b97791935125f6c30fe6d5881ae0136a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:54:0b:a7:df:ac:a8:b7:44:89:37:05:cc:09:
b6:83:45:2b:64:4a:b4:a9:64:9b:a3:95:57:a3:ba:
6f:e5:69:38:ad:94:d3:15:93:6c:3c:3a:63:9f:91:
d5:04:fc:b1:bf:b9:10:29:0d:49:82:1a:93:45:4d:
00:e0:b4:e0:b3:b1:fd:a2:29:ea:af:5e:76:e5:40:
12:f8:a3:7a:28:ea:8f:56:bf:1c:b8:97:45:9b:43:
46:83:c1:9d:6c:e8:e5:b3:ba:2f:b7:69:e9:9e:0b:
49:f6:f7:38:3c:ba:d3:ba:eb:e4:34:de:55:e2:13:
03:ff:16:16:ac:bb:16:3f:61:42:dd:53:d1:22:3a:
0d:cb:dc:bd:e3:69:81:e8:97:67:17:e7:8c:88:90:
c3:aa:c0:0c:6d:f9:34:9e:ad:bb:1a:ab:b1:d2:b6:
63:95:19:39:18:3c:59:82:e2:bc:f3:90:50:dc:28:
22:28:60:37:00:6e:f2:21:83:4a:c3:20:88:76:79:
ec:ef:ae:f2:02:a6:c0:af:c9:89:fd:f0:63:1a:54:
e8:1b:8f:de:5e:0e:85:48:7b:44:e9:6a:e8:16:ef:
ff:ed:48:b0:c9:6e:b7:7d:bc:db:e9:c0:c4:ca:82:
51:af:a9:b0:05:cb:ca:e8:6e:bd:6b:de:6e:ca:d5:
40:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:88:5E:B5:B9:77:91:93:51:25:F6:C3:0F:E6:D5:88:1A:E0:13:6A
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/z4hetbl3kZNRJfbDD-bViBrgE2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7e:99:ed:44:26:be:a2:ac:57:44:71:f5:8a:90:87:e6:21:a8:
26:f0:6b:0b:7a:f1:b9:30:7f:60:95:bd:b0:cb:53:64:f9:77:
be:70:ab:a7:3f:a1:ff:d3:1d:d0:df:1a:9d:6c:a8:01:05:7b:
0d:72:28:84:9a:b8:88:d9:16:cc:90:46:ae:4e:07:07:70:81:
fc:84:ff:ea:0f:3d:ed:80:99:4d:22:e6:90:bd:2b:9b:d2:7e:
6e:94:21:c4:4f:d7:47:a7:6d:8d:6d:ee:87:e7:88:46:13:68:
40:77:35:dd:26:e7:dc:fc:1f:a8:ad:7d:74:15:c5:96:cb:6c:
3e:55:22:ae:46:ad:8b:b8:fe:66:ce:20:64:9d:ff:37:93:fd:
d9:8f:03:19:b6:84:b6:42:f3:46:d5:92:ba:4f:f4:f5:22:0b:
a0:09:05:1d:ae:8e:85:0f:f4:dc:02:e2:0d:c9:6d:6a:73:eb:
62:1c:e9:d7:df:47:e1:5b:f5:c1:13:07:97:11:ed:06:2e:0c:
39:a6:cc:3d:03:c3:52:56:f7:48:e2:ca:d1:e2:fb:f9:92:d4:
a9:d1:63:9b:09:ed:a6:5a:42:c1:d7:65:1c:e5:89:af:12:6a:
d1:f5:91:da:c3:ca:47:ef:01:b8:90:cc:7b:57:84:7c:d8:ae:
59:24:96:a9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2EvtVDzZXbBh4E5PMNY3sPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA3MTgwNTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjg4NWViNWI5Nzc5MTkzNTEyNWY2YzMwZmU2ZDU4ODFhZTAxMzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVQLp9+sqLdEiTcFzAm2g0UrZEq0
qWSbo5VXo7pv5Wk4rZTTFZNsPDpjn5HVBPyxv7kQKQ1JghqTRU0A4LTgs7H9oinq
r1525UAS+KN6KOqPVr8cuJdFm0NGg8GdbOjls7ovt2npngtJ9vc4PLrTuuvkNN5V
4hMD/xYWrLsWP2FC3VPRIjoNy9y942mB6JdnF+eMiJDDqsAMbfk0nq27Gqux0rZj
lRk5GDxZguK885BQ3CgiKGA3AG7yIYNKwyCIdnns767yAqbAr8mJ/fBjGlToG4/e
Xg6FSHtE6WroFu//7UiwyW63fbzb6cDEyoJRr6mwBcvK6G69a95uytVAawIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM+IXrW5d5GTUSX2ww/m1Yga4BNqMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvejRoZXRibDNrWk5SSmZiREQtYlZpQnJnRTJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH6Z7UQmvqKsV0Rx9YqQ
h+YhqCbwawt68bkwf2CVvbDLU2T5d75wq6c/of/THdDfGp1sqAEFew1yKISauIjZ
FsyQRq5OBwdwgfyE/+oPPe2AmU0i5pC9K5vSfm6UIcRP10enbY1t7ofniEYTaEB3
Nd0m59z8H6itfXQVxZbLbD5VIq5GrYu4/mbOIGSd/zeT/dmPAxm2hLZC80bVkrpP
9PUiC6AJBR2ujoUP9NwC4g3JbWpz62Ic6dffR+Fb9cETB5cR7QYuDDmmzD0Dw1JW
90jiytHi+/mS1KnRY5sJ7aZaQsHXZRzlia8SatH1kdrDykfvAbiQzHtXhHzYrlkk
lqk=
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:11:42 2025 by rpki-client