Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/zIBnSUO-F1puNXng3zKOH8H5Hlo.roa
File: zIBnSUO-F1puNXng3zKOH8H5Hlo.roa (raw, json)
Hash identifier: qXoCm0hzEC/oNevB+MiBUgdLE0zo95Qzv/YDNs3CdV0=
Subject key identifier: CC:80:67:49:43:BE:17:5A:6E:35:79:E0:DF:32:8E:1F:C1:F9:1E:5A
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CD1D1AB734528C657AE424048F2A878D0
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/zIBnSUO-F1puNXng3zKOH8H5Hlo.roa
Signing time: Thu 04 Jan 2024 00:13:48 +0000
ROA not before: Thu 04 Jan 2024 00:13:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d1:d1:ab:73:45:28:c6:57:ae:42:40:48:f2:a8:78:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 4 00:13:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc80674943be175a6e3579e0df328e1fc1f91e5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5d:1b:14:73:86:29:d2:38:ae:c2:a6:c5:80:
80:be:de:07:34:91:6b:4f:cc:9a:97:7a:f4:12:d9:
b7:b5:2d:6b:92:3d:2c:a1:59:83:45:a8:42:3d:91:
97:d5:fc:00:77:c1:5b:e8:a6:3c:67:02:da:79:07:
cd:c1:b9:cf:98:2e:dc:7e:89:65:b7:db:3d:f7:0b:
de:be:d1:36:1f:6a:c2:a1:68:b8:58:cf:1f:54:f1:
47:6b:e4:3a:83:a2:14:a5:9b:7a:6a:ba:98:7c:f4:
a7:f3:9f:b1:fa:8f:87:3f:81:9e:77:ed:fa:3e:2d:
0c:fd:c0:4f:7f:f4:c8:a3:78:f6:d3:59:ae:e9:97:
72:6a:5c:ac:56:01:a3:b9:a1:ce:51:44:d3:49:13:
47:cf:74:76:9e:4f:d1:e6:05:1d:3c:c6:4a:08:92:
84:76:b6:c6:21:0f:78:58:1f:c8:e8:13:ea:45:9e:
b6:33:1d:d0:2e:d5:7e:f1:2e:93:83:2d:c1:c2:ea:
b5:82:60:2c:ed:19:8f:d7:6d:49:19:9b:98:47:e7:
e4:0a:7c:7f:f4:b3:e0:20:38:a3:b7:bf:d4:d3:14:
15:2f:ad:62:7c:b9:dd:92:4b:cd:b5:7c:5a:12:ad:
35:b8:50:77:c3:6e:5f:49:03:d8:9e:4d:9b:95:4f:
c7:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:80:67:49:43:BE:17:5A:6E:35:79:E0:DF:32:8E:1F:C1:F9:1E:5A
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/zIBnSUO-F1puNXng3zKOH8H5Hlo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
95:c4:8e:0d:7b:64:f2:f3:29:2a:d7:8b:a5:4c:ed:08:39:b6:
89:f5:36:4a:c8:6c:05:7d:6f:78:60:f3:50:d1:34:f1:54:71:
b6:13:70:5d:c0:ca:0d:4d:e6:ca:57:0e:31:fc:fc:75:b9:a1:
43:98:4a:12:aa:16:a8:df:85:d5:fb:48:24:f8:64:a7:d0:9b:
e3:7f:de:ec:74:ab:e6:53:61:1c:89:31:21:b7:f8:ea:c6:35:
60:d1:30:26:21:1d:fc:c2:a0:22:af:d1:c7:70:d8:1f:aa:5b:
a5:a6:d7:98:a2:ce:66:5b:84:dc:e1:64:21:12:8c:d8:4e:63:
6d:ae:40:f6:e8:b0:9f:9b:61:66:3b:5c:48:30:f2:57:ee:56:
54:d9:54:cd:36:b2:e5:06:1d:78:a8:7d:84:c7:6f:84:07:69:
26:35:86:b5:f7:fb:0b:ea:0f:63:66:c3:26:14:b0:d2:21:ce:
8d:05:18:f8:e2:af:e4:bb:7e:db:e5:e5:4d:aa:52:8b:96:40:
88:9b:bc:ee:ba:ea:5d:82:99:24:42:c2:dd:f0:ab:c8:77:c0:
fd:2d:26:9f:00:80:ca:4b:3b:cb:63:61:65:9a:8c:05:bb:79:
43:11:d0:3d:39:99:c4:35:e0:1f:d7:5f:02:af:ce:fa:24:73:
74:95:8f:aa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzR0atzRSjGV65CQEjyqHjQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA0MDAxMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzgwNjc0OTQzYmUxNzVhNmUzNTc5ZTBkZjMyOGUxZmMxZjkxZTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo10bFHOGKdI4rsKmxYCAvt4HNJFr
T8yal3r0Etm3tS1rkj0soVmDRahCPZGX1fwAd8Fb6KY8ZwLaeQfNwbnPmC7cfoll
t9s99wvevtE2H2rCoWi4WM8fVPFHa+Q6g6IUpZt6arqYfPSn85+x+o+HP4Ged+36
Pi0M/cBPf/TIo3j201mu6ZdyalysVgGjuaHOUUTTSRNHz3R2nk/R5gUdPMZKCJKE
drbGIQ94WB/I6BPqRZ62Mx3QLtV+8S6Tgy3Bwuq1gmAs7RmP121JGZuYR+fkCnx/
9LPgIDijt7/U0xQVL61ifLndkkvNtXxaEq01uFB3w25fSQPYnk2blU/HKQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMyAZ0lDvhdabjV54N8yjh/B+R5aMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEveklCblNVTy1GMXB1TlhuZzN6S09IOEg1SGxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJXEjg17ZPLzKSrXi6VM
7Qg5ton1NkrIbAV9b3hg81DRNPFUcbYTcF3Ayg1N5spXDjH8/HW5oUOYShKqFqjf
hdX7SCT4ZKfQm+N/3ux0q+ZTYRyJMSG3+OrGNWDRMCYhHfzCoCKv0cdw2B+qW6Wm
15iizmZbhNzhZCESjNhOY22uQPbosJ+bYWY7XEgw8lfuVlTZVM02suUGHXiofYTH
b4QHaSY1hrX3+wvqD2NmwyYUsNIhzo0FGPjir+S7ftvl5U2qUouWQIibvO666l2C
mSRCwt3wq8h3wP0tJp8AgMpLO8tjYWWajAW7eUMR0D05mcQ14B/XXwKvzvokc3SV
j6o=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:46:26 2025 by rpki-client