Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/zQVF_B_BzTjodn1lEqI4diAvWGU.roa
File: zQVF_B_BzTjodn1lEqI4diAvWGU.roa (raw, json)
Hash identifier: tcVYMudlkHaoH0nKNADWch0LwsJhiiFdAVKDaOuQ3YI=
Subject key identifier: CD:05:45:FC:1F:C1:CD:38:E8:76:7D:65:12:A2:38:76:20:2F:58:65
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E63EDAF7E15E5F54E0E54D924339F20D5
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/zQVF_B_BzTjodn1lEqI4diAvWGU.roa
Signing time: Fri 22 Mar 2024 02:11:44 +0000
ROA not before: Fri 22 Mar 2024 02:11:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:63:ed:af:7e:15:e5:f5:4e:0e:54:d9:24:33:9f:20:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 22 02:11:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd0545fc1fc1cd38e8767d6512a23876202f5865
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:89:e2:f7:68:0e:24:dc:86:a2:cc:ef:67:20:
c1:ea:10:40:46:b5:84:e1:23:5b:19:d4:aa:5a:7a:
c4:ac:da:7b:b7:35:dc:a8:ad:de:3b:5a:b7:8d:ca:
08:09:6e:f2:e6:56:9d:8d:c6:42:f0:a7:2c:ee:44:
64:bf:20:cd:42:05:f0:ca:0e:48:c7:6e:24:56:10:
4c:0c:f1:a2:60:c4:4c:ec:65:f9:55:19:d6:bf:dd:
59:98:03:a1:15:d0:cb:1f:9b:df:9c:39:72:5e:2d:
5d:9a:1b:5c:29:d5:f9:5f:59:ad:6c:a6:81:48:cf:
fe:4d:44:85:96:c7:d7:bb:df:5f:f3:72:f3:3f:b6:
7e:62:21:fc:0b:c3:56:fb:d4:55:a8:03:26:f4:20:
1d:92:92:c4:12:3e:39:d7:53:36:cd:a0:10:21:63:
dd:d9:31:00:f7:e9:25:71:03:76:af:e3:21:41:46:
70:7a:44:f0:d6:f6:b7:2b:69:dc:e4:7b:cb:26:fe:
8b:f2:cb:a5:fc:4c:1e:04:74:ad:4e:91:7e:05:e6:
b9:36:6b:88:e8:e2:94:7d:61:14:ec:e9:6b:6b:ce:
eb:34:2b:d3:7b:72:3b:37:94:11:d2:c1:5e:72:ce:
f8:0c:dd:83:9a:42:d7:b6:ae:51:cc:38:f2:ce:10:
50:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:05:45:FC:1F:C1:CD:38:E8:76:7D:65:12:A2:38:76:20:2F:58:65
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/zQVF_B_BzTjodn1lEqI4diAvWGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8f:54:2b:e7:09:8d:1a:cd:f2:95:bd:65:5f:db:48:65:49:c6:
cb:25:8a:3b:87:9d:63:cd:b9:dd:1e:5e:aa:d3:0a:64:57:92:
5a:0b:8d:86:ab:b9:f6:12:9d:6e:fe:f2:27:62:5d:f8:d5:11:
45:23:8e:0e:b3:4c:4a:be:52:00:8f:4e:ec:36:7b:e5:19:83:
87:ad:b7:c3:27:1b:38:fe:f0:24:10:44:79:e5:7d:ad:c0:7d:
61:14:59:b5:40:67:8e:ba:d4:32:81:f4:5f:ee:b5:1c:44:79:
53:81:f2:f6:c9:e7:79:00:db:d0:3a:16:8f:87:70:1e:c6:2e:
bb:90:86:8d:ea:bf:52:9c:99:5b:08:e2:2e:61:0c:a6:54:d4:
4a:6c:f5:2a:27:85:d5:6c:a0:95:d4:94:7f:cf:3d:0f:94:e3:
aa:d5:2b:77:1a:6b:4f:ee:95:61:18:c4:10:16:05:da:b0:0b:
88:cc:30:96:bb:3a:b7:2d:c6:1b:2a:bd:b2:1c:23:57:9e:89:
84:4b:27:45:d1:ca:32:87:be:69:71:9b:8f:96:e4:2e:49:88:
8d:09:2c:63:d4:d8:31:03:89:3b:07:30:c9:20:56:40:13:b7:
ea:8a:b5:bb:b0:06:94:26:4b:36:f2:cc:59:3d:fb:06:33:72:
04:66:21:77
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5j7a9+FeX1Tg5U2SQznyDVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzIyMDIxMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDA1NDVmYzFmYzFjZDM4ZTg3NjdkNjUxMmEyMzg3NjIwMmY1ODY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIni92gOJNyGoszvZyDB6hBARrWE
4SNbGdSqWnrErNp7tzXcqK3eO1q3jcoICW7y5ladjcZC8Kcs7kRkvyDNQgXwyg5I
x24kVhBMDPGiYMRM7GX5VRnWv91ZmAOhFdDLH5vfnDlyXi1dmhtcKdX5X1mtbKaB
SM/+TUSFlsfXu99f83LzP7Z+YiH8C8NW+9RVqAMm9CAdkpLEEj4511M2zaAQIWPd
2TEA9+klcQN2r+MhQUZwekTw1va3K2nc5HvLJv6L8sul/EweBHStTpF+Bea5NmuI
6OKUfWEU7Olra87rNCvTe3I7N5QR0sFecs74DN2DmkLXtq5RzDjyzhBQEQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM0FRfwfwc046HZ9ZRKiOHYgL1hlMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvelFWRl9CX0J6VGpvZG4xbEVxSTRkaUF2V0dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI9UK+cJjRrN8pW9ZV/b
SGVJxsslijuHnWPNud0eXqrTCmRXkloLjYarufYSnW7+8idiXfjVEUUjjg6zTEq+
UgCPTuw2e+UZg4ett8MnGzj+8CQQRHnlfa3AfWEUWbVAZ4661DKB9F/utRxEeVOB
8vbJ53kA29A6Fo+HcB7GLruQho3qv1KcmVsI4i5hDKZU1Eps9SonhdVsoJXUlH/P
PQ+U46rVK3caa0/ulWEYxBAWBdqwC4jMMJa7OrctxhsqvbIcI1eeiYRLJ0XRyjKH
vmlxm4+W5C5JiI0JLGPU2DEDiTsHMMkgVkATt+qKtbuwBpQmSzbyzFk9+wYzcgRm
IXc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:35 2025 by rpki-client