Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/zRyksQQzbPa5tARBG9j3vdm7omE.roa
File: zRyksQQzbPa5tARBG9j3vdm7omE.roa (raw, json)
Hash identifier: Ua3TKyfbSs7C0kgSzzw9JjCWytuqqBwFVhFmDIhb5es=
Subject key identifier: CD:1C:A4:B1:04:33:6C:F6:B9:B4:04:41:1B:D8:F7:BD:D9:BB:A2:61
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D864A57756C5257AE242747D2DF4C8369
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/zRyksQQzbPa5tARBG9j3vdm7omE.roa
Signing time: Thu 08 Feb 2024 01:17:15 +0000
ROA not before: Thu 08 Feb 2024 01:17:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:86:4a:57:75:6c:52:57:ae:24:27:47:d2:df:4c:83:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 8 01:17:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd1ca4b104336cf6b9b404411bd8f7bdd9bba261
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:26:29:ce:6d:26:0b:03:fe:3f:4b:6c:07:59:
9d:27:02:ff:b2:d2:5f:3c:d3:f6:f8:5f:9a:46:64:
c3:de:a2:f7:84:f6:47:fb:b6:e1:ab:bd:ad:df:ea:
4b:a5:00:5e:7c:ec:7b:b2:2e:41:7a:2f:77:7a:38:
b6:da:45:53:03:b1:1d:7a:d1:dc:65:82:be:a9:fb:
07:f0:bd:7a:24:92:a0:31:ca:91:e9:ef:eb:f8:69:
c9:1f:aa:e2:d7:7d:8d:08:77:84:6a:09:9d:fe:05:
1f:5d:69:1d:2d:69:ab:0e:e2:3a:5c:51:05:3b:48:
50:61:05:60:b3:aa:f6:c3:2f:9e:de:cf:30:2e:2b:
3a:11:81:43:a1:2a:87:21:ac:0a:fb:96:21:6e:a9:
90:ed:5e:de:0c:5b:cf:ab:91:da:2c:9c:47:7f:eb:
28:04:7a:c0:59:ff:48:d2:eb:8f:77:11:b8:74:22:
64:b5:1c:ae:cf:eb:4d:28:22:6d:8d:5b:68:2a:07:
40:0b:a0:5e:89:de:a5:9c:79:66:6c:12:3c:39:11:
ef:7c:3d:58:8b:b0:63:88:19:05:95:ab:52:49:1b:
c4:d0:9c:45:61:f2:82:2c:6c:cb:68:73:d3:79:0a:
89:b9:c6:82:c1:1a:7c:3f:37:77:34:9b:e1:c0:bb:
0c:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:1C:A4:B1:04:33:6C:F6:B9:B4:04:41:1B:D8:F7:BD:D9:BB:A2:61
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/zRyksQQzbPa5tARBG9j3vdm7omE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
98:95:d0:0e:bd:6e:03:f6:60:18:79:f1:0f:84:ba:16:8e:d4:
1e:72:12:12:41:8b:f5:58:4b:8e:07:19:bd:21:d5:34:db:52:
e6:45:46:27:c2:5f:2e:cc:73:d4:62:ba:fc:db:67:d5:c4:4c:
4f:9a:02:54:3b:ec:00:bb:c7:d3:ab:ba:e7:6c:2e:f9:7d:d4:
20:12:ab:65:5e:c4:5b:8a:71:09:5a:9d:dc:42:6a:a3:1a:90:
16:46:40:53:b6:d7:c7:70:23:98:e1:4b:2a:2a:bf:5c:5d:43:
f3:24:c5:01:28:3e:8d:2d:7c:7c:79:52:05:7b:73:d4:04:87:
68:09:f3:24:3f:3e:c5:5b:aa:6b:2f:43:b1:59:fd:aa:44:f6:
7c:ca:c7:f8:58:aa:79:d5:f2:93:c0:65:c8:3d:64:7b:96:e9:
fe:92:ce:bc:81:de:30:17:76:38:e0:19:30:70:a3:b7:de:b5:
c2:ae:fe:0a:53:90:9d:6c:f6:56:d6:bb:22:71:9a:86:ca:e3:
8e:7c:39:91:0c:79:b8:f8:b3:42:83:96:a2:99:ff:3e:52:cc:
8b:60:88:a3:9a:43:cc:a7:99:0e:c0:12:b7:d2:be:d7:6e:86:
52:11:aa:5e:6a:be:e4:3b:ff:01:40:8f:2e:de:9f:6f:c5:40:
ca:9f:01:80
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2GSld1bFJXriQnR9LfTINpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA4MDExNzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDFjYTRiMTA0MzM2Y2Y2YjliNDA0NDExYmQ4ZjdiZGQ5YmJhMjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSYpzm0mCwP+P0tsB1mdJwL/stJf
PNP2+F+aRmTD3qL3hPZH+7bhq72t3+pLpQBefOx7si5Bei93eji22kVTA7EdetHc
ZYK+qfsH8L16JJKgMcqR6e/r+GnJH6ri132NCHeEagmd/gUfXWkdLWmrDuI6XFEF
O0hQYQVgs6r2wy+e3s8wLis6EYFDoSqHIawK+5YhbqmQ7V7eDFvPq5HaLJxHf+so
BHrAWf9I0uuPdxG4dCJktRyuz+tNKCJtjVtoKgdAC6Beid6lnHlmbBI8ORHvfD1Y
i7BjiBkFlatSSRvE0JxFYfKCLGzLaHPTeQqJucaCwRp8Pzd3NJvhwLsMZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM0cpLEEM2z2ubQEQRvY973Zu6JhMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvelJ5a3NRUXpiUGE1dEFSQkc5ajN2ZG03b21FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJiV0A69bgP2YBh58Q+E
uhaO1B5yEhJBi/VYS44HGb0h1TTbUuZFRifCXy7Mc9RiuvzbZ9XETE+aAlQ77AC7
x9OruudsLvl91CASq2VexFuKcQlandxCaqMakBZGQFO218dwI5jhSyoqv1xdQ/Mk
xQEoPo0tfHx5UgV7c9QEh2gJ8yQ/PsVbqmsvQ7FZ/apE9nzKx/hYqnnV8pPAZcg9
ZHuW6f6SzryB3jAXdjjgGTBwo7fetcKu/gpTkJ1s9lbWuyJxmobK4458OZEMebj4
s0KDlqKZ/z5SzItgiKOaQ8ynmQ7AErfSvtduhlIRql5qvuQ7/wFAjy7en2/FQMqf
AYA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:08 2025 by rpki-client