Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/zeCLMCpjovg4q9d5D-MXNNS6Pkc.roa
File: zeCLMCpjovg4q9d5D-MXNNS6Pkc.roa (raw, json)
Hash identifier: 1SSFT1C7Oj9JOdDKweo0UYHypa51UauUkdikDasB/jU=
Subject key identifier: CD:E0:8B:30:2A:63:A2:F8:38:AB:D7:79:0F:E3:17:34:D4:BA:3E:47
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E2848E6C0C1AD08A093110831CE045DC2
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/zeCLMCpjovg4q9d5D-MXNNS6Pkc.roa
Signing time: Sun 10 Mar 2024 12:14:10 +0000
ROA not before: Sun 10 Mar 2024 12:14:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:28:48:e6:c0:c1:ad:08:a0:93:11:08:31:ce:04:5d:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 10 12:14:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cde08b302a63a2f838abd7790fe31734d4ba3e47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:2a:7c:f8:8a:f4:a1:7b:5f:dd:d1:48:5c:87:
23:85:53:a2:4d:5f:49:5f:17:77:c5:a3:24:b7:42:
06:f0:bf:31:2e:5c:d0:ce:98:06:f8:73:f8:f8:82:
87:77:40:5c:0b:a2:59:3d:26:7a:a0:21:02:ee:e0:
98:7f:ed:75:24:29:10:93:21:c0:be:ef:92:63:6c:
30:89:92:ef:70:67:c9:17:9b:ba:ba:56:00:94:54:
f9:eb:09:4d:28:f8:2b:6a:52:5d:19:dc:5c:56:dd:
97:ef:61:e2:10:78:1d:eb:2e:f4:c5:ae:22:6d:d5:
60:61:14:8d:90:cd:9d:3c:8d:af:37:d8:e1:f9:17:
c6:d5:f6:c7:a2:aa:4e:5e:51:74:19:1d:e5:db:2b:
f9:ab:d6:c6:07:7e:e8:3e:1e:9f:a5:60:e1:ee:34:
7b:ac:a6:d8:56:6f:41:8e:ce:a3:7c:3f:10:24:35:
c7:83:0c:9b:0e:4a:30:9e:3c:2d:75:2c:27:1c:dd:
57:a2:90:d3:97:36:82:81:7b:7f:ed:56:09:c6:45:
db:db:a9:37:2f:0b:97:f4:93:c6:cd:39:b9:11:44:
d2:d2:56:11:18:36:37:21:31:24:19:89:39:12:ad:
a8:8d:c2:c5:03:c5:8d:f5:cc:67:c5:ba:97:0a:fc:
de:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:E0:8B:30:2A:63:A2:F8:38:AB:D7:79:0F:E3:17:34:D4:BA:3E:47
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/zeCLMCpjovg4q9d5D-MXNNS6Pkc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a7:a2:bf:dd:9d:c1:06:6c:85:9a:7f:37:6a:d3:a9:aa:80:c3:
50:c6:17:78:fa:d9:12:53:3e:b3:f5:87:85:36:18:b9:7f:76:
3e:4a:c9:23:57:e9:12:f0:7f:65:27:7e:6c:ad:83:86:92:84:
f1:92:73:43:3a:00:f7:df:8f:2f:61:2b:51:92:9e:52:73:a6:
8e:fd:6f:e6:40:8e:a5:a1:3b:a7:60:11:74:3b:48:8b:b6:da:
8b:d0:c5:59:01:06:1c:e2:40:a2:88:c2:ee:04:4d:98:b4:8a:
a6:32:ef:8d:fd:44:b3:62:89:fb:f4:2b:5a:13:6d:e4:9e:a1:
19:bd:47:7c:be:9e:c0:e4:a3:d8:cd:6a:d7:ab:86:03:7e:d8:
b0:ce:d9:e8:46:06:aa:8b:f7:60:54:91:14:10:ae:49:b4:e9:
a3:42:5c:50:d9:ad:38:33:cb:99:5b:af:32:7f:e5:11:f9:41:
fe:03:1a:51:71:ce:66:5c:b5:46:41:67:c0:c3:6f:99:46:6b:
35:9f:42:18:19:06:ec:60:85:2f:1b:58:47:3b:4f:2f:9b:02:
c8:35:c2:a0:9d:ba:32:c7:ea:18:54:4d:b8:2f:3b:5c:c5:d1:
c9:0c:7d:e6:d5:d6:39:fa:7d:08:5a:4c:56:0b:97:c4:83:b2:
9c:69:35:05
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4oSObAwa0IoJMRCDHOBF3CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzEwMTIxNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGUwOGIzMDJhNjNhMmY4MzhhYmQ3NzkwZmUzMTczNGQ0YmEzZTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCp8+Ir0oXtf3dFIXIcjhVOiTV9J
Xxd3xaMkt0IG8L8xLlzQzpgG+HP4+IKHd0BcC6JZPSZ6oCEC7uCYf+11JCkQkyHA
vu+SY2wwiZLvcGfJF5u6ulYAlFT56wlNKPgralJdGdxcVt2X72HiEHgd6y70xa4i
bdVgYRSNkM2dPI2vN9jh+RfG1fbHoqpOXlF0GR3l2yv5q9bGB37oPh6fpWDh7jR7
rKbYVm9Bjs6jfD8QJDXHgwybDkownjwtdSwnHN1XopDTlzaCgXt/7VYJxkXb26k3
LwuX9JPGzTm5EUTS0lYRGDY3ITEkGYk5Eq2ojcLFA8WN9cxnxbqXCvzegwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM3gizAqY6L4OKvXeQ/jFzTUuj5HMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvemVDTE1DcGpvdmc0cTlkNUQtTVhOTlM2UGtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKeiv92dwQZshZp/N2rT
qaqAw1DGF3j62RJTPrP1h4U2GLl/dj5KySNX6RLwf2Unfmytg4aShPGSc0M6APff
jy9hK1GSnlJzpo79b+ZAjqWhO6dgEXQ7SIu22ovQxVkBBhziQKKIwu4ETZi0iqYy
7439RLNiifv0K1oTbeSeoRm9R3y+nsDko9jNaterhgN+2LDO2ehGBqqL92BUkRQQ
rkm06aNCXFDZrTgzy5lbrzJ/5RH5Qf4DGlFxzmZctUZBZ8DDb5lGazWfQhgZBuxg
hS8bWEc7Ty+bAsg1wqCdujLH6hhUTbgvO1zF0ckMfebV1jn6fQhaTFYLl8SDspxp
NQU=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:17:48 2025 by rpki-client