Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/zl5Ky9niaG6h0TZaBQX-A_w3wZQ.roa
File: zl5Ky9niaG6h0TZaBQX-A_w3wZQ.roa (raw, json)
Hash identifier: E1HHxDFcD2fcwVRJdZ1dmk9KPvvliSIzwrJDXfJPV5M=
Subject key identifier: CE:5E:4A:CB:D9:E2:68:6E:A1:D1:36:5A:05:05:FE:03:FC:37:C1:94
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C9661C1CB43F67AA11F6A3401E6A16C2C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/zl5Ky9niaG6h0TZaBQX-A_w3wZQ.roa
Signing time: Sat 23 Dec 2023 11:13:58 +0000
ROA not before: Sat 23 Dec 2023 11:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:96:61:c1:cb:43:f6:7a:a1:1f:6a:34:01:e6:a1:6c:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 23 11:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce5e4acbd9e2686ea1d1365a0505fe03fc37c194
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:d9:5d:18:10:45:81:9c:bb:e2:43:8d:20:fa:
d9:e7:69:c9:b4:5c:90:52:d1:42:c3:b9:57:62:38:
c2:ac:30:a8:22:f0:91:68:d6:51:e7:10:b4:d0:ab:
18:cb:97:30:35:0e:e2:94:eb:5b:8c:6f:e4:86:57:
6e:31:5c:60:df:c7:ec:1e:dc:dc:e5:0b:08:05:54:
6b:84:a6:3f:cc:e3:1b:2e:d2:ca:a1:b7:b9:4f:81:
3c:21:3f:26:bf:fd:e7:ef:eb:b5:de:16:2e:eb:a2:
77:0b:ae:c8:4c:06:95:da:86:6c:f4:00:74:ad:93:
1a:08:34:6b:d2:51:74:f0:af:30:8d:3d:e5:2e:2e:
a5:13:d2:4e:77:f2:b2:09:b8:1b:48:da:e5:63:73:
68:7c:36:cb:eb:e0:78:5e:fa:b6:fb:a4:3d:5a:46:
7d:d3:35:5e:ca:b2:c9:34:c4:d1:e2:b2:68:f5:97:
c1:99:44:b8:b0:46:76:12:a3:63:a0:dc:1f:7f:54:
95:bd:0b:c3:56:30:0e:94:5a:1b:9a:56:84:84:87:
60:0e:a9:5e:96:da:21:4e:40:84:3b:c6:76:d1:6b:
d0:ef:b5:19:b6:0e:5e:b3:5a:0d:19:77:e0:a0:77:
10:35:46:68:3e:0d:7d:15:69:f0:52:d1:11:7c:ae:
40:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:5E:4A:CB:D9:E2:68:6E:A1:D1:36:5A:05:05:FE:03:FC:37:C1:94
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/zl5Ky9niaG6h0TZaBQX-A_w3wZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
87:f3:a0:f3:a1:36:50:1e:ca:5e:b9:78:24:65:89:a9:7c:45:
ba:c9:24:5c:f1:f2:b7:c6:22:c4:8c:ca:28:7a:d6:db:85:46:
09:1e:ab:79:fa:24:8b:e4:10:80:1d:11:24:bb:b0:02:dd:c8:
7e:1e:90:80:03:cc:9d:ea:35:16:11:35:e9:a8:28:ba:ae:bc:
42:f4:ac:f7:3d:d9:6a:ec:a7:30:a1:fb:1e:8f:4b:ff:1c:ba:
67:3e:4d:86:ed:38:01:94:99:e5:bd:d9:58:84:76:45:07:59:
60:61:d1:3f:01:4e:aa:a0:e0:bd:b6:72:3f:1a:ff:9f:c7:ff:
90:e4:8e:73:d9:50:d8:14:10:0f:c3:fd:73:65:09:0c:0d:91:
12:39:ea:d8:68:bd:c8:e2:62:02:05:6e:c1:cf:60:e6:4f:ec:
64:97:d5:dc:0f:83:55:f6:8e:1f:a8:b9:32:2b:1d:41:01:78:
89:b4:ca:e2:36:6b:9e:dd:2f:50:ed:f8:43:fb:e9:e0:6f:3f:
ca:b5:fc:83:b9:8d:e8:44:7f:5d:01:fe:ca:a5:42:2d:7e:72:
06:b3:7b:23:87:c3:f0:3f:4f:27:95:0a:05:20:4a:a6:b4:85:
5e:2d:8f:95:e6:94:93:81:42:f7:14:54:f7:c8:c5:9b:83:b1:
d6:78:be:c1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyWYcHLQ/Z6oR9qNAHmoWwsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIzMTExMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTVlNGFjYmQ5ZTI2ODZlYTFkMTM2NWEwNTA1ZmUwM2ZjMzdjMTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1dldGBBFgZy74kONIPrZ52nJtFyQ
UtFCw7lXYjjCrDCoIvCRaNZR5xC00KsYy5cwNQ7ilOtbjG/khlduMVxg38fsHtzc
5QsIBVRrhKY/zOMbLtLKobe5T4E8IT8mv/3n7+u13hYu66J3C67ITAaV2oZs9AB0
rZMaCDRr0lF08K8wjT3lLi6lE9JOd/KyCbgbSNrlY3NofDbL6+B4Xvq2+6Q9WkZ9
0zVeyrLJNMTR4rJo9ZfBmUS4sEZ2EqNjoNwff1SVvQvDVjAOlFobmlaEhIdgDqle
ltohTkCEO8Z20WvQ77UZtg5es1oNGXfgoHcQNUZoPg19FWnwUtERfK5ARQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM5eSsvZ4mhuodE2WgUF/gP8N8GUMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvemw1S3k5bmlhRzZoMFRaYUJRWC1BX3czd1pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIfzoPOhNlAeyl65eCRl
ial8RbrJJFzx8rfGIsSMyih61tuFRgkeq3n6JIvkEIAdESS7sALdyH4ekIADzJ3q
NRYRNemoKLquvEL0rPc92WrspzCh+x6PS/8cumc+TYbtOAGUmeW92ViEdkUHWWBh
0T8BTqqg4L22cj8a/5/H/5DkjnPZUNgUEA/D/XNlCQwNkRI56thovcjiYgIFbsHP
YOZP7GSX1dwPg1X2jh+ouTIrHUEBeIm0yuI2a57dL1Dt+EP76eBvP8q1/IO5jehE
f10B/sqlQi1+cgazeyOHw/A/TyeVCgUgSqa0hV4tj5XmlJOBQvcUVPfIxZuDsdZ4
vsE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:39 2025 by rpki-client