Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/zsvOma8ccdr2miSCWSY3-t2JfHY.roa
File: zsvOma8ccdr2miSCWSY3-t2JfHY.roa (raw, json)
Hash identifier: FXq6g2JGj4DAF48QCbe2R1w2t+OIifw68dm3N0w1w1U=
Subject key identifier: CE:CB:CE:99:AF:1C:71:DA:F6:9A:24:82:59:26:37:FA:DD:89:7C:76
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CAF3D96BFC2CA6C4A0B0A3787DA4B3B2D
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/zsvOma8ccdr2miSCWSY3-t2JfHY.roa
Signing time: Thu 28 Dec 2023 07:04:58 +0000
ROA not before: Thu 28 Dec 2023 07:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:af3c:e7ee/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:af:3d:96:bf:c2:ca:6c:4a:0b:0a:37:87:da:4b:3b:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 28 07:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cecbce99af1c71daf69a2482592637fadd897c76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:70:52:87:c4:60:c2:aa:c6:c5:ef:12:1c:e0:
af:81:1d:3c:74:36:13:bb:7e:59:95:07:d2:17:e5:
98:9c:d9:83:43:f9:c6:c3:73:54:bd:a6:89:c4:f2:
55:1a:f4:c2:67:94:d4:62:fe:c2:2d:07:4f:a9:65:
0d:5f:ba:1b:13:e7:1a:8d:e1:38:d9:d8:a3:5e:e9:
3f:87:59:6d:32:0c:d4:b4:d2:45:e6:b5:8c:32:34:
39:0b:ac:db:0c:20:25:94:44:9b:48:f7:f5:a7:50:
d1:1a:fe:70:61:ca:4e:7d:d6:a1:30:23:83:02:78:
b3:b3:25:a5:63:2d:23:b6:91:88:b0:24:fc:0c:e2:
0c:1e:f1:41:eb:ed:57:11:a3:c2:89:67:5c:f4:2e:
2c:e4:c7:88:7c:f2:48:5b:d5:da:d8:92:a5:b2:56:
62:5f:6f:97:08:72:d4:cd:2d:7b:64:d9:47:a9:c9:
35:5e:62:70:78:4a:66:30:60:7a:1f:f5:c1:6f:79:
9c:ff:a4:dd:57:3b:32:0c:ea:fe:ae:35:3f:7f:9a:
56:2d:58:cf:f0:ca:42:c2:da:63:09:76:1a:39:f9:
74:68:8c:a5:ab:18:54:37:80:7d:04:19:7b:ac:ff:
b9:e4:6f:70:5a:00:95:d9:5b:6a:03:98:4c:41:e7:
ff:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:CB:CE:99:AF:1C:71:DA:F6:9A:24:82:59:26:37:FA:DD:89:7C:76
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/zsvOma8ccdr2miSCWSY3-t2JfHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
98:1e:72:d4:9e:71:10:34:4d:69:f5:ab:d4:5a:c8:57:ca:7c:
1e:57:1f:31:95:3e:44:7b:16:2e:c3:64:d1:42:16:c5:d6:e8:
16:50:38:a3:77:86:b0:3f:a3:12:d0:c7:d8:e5:4e:99:3c:d3:
5b:64:11:d1:e2:f3:10:9b:9c:be:45:a5:73:07:b9:31:14:e2:
d1:d6:cf:ee:6f:3e:2b:d4:6c:c7:8d:c4:9a:22:2f:3a:79:1d:
bf:d9:a8:4e:55:0d:9a:13:70:c6:54:9f:7b:d7:ac:a4:71:57:
6d:0a:a4:02:2e:3f:38:3e:c2:78:f5:5a:d0:6e:2f:bd:86:4e:
a1:1b:11:39:6d:65:88:8b:e9:c8:39:7e:70:ad:72:1c:c3:1b:
18:36:df:6c:1a:15:3c:9a:8b:1d:63:3c:e6:b7:34:b1:9a:c9:
d8:98:c4:14:6f:ad:34:b9:28:44:7e:b4:0a:76:61:2c:bb:b3:
bf:c3:8c:75:75:a0:83:aa:d1:9e:63:67:c9:a8:68:00:51:31:
b6:61:28:90:5f:b0:6d:04:ab:10:0b:5a:28:cf:fa:3a:38:2e:
fd:e7:a0:c4:58:d1:14:f1:f9:60:aa:28:2c:f2:ae:50:c6:c4:
73:99:18:ea:4b:9b:42:bf:08:ee:3d:be:41:61:e2:9e:54:52:
4d:76:9c:96
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyvPZa/wspsSgsKN4faSzstMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI4MDcwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWNiY2U5OWFmMWM3MWRhZjY5YTI0ODI1OTI2MzdmYWRkODk3Yzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXBSh8RgwqrGxe8SHOCvgR08dDYT
u35ZlQfSF+WYnNmDQ/nGw3NUvaaJxPJVGvTCZ5TUYv7CLQdPqWUNX7obE+cajeE4
2dijXuk/h1ltMgzUtNJF5rWMMjQ5C6zbDCAllESbSPf1p1DRGv5wYcpOfdahMCOD
AnizsyWlYy0jtpGIsCT8DOIMHvFB6+1XEaPCiWdc9C4s5MeIfPJIW9Xa2JKlslZi
X2+XCHLUzS17ZNlHqck1XmJweEpmMGB6H/XBb3mc/6TdVzsyDOr+rjU/f5pWLVjP
8MpCwtpjCXYaOfl0aIylqxhUN4B9BBl7rP+55G9wWgCV2VtqA5hMQef/3wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM7LzpmvHHHa9pokglkmN/rdiXx2MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvenN2T21hOGNjZHIybWlTQ1dTWTMtdDJKZkhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJgectSecRA0TWn1q9Ra
yFfKfB5XHzGVPkR7Fi7DZNFCFsXW6BZQOKN3hrA/oxLQx9jlTpk801tkEdHi8xCb
nL5FpXMHuTEU4tHWz+5vPivUbMeNxJoiLzp5Hb/ZqE5VDZoTcMZUn3vXrKRxV20K
pAIuPzg+wnj1WtBuL72GTqEbETltZYiL6cg5fnCtchzDGxg232waFTyaix1jPOa3
NLGaydiYxBRvrTS5KER+tAp2YSy7s7/DjHV1oIOq0Z5jZ8moaABRMbZhKJBfsG0E
qxALWijP+jo4Lv3noMRY0RTx+WCqKCzyrlDGxHOZGOpLm0K/CO49vkFh4p5UUk12
nJY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:19 2025 by rpki-client