Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/zvPcxYnPWsJ9Eg5-eRHM5EKQAgg.roa
File: zvPcxYnPWsJ9Eg5-eRHM5EKQAgg.roa (raw, json)
Hash identifier: Gk5EMkFJ8gA1AoqBuaTQkoovDMa4aUdJ7WBFEAu0+JE=
Subject key identifier: CE:F3:DC:C5:89:CF:5A:C2:7D:12:0E:7E:79:11:CC:E4:42:90:02:08
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D08F6125C1E41911F5681AD82523352F8
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/zvPcxYnPWsJ9Eg5-eRHM5EKQAgg.roa
Signing time: Sun 14 Jan 2024 17:12:40 +0000
ROA not before: Sun 14 Jan 2024 17:12:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:08:f6:12:5c:1e:41:91:1f:56:81:ad:82:52:33:52:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 14 17:12:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cef3dcc589cf5ac27d120e7e7911cce442900208
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:99:6f:1d:68:de:69:cf:32:70:37:82:04:2d:
5f:96:02:84:ad:96:08:2d:9c:f1:94:8b:fc:21:92:
c4:80:3b:3b:17:7d:e1:35:83:98:8b:7c:2c:09:73:
7f:4e:82:a5:3c:d4:a2:00:d0:ea:d9:dd:a3:88:b2:
b3:d4:34:4b:da:4e:09:01:c7:ca:18:6d:18:aa:33:
77:2c:a0:16:c4:1e:c1:02:a8:18:39:0b:84:2e:32:
f6:d1:3b:1d:e4:c3:2c:3b:8b:db:d9:b3:05:24:96:
09:0a:71:ca:17:8d:5e:7c:b3:f1:de:47:09:64:b2:
32:06:be:2f:04:79:bb:a7:45:1b:d3:07:5f:a6:8e:
cb:20:91:d4:bb:c4:e4:ae:0d:80:8c:f4:a5:b4:f9:
e4:5d:74:f9:cb:8e:8d:b7:5f:b2:21:39:42:bf:dc:
b0:40:fe:cd:50:29:50:8e:81:e0:a4:16:47:a8:f2:
aa:0e:ad:b0:e2:d2:b1:0d:6c:03:c4:b3:ce:9a:7e:
c7:28:71:31:7e:a9:e8:48:33:5b:6c:14:c2:f5:87:
66:c8:54:71:3b:88:e4:6d:3b:0c:8c:63:b6:b5:6a:
7b:65:36:bd:ab:30:ef:ad:02:e0:04:81:b5:95:cc:
b9:5f:1b:1a:9c:c6:06:55:a9:81:96:c4:9b:6b:58:
9b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:F3:DC:C5:89:CF:5A:C2:7D:12:0E:7E:79:11:CC:E4:42:90:02:08
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/zvPcxYnPWsJ9Eg5-eRHM5EKQAgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
29:25:20:f0:16:8c:05:e3:51:9f:33:1c:20:84:bb:a4:e6:48:
05:64:2b:7b:d7:9b:a1:ce:9a:46:91:b9:e9:b6:19:0f:ef:51:
ca:4c:5e:51:fb:03:87:81:80:69:3c:59:55:e1:d1:a6:aa:30:
14:42:46:90:8d:3f:04:c3:f9:fa:68:a0:9c:3f:9b:c9:cc:23:
de:60:b9:80:47:69:24:61:d7:0a:9c:76:bc:68:34:fd:39:de:
b4:44:c3:1e:75:56:63:43:ca:f2:d4:82:6a:94:3e:6f:3d:cd:
38:97:e3:b8:16:5c:78:c9:7d:72:b3:9a:32:51:e6:a4:b4:c2:
69:33:da:93:3e:05:50:70:45:e5:7e:0f:d6:e2:dd:c5:40:6e:
e5:81:4a:87:43:7b:8b:4b:db:40:e7:e2:d0:30:5f:25:97:0b:
a4:c8:77:1c:43:29:a3:bd:a0:d2:d2:79:78:6e:d6:fe:f0:ae:
1d:e7:32:2a:76:f7:89:0c:18:2e:d8:57:ef:3a:36:6a:79:fa:
da:18:73:77:63:e2:5c:b9:79:c3:d5:b7:9e:23:a8:80:71:ae:
3a:af:96:9c:05:c5:e2:58:56:65:c0:e0:57:54:9c:08:84:4d:
e0:7f:a4:a1:73:74:46:a5:2b:63:6c:09:3a:61:69:11:31:a2:
b5:d3:14:93
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0I9hJcHkGRH1aBrYJSM1L4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTE0MTcxMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWYzZGNjNTg5Y2Y1YWMyN2QxMjBlN2U3OTExY2NlNDQyOTAwMjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmplvHWjeac8ycDeCBC1flgKErZYI
LZzxlIv8IZLEgDs7F33hNYOYi3wsCXN/ToKlPNSiANDq2d2jiLKz1DRL2k4JAcfK
GG0YqjN3LKAWxB7BAqgYOQuELjL20Tsd5MMsO4vb2bMFJJYJCnHKF41efLPx3kcJ
ZLIyBr4vBHm7p0Ub0wdfpo7LIJHUu8Tkrg2AjPSltPnkXXT5y46Nt1+yITlCv9yw
QP7NUClQjoHgpBZHqPKqDq2w4tKxDWwDxLPOmn7HKHExfqnoSDNbbBTC9YdmyFRx
O4jkbTsMjGO2tWp7ZTa9qzDvrQLgBIG1lcy5XxsanMYGVamBlsSba1ibDwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM7z3MWJz1rCfRIOfnkRzORCkAIIMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvenZQY3hZblBXc0o5RWc1LWVSSE01RUtRQWdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACklIPAWjAXjUZ8zHCCE
u6TmSAVkK3vXm6HOmkaRuem2GQ/vUcpMXlH7A4eBgGk8WVXh0aaqMBRCRpCNPwTD
+fpooJw/m8nMI95guYBHaSRh1wqcdrxoNP053rREwx51VmNDyvLUgmqUPm89zTiX
47gWXHjJfXKzmjJR5qS0wmkz2pM+BVBwReV+D9bi3cVAbuWBSodDe4tL20Dn4tAw
XyWXC6TIdxxDKaO9oNLSeXhu1v7wrh3nMip294kMGC7YV+86Nmp5+toYc3dj4ly5
ecPVt54jqIBxrjqvlpwFxeJYVmXA4FdUnAiETeB/pKFzdEalK2NsCTphaRExorXT
FJM=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:21:05 2025 by rpki-client