Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/zxqDYcnt8oVab7BqWQKyPrmnYdM.roa
File: zxqDYcnt8oVab7BqWQKyPrmnYdM.roa (raw, json)
Hash identifier: 7WwGzwqb5nzDfBWFul1MMkdaAM6qY89+8NjtuWd4ZnE=
Subject key identifier: CF:1A:83:61:C9:ED:F2:85:5A:6F:B0:6A:59:02:B2:3E:B9:A7:61:D3
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E3B9773A2807BFBE5E0705609343E802B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/zxqDYcnt8oVab7BqWQKyPrmnYdM.roa
Signing time: Thu 14 Mar 2024 06:12:45 +0000
ROA not before: Thu 14 Mar 2024 06:12:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3b:97:73:a2:80:7b:fb:e5:e0:70:56:09:34:3e:80:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 14 06:12:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf1a8361c9edf2855a6fb06a5902b23eb9a761d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:73:16:49:36:9e:8e:98:76:e5:d0:d9:fc:39:
2d:d0:2f:bf:83:96:98:1a:d8:0f:7b:eb:aa:36:b0:
43:0f:35:76:4a:80:38:7c:b2:27:d0:7f:b8:de:cb:
bf:00:5b:3c:95:e6:2c:04:a8:cc:8e:f7:2f:a4:ea:
73:2b:e7:4f:d4:fe:1d:9c:fb:4e:56:8c:9f:aa:cf:
4d:00:78:00:ed:a9:4d:87:06:44:74:f4:62:2e:6a:
5e:b5:8e:ab:6f:7b:79:df:0a:8c:76:ae:b9:00:0e:
5e:39:aa:55:f1:6d:8f:ff:7a:a2:00:f9:8b:6c:e0:
1d:4e:6c:80:9c:c8:f5:db:93:b2:29:82:a1:93:75:
43:16:28:45:38:38:87:d3:14:6e:8f:8a:ac:94:9d:
3a:0a:43:f3:68:4c:5e:40:fc:ac:e2:ce:df:65:50:
e6:c0:1a:71:3c:0c:12:7c:07:6a:cc:a5:df:61:73:
26:36:71:9e:9b:c9:ab:8b:1f:75:cf:f9:0d:83:b5:
94:65:76:4e:3d:4f:c6:55:29:53:cc:d1:ea:f9:ea:
4e:fb:cf:d0:1d:19:14:d5:15:29:9c:94:f6:4e:bc:
52:22:48:c9:87:7e:4a:90:0d:20:3b:92:3b:24:c6:
c1:98:90:5d:60:65:9f:25:ee:d0:73:e7:45:15:6c:
dd:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:1A:83:61:C9:ED:F2:85:5A:6F:B0:6A:59:02:B2:3E:B9:A7:61:D3
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/zxqDYcnt8oVab7BqWQKyPrmnYdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8e:95:84:2f:66:9f:8a:df:90:4a:90:e9:52:ba:8c:7f:bc:17:
c4:7f:eb:07:0a:cc:9f:b8:12:ff:a0:30:76:02:54:44:e5:c0:
92:95:38:1e:82:65:6e:19:13:b5:7a:ba:43:e7:f3:31:61:a1:
4f:41:3c:17:7a:e5:38:b9:60:e7:f3:f6:a6:71:3d:d1:5d:8a:
e4:f8:80:c8:3e:53:bb:4e:36:36:b5:38:12:77:15:52:37:70:
d1:9d:76:e5:55:ca:77:04:27:45:e3:3a:0b:90:b4:70:0c:e3:
56:02:1c:af:08:0f:c3:e6:21:dd:45:fd:db:35:4e:1e:29:2b:
c9:7b:30:6b:bc:af:3d:46:06:6e:09:21:6f:c3:72:51:88:d6:
da:7d:b6:10:db:83:9e:ef:7c:f1:53:f4:14:fb:e0:cc:68:0a:
c6:7d:92:7d:09:11:d6:4d:6c:b1:d2:2f:d9:27:f6:b8:e8:3b:
07:e3:30:89:7f:d9:13:c7:34:df:8e:6b:cf:36:75:7e:90:eb:
7c:8f:76:90:15:f6:12:d2:c1:fa:58:96:38:a9:0c:14:dc:b0:
1f:43:20:1f:87:ef:09:6c:f9:93:19:a0:13:53:be:c4:34:98:
2a:e1:09:92:48:e8:1e:cf:63:b7:35:6f:de:51:13:c3:9b:59:
17:ad:e5:18
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY47l3OigHv75eBwVgk0PoArMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE0MDYxMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjFhODM2MWM5ZWRmMjg1NWE2ZmIwNmE1OTAyYjIzZWI5YTc2MWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHMWSTaejph25dDZ/Dkt0C+/g5aY
GtgPe+uqNrBDDzV2SoA4fLIn0H+43su/AFs8leYsBKjMjvcvpOpzK+dP1P4dnPtO
Voyfqs9NAHgA7alNhwZEdPRiLmpetY6rb3t53wqMdq65AA5eOapV8W2P/3qiAPmL
bOAdTmyAnMj125OyKYKhk3VDFihFODiH0xRuj4qslJ06CkPzaExeQPys4s7fZVDm
wBpxPAwSfAdqzKXfYXMmNnGem8mrix91z/kNg7WUZXZOPU/GVSlTzNHq+epO+8/Q
HRkU1RUpnJT2TrxSIkjJh35KkA0gO5I7JMbBmJBdYGWfJe7Qc+dFFWzdmQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM8ag2HJ7fKFWm+walkCsj65p2HTMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvenhxRFljbnQ4b1ZhYjdCcVdRS3lQcm1uWWRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI6VhC9mn4rfkEqQ6VK6
jH+8F8R/6wcKzJ+4Ev+gMHYCVETlwJKVOB6CZW4ZE7V6ukPn8zFhoU9BPBd65Ti5
YOfz9qZxPdFdiuT4gMg+U7tONja1OBJ3FVI3cNGdduVVyncEJ0XjOguQtHAM41YC
HK8ID8PmId1F/ds1Th4pK8l7MGu8rz1GBm4JIW/DclGI1tp9thDbg57vfPFT9BT7
4MxoCsZ9kn0JEdZNbLHSL9kn9rjoOwfjMIl/2RPHNN+Oa882dX6Q63yPdpAV9hLS
wfpYljipDBTcsB9DIB+H7wls+ZMZoBNTvsQ0mCrhCZJI6B7PY7c1b95RE8ObWRet
5Rg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:06 2025 by rpki-client