Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/zz10MfOUOjAK84hOu2HQqb9THMs.roa
File: zz10MfOUOjAK84hOu2HQqb9THMs.roa (raw, json)
Hash identifier: /2WJeXYwCaseMLljpfjB8M9Te8YyWca2Rp1lx30Q1lg=
Subject key identifier: CF:3D:74:31:F3:94:3A:30:0A:F3:88:4E:BB:61:D0:A9:BF:53:1C:CB
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E7AAD5B0354A219E0EB2D6A73CBC4D446
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/zz10MfOUOjAK84hOu2HQqb9THMs.roa
Signing time: Tue 26 Mar 2024 12:12:44 +0000
ROA not before: Tue 26 Mar 2024 12:12:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7a:ad:5b:03:54:a2:19:e0:eb:2d:6a:73:cb:c4:d4:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 26 12:12:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf3d7431f3943a300af3884ebb61d0a9bf531ccb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:bd:3c:8e:1f:c3:81:bb:60:dc:3a:da:1e:11:
bf:50:9d:78:43:f4:f5:c7:89:cd:12:ae:3a:b4:32:
67:db:cf:67:cd:2a:d8:06:df:36:b6:c3:5c:3d:76:
f3:64:85:38:d9:2f:2a:0d:ad:8c:9f:e7:e4:2a:89:
c9:85:70:01:7c:80:f4:b8:56:de:6b:70:b8:ff:61:
17:61:49:41:b1:69:84:df:0a:d1:28:05:56:f7:b7:
c7:0d:5c:86:37:4d:ff:4b:85:57:88:52:7f:95:dc:
46:a6:ed:5b:cf:5c:b1:4a:4f:66:02:86:6d:d6:a6:
66:2b:c1:b6:0e:f9:46:7c:4c:7c:b8:7e:dc:f2:57:
46:42:fc:90:ad:bf:4c:2c:e6:23:80:ce:d6:8d:36:
26:c9:6c:9d:85:ef:ff:30:14:59:b7:a5:e9:48:a6:
00:4a:6a:6b:74:37:9a:3f:7a:11:bb:76:a1:73:60:
42:33:33:c3:e0:fb:16:09:24:08:6d:6c:7c:21:04:
46:44:92:3b:a6:a5:87:07:59:81:4f:b8:11:73:92:
08:5c:d6:90:d4:c1:82:0b:84:0d:47:26:d9:af:c0:
ca:9c:2b:49:79:30:f1:0c:bb:d8:8c:26:46:c1:8a:
70:6e:98:df:57:22:a6:e3:80:b0:5f:02:d5:c9:35:
23:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:3D:74:31:F3:94:3A:30:0A:F3:88:4E:BB:61:D0:A9:BF:53:1C:CB
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/zz10MfOUOjAK84hOu2HQqb9THMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
69:64:67:4f:1d:f4:53:d1:af:c7:b3:aa:44:09:af:ac:a4:52:
45:09:68:63:1c:0f:13:6f:60:b6:ca:75:ad:2e:8f:b9:55:33:
16:85:c3:4f:18:56:29:da:3e:ab:66:fb:89:b6:20:86:b0:43:
0c:59:29:23:27:53:75:70:ea:e7:56:ea:b3:33:e8:a9:e0:d1:
ff:22:98:2c:5b:fd:89:bd:af:ac:b2:1a:c4:5a:45:03:e7:1f:
c9:8b:a3:f7:bc:30:1f:ad:bb:f9:31:88:3f:92:b4:69:d3:bb:
89:5b:f4:4e:e4:6e:63:f3:35:60:d6:c5:fd:aa:4d:50:9e:81:
0f:fb:dc:fd:84:8e:6d:14:3b:04:7e:05:6e:05:01:d1:01:9a:
bc:21:8b:40:26:42:71:24:33:e7:ca:cf:ea:61:17:60:5b:1c:
81:bf:5b:b0:ae:fa:ce:c6:e6:e6:5a:72:5f:af:97:e9:a4:0b:
db:66:e8:27:4d:70:ee:54:93:ea:27:de:23:c6:3a:0c:37:f7:
4b:db:ae:22:9e:2a:51:8d:f2:93:a7:38:57:98:5a:e2:5d:68:
ac:59:20:d5:7d:b4:37:e5:da:6e:5e:9c:8a:be:3b:67:37:1b:
58:fd:a6:88:4c:e0:ae:dd:10:d9:88:09:04:0e:5c:e8:06:90:
7b:2c:39:42
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY56rVsDVKIZ4OstanPLxNRGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI2MTIxMjQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjNkNzQzMWYzOTQzYTMwMGFmMzg4NGViYjYxZDBhOWJmNTMxY2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj708jh/Dgbtg3DraHhG/UJ14Q/T1
x4nNEq46tDJn289nzSrYBt82tsNcPXbzZIU42S8qDa2Mn+fkKonJhXABfID0uFbe
a3C4/2EXYUlBsWmE3wrRKAVW97fHDVyGN03/S4VXiFJ/ldxGpu1bz1yxSk9mAoZt
1qZmK8G2DvlGfEx8uH7c8ldGQvyQrb9MLOYjgM7WjTYmyWydhe//MBRZt6XpSKYA
SmprdDeaP3oRu3ahc2BCMzPD4PsWCSQIbWx8IQRGRJI7pqWHB1mBT7gRc5IIXNaQ
1MGCC4QNRybZr8DKnCtJeTDxDLvYjCZGwYpwbpjfVyKm44CwXwLVyTUj6QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM89dDHzlDowCvOITrth0Km/UxzLMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvenoxME1mT1VPakFLODRoT3UySFFxYjlUSE1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGlkZ08d9FPRr8ezqkQJ
r6ykUkUJaGMcDxNvYLbKda0uj7lVMxaFw08YVinaPqtm+4m2IIawQwxZKSMnU3Vw
6udW6rMz6Kng0f8imCxb/Ym9r6yyGsRaRQPnH8mLo/e8MB+tu/kxiD+StGnTu4lb
9E7kbmPzNWDWxf2qTVCegQ/73P2Ejm0UOwR+BW4FAdEBmrwhi0AmQnEkM+fKz+ph
F2BbHIG/W7Cu+s7G5uZacl+vl+mkC9tm6CdNcO5Uk+on3iPGOgw390vbriKeKlGN
8pOnOFeYWuJdaKxZINV9tDfl2m5enIq+O2c3G1j9pohM4K7dENmICQQOXOgGkHss
OUI=
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:00:53 2025 by rpki-client