Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/316c8f-5e36-471f-9555-f6297a77a37b/1/z53iYrx_shu0WdCaV4v6ZXfJyfA.roa
File: z53iYrx_shu0WdCaV4v6ZXfJyfA.roa (raw, json)
Hash identifier: ySckjx3fnBbjiCnJf7c10h+wH/jcKQr5e8Rmhk0EXE4=
Subject key identifier: CF:9D:E2:62:BC:7F:B2:1B:B4:59:D0:9A:57:8B:FA:65:77:C9:C9:F0
Certificate issuer: /CN=6ddd8f1e38c91f5b17c3d1a7234e49c9c70dc324
Certificate serial: 0194214433EA31DA8C967C34FF667CF7CD95
Authority key identifier: 6D:DD:8F:1E:38:C9:1F:5B:17:C3:D1:A7:23:4E:49:C9:C7:0D:C3:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bd2PHjjJH1sXw9GnI05JyccNwyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/316c8f-5e36-471f-9555-f6297a77a37b/1/z53iYrx_shu0WdCaV4v6ZXfJyfA.roa
Signing time: Wed 01 Jan 2025 09:48:25 +0000
ROA not before: Wed 01 Jan 2025 09:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212543
IP address blocks: 192.38.0.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:33:ea:31:da:8c:96:7c:34:ff:66:7c:f7:cd:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddd8f1e38c91f5b17c3d1a7234e49c9c70dc324
Validity
Not Before: Jan 1 09:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf9de262bc7fb21bb459d09a578bfa6577c9c9f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:24:1b:30:e5:d8:d0:a6:57:c9:c3:9a:06:6c:
c6:8b:aa:44:9e:0d:cd:a0:ad:f5:ba:b1:a0:53:44:
79:64:22:7f:54:1b:ff:2e:d4:a7:6f:75:1b:58:b8:
a5:cd:c7:77:74:97:fd:99:35:de:39:9f:e3:77:8e:
6d:02:cf:1e:3b:c9:70:97:a9:5b:bf:c1:14:97:37:
74:09:72:9f:de:f6:b3:21:7e:d9:eb:ac:10:b2:56:
36:2a:d1:3d:11:d0:eb:a3:d9:1e:c8:73:b2:a8:b5:
d7:14:14:bd:a2:ee:87:40:3f:02:14:f9:b2:48:3a:
f9:b1:9a:fa:94:da:52:fa:b5:7b:f4:0a:25:91:d9:
7a:68:93:a3:d7:45:7a:52:af:3f:03:71:e7:43:cf:
c8:a1:3f:85:6c:55:a1:e6:06:82:1f:00:10:aa:cb:
44:f1:77:16:2d:b2:c6:15:7c:d1:c0:6f:4c:f5:bb:
15:96:d3:96:26:01:40:6f:fa:f2:0b:69:84:fa:f6:
f1:de:1a:17:88:49:04:2c:47:31:e9:68:8d:9f:a8:
77:df:50:c2:de:02:51:12:de:dd:b8:6f:ce:74:e5:
70:fa:dc:1a:6b:19:13:d6:dc:76:e2:da:fe:3f:9d:
35:65:8f:e4:51:99:64:b3:dc:f2:7a:27:3f:ae:58:
c5:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:9D:E2:62:BC:7F:B2:1B:B4:59:D0:9A:57:8B:FA:65:77:C9:C9:F0
X509v3 Authority Key Identifier:
keyid:6D:DD:8F:1E:38:C9:1F:5B:17:C3:D1:A7:23:4E:49:C9:C7:0D:C3:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd2PHjjJH1sXw9GnI05JyccNwyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/316c8f-5e36-471f-9555-f6297a77a37b/1/z53iYrx_shu0WdCaV4v6ZXfJyfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/316c8f-5e36-471f-9555-f6297a77a37b/1/bd2PHjjJH1sXw9GnI05JyccNwyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.38.0.0/22
Signature Algorithm: sha256WithRSAEncryption
11:65:26:df:18:31:d6:53:0e:78:f3:86:0c:73:87:ce:20:7a:
a5:50:15:88:4c:65:ac:e5:8b:67:ad:1e:1b:8b:4f:eb:63:56:
96:26:63:31:b6:39:7c:1b:28:fc:57:32:b4:2a:92:29:51:7c:
b7:dd:19:35:13:30:e1:3d:4a:9e:66:c9:1a:c2:24:47:27:91:
58:97:74:a9:4c:a7:3d:2f:2e:f7:5b:20:6f:c1:6a:ac:77:3b:
26:2a:95:76:b9:91:14:76:dd:c7:34:10:a7:29:ef:66:fa:60:
6d:f4:39:d3:a1:28:4a:62:99:a3:7c:95:99:4d:ef:60:53:1f:
f9:61:7e:96:7d:15:f6:9c:bb:c3:7f:fc:d2:be:72:e8:13:09:
cd:46:96:c9:ff:88:01:5d:58:83:cb:16:bd:95:22:a3:d5:68:
0c:fa:d0:fa:67:2d:cb:c5:2b:63:3b:a8:1e:5f:77:27:9e:fc:
bb:d5:22:a2:81:3b:c7:b5:be:01:17:e4:4e:e9:0f:10:1b:d3:
d2:2e:43:c2:bb:d4:56:a4:09:ba:a5:b4:0a:b2:8b:8f:b3:08:
1b:3c:de:88:2e:dc:e3:a1:3f:98:29:c3:81:aa:a7:40:53:7e:
51:78:56:53:92:2c:c3:30:f7:ea:81:d2:16:62:52:12:8d:96:
fb:e7:2f:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRDPqMdqMlnw0/2Z8982VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGQ4ZjFlMzhjOTFmNWIxN2MzZDFhNzIzNGU0OWM5Yzcw
ZGMzMjQwHhcNMjUwMTAxMDk0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjlkZTI2MmJjN2ZiMjFiYjQ1OWQwOWE1NzhiZmE2NTc3YzljOWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2yQbMOXY0KZXycOaBmzGi6pEng3N
oK31urGgU0R5ZCJ/VBv/LtSnb3UbWLilzcd3dJf9mTXeOZ/jd45tAs8eO8lwl6lb
v8EUlzd0CXKf3vazIX7Z66wQslY2KtE9EdDro9keyHOyqLXXFBS9ou6HQD8CFPmy
SDr5sZr6lNpS+rV79Aolkdl6aJOj10V6Uq8/A3HnQ8/IoT+FbFWh5gaCHwAQqstE
8XcWLbLGFXzRwG9M9bsVltOWJgFAb/ryC2mE+vbx3hoXiEkELEcx6WiNn6h331DC
3gJREt7duG/OdOVw+twaaxkT1tx24tr+P501ZY/kUZlks9zyeic/rljF0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM+d4mK8f7IbtFnQmleL+mV3ycnwMB8GA1UdIwQY
MBaAFG3djx44yR9bF8PRpyNOScnHDcMkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmQyUEhqakpIMXNYdzlHbkkwNUp5Y2NOd3lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8zMTZjOGYtNWUzNi00NzFmLTk1NTUt
ZjYyOTdhNzdhMzdiLzEvejUzaVlyeF9zaHUwV2RDYVY0djZaWGZKeWZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8zMTZjOGYtNWUzNi00NzFmLTk1NTUtZjYyOTdhNzdhMzdi
LzEvYmQyUEhqakpIMXNYdzlHbkkwNUp5Y2NOd3lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwCYAMA0G
CSqGSIb3DQEBCwUAA4IBAQARZSbfGDHWUw5484YMc4fOIHqlUBWITGWs5YtnrR4b
i0/rY1aWJmMxtjl8Gyj8VzK0KpIpUXy33Rk1EzDhPUqeZskawiRHJ5FYl3SpTKc9
Ly73WyBvwWqsdzsmKpV2uZEUdt3HNBCnKe9m+mBt9DnToShKYpmjfJWZTe9gUx/5
YX6WfRX2nLvDf/zSvnLoEwnNRpbJ/4gBXViDyxa9lSKj1WgM+tD6Zy3LxStjO6ge
X3cnnvy71SKigTvHtb4BF+RO6Q8QG9PSLkPCu9RWpAm6pbQKsouPswgbPN6ILtzj
oT+YKcOBqqdAU35ReFZTkizDMPfqgdIWYlISjZb75y9B
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:48:58 2025 by rpki-client