Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/Z_EnRaoRfUEsLJyze6ow5WaR2jg.roa
File: Z_EnRaoRfUEsLJyze6ow5WaR2jg.roa (raw, json)
Hash identifier: 4fQcSOSd1KIV+/WNTz1/G8uxJXghVoVP0EUQeH1wdFI=
Subject key identifier: 67:F1:27:45:AA:11:7D:41:2C:2C:9C:B3:7B:AA:30:E5:66:91:DA:38
Certificate issuer: /CN=f030658f16d2d88d34164592fcd4de13131f1695
Certificate serial: 0189E4FE4FE2F83CC9FD96D08802D3783058
Authority key identifier: F0:30:65:8F:16:D2:D8:8D:34:16:45:92:FC:D4:DE:13:13:1F:16:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/Z_EnRaoRfUEsLJyze6ow5WaR2jg.roa
Signing time: Fri 11 Aug 2023 14:26:59 +0000
ROA not before: Fri 11 Aug 2023 14:26:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212165
IP address blocks: 217.196.103.0/24 maxlen: 24
217.196.102.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e4:fe:4f:e2:f8:3c:c9:fd:96:d0:88:02:d3:78:30:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f030658f16d2d88d34164592fcd4de13131f1695
Validity
Not Before: Aug 11 14:26:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67f12745aa117d412c2c9cb37baa30e56691da38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:2c:31:91:81:4e:93:f4:6f:23:cd:0a:0d:75:
8d:b9:53:33:0d:5a:5f:e1:8d:38:5c:76:98:40:a1:
5d:31:09:27:01:c0:08:84:ec:a0:69:5f:0a:a7:9c:
97:04:f8:9d:e2:7f:50:85:09:e2:67:a2:cd:9d:6f:
e7:00:38:1f:d7:1b:17:53:bc:e9:ce:10:ed:8a:52:
43:be:5b:d8:b6:8e:ba:2f:e0:13:d9:55:f6:97:3a:
ca:f7:d1:ae:97:9d:d0:5e:03:0e:fe:dd:83:cf:6d:
db:64:d7:04:fd:0c:ba:f6:0b:d5:59:41:00:81:61:
a3:01:dc:14:a5:4b:0a:a5:eb:39:46:11:10:e5:e0:
57:d7:5b:81:f6:e8:69:37:e1:7f:00:8c:ca:2d:35:
05:95:66:26:1f:ca:9e:a7:f9:f6:03:96:b3:d1:42:
cc:0a:1a:0f:f7:5f:b5:00:ad:e3:8f:2e:30:f6:26:
fb:4e:7d:39:06:a4:f3:2e:7c:6c:93:95:1e:75:06:
35:13:1b:6d:d3:3e:bb:50:1c:6d:32:36:3f:82:af:
19:9b:2a:d2:13:b4:02:78:73:8d:90:17:cf:7b:50:
fa:87:8f:2b:08:25:62:1e:15:b5:3a:69:04:3d:38:
ac:73:4e:a1:56:29:75:4d:f2:5c:c7:30:2e:6f:11:
19:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:F1:27:45:AA:11:7D:41:2C:2C:9C:B3:7B:AA:30:E5:66:91:DA:38
X509v3 Authority Key Identifier:
keyid:F0:30:65:8F:16:D2:D8:8D:34:16:45:92:FC:D4:DE:13:13:1F:16:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/Z_EnRaoRfUEsLJyze6ow5WaR2jg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/8DBljxbS2I00FkWS_NTeExMfFpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.196.102.0/23
Signature Algorithm: sha256WithRSAEncryption
b5:f1:e3:7f:2d:b5:81:ea:aa:b1:ec:b9:d2:57:13:eb:86:0d:
b7:93:7c:ef:dc:b9:1d:a3:36:0c:3d:f5:57:ee:b5:6d:04:19:
b7:28:b5:c2:59:a2:49:00:d7:4f:7c:a5:78:23:0e:3f:cf:94:
c0:1d:5a:a6:23:df:ab:38:13:28:0b:9e:86:24:ff:97:5b:7a:
ca:17:c0:cd:e9:9c:4f:d2:5f:52:d1:ea:52:97:49:b5:e3:80:
b6:b3:0f:6a:0e:f8:20:19:1a:99:0a:c8:f1:33:14:30:e8:34:
33:24:e4:c5:86:96:cd:52:33:6a:35:49:fd:27:2a:da:3c:73:
25:a0:74:73:41:b1:ec:00:c7:41:ef:09:a9:90:6d:8c:76:81:
9b:35:62:ce:55:0a:38:1c:1d:dc:19:3c:b5:e4:1d:4a:89:f0:
42:b1:e3:dd:71:52:d9:cf:33:30:e3:9b:cd:16:a9:93:d1:66:
ee:07:1e:b6:45:af:f1:21:83:9a:06:2a:de:f9:43:d1:03:f8:
4e:5d:8e:b5:21:5d:e5:ab:e9:fd:4c:38:93:f8:28:1a:05:cb:
aa:77:c5:71:d4:ca:40:57:40:a2:4d:22:a4:3a:af:99:49:17:
b5:8b:c5:f7:85:dc:4e:2e:66:3b:df:93:0c:b8:0b:91:97:e1:
b0:f8:c5:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnk/k/i+DzJ/ZbQiALTeDBYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMzA2NThmMTZkMmQ4OGQzNDE2NDU5MmZjZDRkZTEzMTMx
ZjE2OTUwHhcNMjMwODExMTQyNjU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2YxMjc0NWFhMTE3ZDQxMmMyYzljYjM3YmFhMzBlNTY2OTFkYTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCwxkYFOk/RvI80KDXWNuVMzDVpf
4Y04XHaYQKFdMQknAcAIhOygaV8Kp5yXBPid4n9QhQniZ6LNnW/nADgf1xsXU7zp
zhDtilJDvlvYto66L+AT2VX2lzrK99Gul53QXgMO/t2Dz23bZNcE/Qy69gvVWUEA
gWGjAdwUpUsKpes5RhEQ5eBX11uB9uhpN+F/AIzKLTUFlWYmH8qep/n2A5az0ULM
ChoP91+1AK3jjy4w9ib7Tn05BqTzLnxsk5UedQY1Extt0z67UBxtMjY/gq8ZmyrS
E7QCeHONkBfPe1D6h48rCCViHhW1OmkEPTisc06hVil1TfJcxzAubxEZswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGfxJ0WqEX1BLCycs3uqMOVmkdo4MB8GA1UdIwQY
MBaAFPAwZY8W0tiNNBZFkvzU3hMTHxaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOERCbGp4YlMySTAwRmtXU19OVGVFeE1mRnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi82NjkzZTMtODljYS00NGExLWE4YjYt
ODk0ODA1Mjg5Y2MwLzEvWl9FblJhb1JmVUVzTEp5emU2b3c1V2FSMmpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi82NjkzZTMtODljYS00NGExLWE4YjYtODk0ODA1Mjg5Y2Mw
LzEvOERCbGp4YlMySTAwRmtXU19OVGVFeE1mRnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2cRmMA0G
CSqGSIb3DQEBCwUAA4IBAQC18eN/LbWB6qqx7LnSVxPrhg23k3zv3LkdozYMPfVX
7rVtBBm3KLXCWaJJANdPfKV4Iw4/z5TAHVqmI9+rOBMoC56GJP+XW3rKF8DN6ZxP
0l9S0epSl0m144C2sw9qDvggGRqZCsjxMxQw6DQzJOTFhpbNUjNqNUn9JyraPHMl
oHRzQbHsAMdB7wmpkG2MdoGbNWLOVQo4HB3cGTy15B1KifBCsePdcVLZzzMw45vN
FqmT0WbuBx62Ra/xIYOaBire+UPRA/hOXY61IV3lq+n9TDiT+CgaBcuqd8Vx1MpA
V0CiTSKkOq+ZSRe1i8X3hdxOLmY735MMuAuRl+Gw+MVS
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:01 2025 by rpki-client