Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/a4d97c-214f-4e58-8a1b-9b7ba2515607/1/Z6MK0msb1uCIAiQSAsq83NwnL5o.roa
File: Z6MK0msb1uCIAiQSAsq83NwnL5o.roa (raw, json)
Hash identifier: cZkkArhyo320cap6hlcuAHKeKy6d/Q/kDSFgfYOaNKA=
Subject key identifier: 67:A3:0A:D2:6B:1B:D6:E0:88:02:24:12:02:CA:BC:DC:DC:27:2F:9A
Certificate issuer: /CN=8a6706b33960e1d15fd1770a298e0a555a41a809
Certificate serial: 01857343BE750639293A14089CEB75C30751
Authority key identifier: 8A:67:06:B3:39:60:E1:D1:5F:D1:77:0A:29:8E:0A:55:5A:41:A8:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/imcGszlg4dFf0XcKKY4KVVpBqAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/a4d97c-214f-4e58-8a1b-9b7ba2515607/1/Z6MK0msb1uCIAiQSAsq83NwnL5o.roa
Signing time: Mon 02 Jan 2023 16:14:57 +0000
ROA not before: Mon 02 Jan 2023 16:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209492
IP address blocks: 193.33.40.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:43:be:75:06:39:29:3a:14:08:9c:eb:75:c3:07:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a6706b33960e1d15fd1770a298e0a555a41a809
Validity
Not Before: Jan 2 16:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67a30ad26b1bd6e08802241202cabcdcdc272f9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:8d:6e:9e:a8:b6:0c:c5:f3:e5:bf:75:10:13:
14:99:aa:b5:ad:27:09:02:e8:88:81:37:39:2e:74:
fc:44:16:8c:d5:30:b9:7c:74:49:12:6d:fd:42:9c:
51:0e:8d:2c:a6:32:aa:be:c3:ee:29:89:94:e2:e9:
5b:9f:16:41:d5:15:21:32:62:89:37:87:f0:99:95:
0b:a0:da:70:0c:41:55:8d:aa:cb:77:cd:cc:57:21:
52:74:f2:e2:73:25:ce:23:a6:62:77:bb:21:b5:1d:
a4:85:b1:f8:db:91:5d:1a:2b:14:44:76:52:f3:64:
72:d3:52:20:6e:64:21:d4:85:4f:6d:c4:dd:59:9d:
94:7f:f3:5a:62:8b:c1:12:f5:fd:43:61:c2:73:4f:
68:af:33:a5:fb:87:94:86:4c:1a:57:fc:4f:a5:12:
fa:88:90:1b:f4:e1:47:44:34:e3:00:de:be:c6:db:
ee:ed:b4:27:04:49:b9:d4:3c:33:ed:09:4e:8d:31:
83:30:82:2f:4f:0c:df:76:87:e4:c6:23:51:1f:d5:
c1:f1:1b:97:f1:ae:7b:b2:dc:3f:9e:ed:c3:19:c6:
6c:b6:53:94:d4:86:7b:c9:3a:cd:31:1f:27:53:24:
bf:f4:ef:8a:87:04:13:f1:00:14:41:71:01:86:a6:
89:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:A3:0A:D2:6B:1B:D6:E0:88:02:24:12:02:CA:BC:DC:DC:27:2F:9A
X509v3 Authority Key Identifier:
keyid:8A:67:06:B3:39:60:E1:D1:5F:D1:77:0A:29:8E:0A:55:5A:41:A8:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/imcGszlg4dFf0XcKKY4KVVpBqAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/a4d97c-214f-4e58-8a1b-9b7ba2515607/1/Z6MK0msb1uCIAiQSAsq83NwnL5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/a4d97c-214f-4e58-8a1b-9b7ba2515607/1/imcGszlg4dFf0XcKKY4KVVpBqAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.33.40.0/23
Signature Algorithm: sha256WithRSAEncryption
85:e6:3c:5b:f7:ab:15:7d:68:0e:2a:c5:34:35:a5:cc:e4:32:
7b:23:d7:d6:5f:98:c9:07:40:0f:60:d7:a8:57:ba:e9:0d:cc:
5f:52:8e:89:5f:af:8a:9c:4c:17:93:c2:9a:77:20:19:19:2c:
d2:d1:d5:f1:a4:2b:05:24:ca:6b:1e:12:f1:13:a8:fb:f8:28:
5f:c7:eb:67:48:7f:10:a8:98:c5:f0:4d:bd:3f:19:36:1b:5d:
38:79:49:c5:f6:b0:a2:cd:f4:15:cd:b0:b1:ca:35:a4:92:ad:
11:c0:30:4b:b5:6d:55:14:90:51:1b:40:62:b0:68:9f:ea:3e:
5b:6c:68:23:77:65:ff:8b:a1:19:2b:45:5a:94:fe:16:45:bb:
27:da:6d:ed:6b:98:f1:57:c5:78:7d:b9:9d:1f:b8:02:4a:36:
78:32:2b:98:f1:be:37:5f:b4:46:b6:82:86:8c:ad:2f:e9:96:
d8:c2:fa:54:d4:6b:30:5b:8a:6d:cc:2a:1f:6d:25:4e:e4:8a:
73:80:0d:c4:f9:4c:ee:0d:29:bc:3f:ee:c2:b6:30:08:02:ea:
e4:7d:fd:97:d5:e6:58:5e:e4:31:61:13:85:6d:43:3b:0b:51:
23:16:96:f8:a5:e3:e0:94:6a:ee:b2:6f:49:16:6b:62:49:f9:
b4:53:c7:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzQ751BjkpOhQInOt1wwdRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNjcwNmIzMzk2MGUxZDE1ZmQxNzcwYTI5OGUwYTU1NWE0
MWE4MDkwHhcNMjMwMTAyMTYxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2EzMGFkMjZiMWJkNmUwODgwMjI0MTIwMmNhYmNkY2RjMjcyZjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq41unqi2DMXz5b91EBMUmaq1rScJ
AuiIgTc5LnT8RBaM1TC5fHRJEm39QpxRDo0spjKqvsPuKYmU4ulbnxZB1RUhMmKJ
N4fwmZULoNpwDEFVjarLd83MVyFSdPLicyXOI6Zid7shtR2khbH425FdGisURHZS
82Ry01IgbmQh1IVPbcTdWZ2Uf/NaYovBEvX9Q2HCc09orzOl+4eUhkwaV/xPpRL6
iJAb9OFHRDTjAN6+xtvu7bQnBEm51Dwz7QlOjTGDMIIvTwzfdofkxiNRH9XB8RuX
8a57stw/nu3DGcZstlOU1IZ7yTrNMR8nUyS/9O+KhwQT8QAUQXEBhqaJnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGejCtJrG9bgiAIkEgLKvNzcJy+aMB8GA1UdIwQY
MBaAFIpnBrM5YOHRX9F3CimOClVaQagJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW1jR3N6bGc0ZEZmMFhjS0tZNEtWVnBCcUFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9hNGQ5N2MtMjE0Zi00ZTU4LThhMWIt
OWI3YmEyNTE1NjA3LzEvWjZNSzBtc2IxdUNJQWlRU0FzcTgzTnduTDVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9hNGQ5N2MtMjE0Zi00ZTU4LThhMWItOWI3YmEyNTE1NjA3
LzEvaW1jR3N6bGc0ZEZmMFhjS0tZNEtWVnBCcUFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwSEoMA0G
CSqGSIb3DQEBCwUAA4IBAQCF5jxb96sVfWgOKsU0NaXM5DJ7I9fWX5jJB0APYNeo
V7rpDcxfUo6JX6+KnEwXk8KadyAZGSzS0dXxpCsFJMprHhLxE6j7+Chfx+tnSH8Q
qJjF8E29Pxk2G104eUnF9rCizfQVzbCxyjWkkq0RwDBLtW1VFJBRG0BisGif6j5b
bGgjd2X/i6EZK0ValP4WRbsn2m3ta5jxV8V4fbmdH7gCSjZ4MiuY8b43X7RGtoKG
jK0v6ZbYwvpU1GswW4ptzCofbSVO5IpzgA3E+UzuDSm8P+7CtjAIAurkff2X1eZY
XuQxYROFbUM7C1EjFpb4pePglGrusm9JFmtiSfm0U8d0
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:15:01 2025 by rpki-client