Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/3f15c6-ff66-4726-afc9-45756a330545/1/bzGZ7UeMifr3Zz0omW9BaL6_rtg.roa
File: bzGZ7UeMifr3Zz0omW9BaL6_rtg.roa (raw, json)
Hash identifier: iwF2Jyk3RyXdQRqLrbLsrwtdMu4ZSFXPTqbHOxVkCzk=
Subject key identifier: 6F:31:99:ED:47:8C:89:FA:F7:67:3D:28:99:6F:41:68:BE:BF:AE:D8
Certificate issuer: /CN=52fd49cf2093015efa9eb70ae781434117171101
Certificate serial: 018ED795787C490F316ECB6A55C8704A0562
Authority key identifier: 52:FD:49:CF:20:93:01:5E:FA:9E:B7:0A:E7:81:43:41:17:17:11:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uv1JzyCTAV76nrcK54FDQRcXEQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/3f15c6-ff66-4726-afc9-45756a330545/1/bzGZ7UeMifr3Zz0omW9BaL6_rtg.roa
Signing time: Sat 13 Apr 2024 13:11:20 +0000
ROA not before: Sat 13 Apr 2024 13:11:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20668
IP address blocks: 193.164.143.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d7:95:78:7c:49:0f:31:6e:cb:6a:55:c8:70:4a:05:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52fd49cf2093015efa9eb70ae781434117171101
Validity
Not Before: Apr 13 13:11:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f3199ed478c89faf7673d28996f4168bebfaed8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:47:c0:d3:c1:45:13:da:96:b0:8a:0f:37:94:
c4:4b:13:87:69:f0:c8:f4:47:e7:3a:5f:15:93:4f:
73:2c:80:b0:1d:5c:ad:ba:4b:5d:72:4d:05:6d:ea:
e8:c7:44:37:f9:e2:5d:05:04:ee:84:cb:ad:7b:b3:
56:ab:db:29:e2:34:b0:cf:9e:5c:7e:85:99:09:fb:
ca:72:94:29:e8:56:7a:e2:75:08:9a:cb:11:aa:df:
63:e5:c5:5d:a2:f7:28:37:50:2a:fa:cf:47:37:a6:
45:2f:65:fc:66:7c:ad:d8:18:08:75:e4:90:ba:60:
3e:7e:c0:fb:e0:c9:39:06:44:4d:ee:9b:1c:60:ac:
14:cd:b4:4d:33:6a:73:bc:2a:57:83:fe:1f:8c:36:
44:6d:c7:5e:98:c3:fb:79:53:e1:11:58:6e:27:0a:
03:3e:f9:24:2f:35:28:c3:5b:50:cf:4c:a9:2f:99:
8f:f2:49:32:8b:0e:f3:b6:e9:07:bc:da:7d:80:bd:
f9:ea:bb:30:d6:77:1f:0d:50:91:a2:18:49:b2:dc:
27:89:fb:6e:d1:6f:9a:e0:bc:e8:f4:f7:a3:86:bd:
ed:d0:31:9b:7f:79:87:3a:3b:5a:1a:50:16:e1:87:
44:ab:84:65:5e:09:fe:b7:73:56:81:28:46:ae:dd:
e6:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:31:99:ED:47:8C:89:FA:F7:67:3D:28:99:6F:41:68:BE:BF:AE:D8
X509v3 Authority Key Identifier:
keyid:52:FD:49:CF:20:93:01:5E:FA:9E:B7:0A:E7:81:43:41:17:17:11:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uv1JzyCTAV76nrcK54FDQRcXEQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/3f15c6-ff66-4726-afc9-45756a330545/1/bzGZ7UeMifr3Zz0omW9BaL6_rtg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/3f15c6-ff66-4726-afc9-45756a330545/1/Uv1JzyCTAV76nrcK54FDQRcXEQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.164.143.0/24
Signature Algorithm: sha256WithRSAEncryption
cb:d2:e6:35:c6:bb:0d:87:d1:51:7b:b9:bd:f4:94:b3:23:11:
bb:7a:13:51:8e:43:4b:75:48:ea:38:a5:49:a0:83:98:cb:16:
64:b3:2a:52:d5:96:5b:64:52:12:80:fd:b4:bd:cc:e9:21:04:
11:70:2c:ab:e2:af:9e:2f:fe:06:76:13:3c:fb:a6:58:ec:71:
e0:1e:e9:0a:5d:c2:c3:28:ab:a2:da:95:93:67:3b:37:83:0e:
11:00:b3:d7:b1:6d:3a:14:7c:ea:69:8a:26:84:f5:ed:a8:82:
35:b5:82:fd:55:1a:af:a3:3d:4d:23:da:37:79:8b:9f:94:9b:
fe:ff:2e:0b:31:21:02:8a:29:2f:f6:16:69:b6:ba:70:12:23:
06:f5:97:de:1d:de:3f:7e:ed:54:7e:f4:fa:9a:76:b1:c7:70:
4c:99:92:25:9b:d1:ff:65:be:4f:92:78:4d:94:a9:9c:4c:e0:
49:5d:44:c3:63:5c:6b:d8:9a:f0:f5:61:e2:06:c4:c6:c0:e7:
49:76:ff:09:6b:7e:fb:c5:7f:e1:15:35:65:fa:f7:cf:13:98:
51:be:72:88:ce:e9:f1:99:12:9b:33:61:2a:11:0a:a0:ec:a9:
d6:a4:da:6b:dc:22:39:81:c2:13:3c:15:f5:a8:05:0a:ae:35:
7c:4f:da:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7XlXh8SQ8xbstqVchwSgViMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZmQ0OWNmMjA5MzAxNWVmYTllYjcwYWU3ODE0MzQxMTcx
NzExMDEwHhcNMjQwNDEzMTMxMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjMxOTllZDQ3OGM4OWZhZjc2NzNkMjg5OTZmNDE2OGJlYmZhZWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0fA08FFE9qWsIoPN5TESxOHafDI
9EfnOl8Vk09zLICwHVytuktdck0Fberox0Q3+eJdBQTuhMute7NWq9sp4jSwz55c
foWZCfvKcpQp6FZ64nUImssRqt9j5cVdovcoN1Aq+s9HN6ZFL2X8Znyt2BgIdeSQ
umA+fsD74Mk5BkRN7pscYKwUzbRNM2pzvCpXg/4fjDZEbcdemMP7eVPhEVhuJwoD
PvkkLzUow1tQz0ypL5mP8kkyiw7ztukHvNp9gL356rsw1ncfDVCRohhJstwniftu
0W+a4Lzo9Pejhr3t0DGbf3mHOjtaGlAW4YdEq4RlXgn+t3NWgShGrt3mPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG8xme1HjIn692c9KJlvQWi+v67YMB8GA1UdIwQY
MBaAFFL9Sc8gkwFe+p63CueBQ0EXFxEBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXYxSnp5Q1RBVjc2bnJjSzU0RkRRUmNYRVFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8zZjE1YzYtZmY2Ni00NzI2LWFmYzkt
NDU3NTZhMzMwNTQ1LzEvYnpHWjdVZU1pZnIzWnowb21XOUJhTDZfcnRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8zZjE1YzYtZmY2Ni00NzI2LWFmYzktNDU3NTZhMzMwNTQ1
LzEvVXYxSnp5Q1RBVjc2bnJjSzU0RkRRUmNYRVFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwaSPMA0G
CSqGSIb3DQEBCwUAA4IBAQDL0uY1xrsNh9FRe7m99JSzIxG7ehNRjkNLdUjqOKVJ
oIOYyxZksypS1ZZbZFISgP20vczpIQQRcCyr4q+eL/4GdhM8+6ZY7HHgHukKXcLD
KKui2pWTZzs3gw4RALPXsW06FHzqaYomhPXtqII1tYL9VRqvoz1NI9o3eYuflJv+
/y4LMSECiikv9hZptrpwEiMG9ZfeHd4/fu1UfvT6mnaxx3BMmZIlm9H/Zb5PknhN
lKmcTOBJXUTDY1xr2Jrw9WHiBsTGwOdJdv8Ja377xX/hFTVl+vfPE5hRvnKIzunx
mRKbM2EqEQqg7KnWpNpr3CI5gcITPBX1qAUKrjV8T9rY
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:46:28 2025 by rpki-client