Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/CkZ69X0rDFwO6xJ5bVLy85vXIys.roa
File: CkZ69X0rDFwO6xJ5bVLy85vXIys.roa (raw, json)
Hash identifier: gULCZ8VgICmjQ+d0noVWIoV5Uj88NpwYbmz3Al8pPSc=
Subject key identifier: 0A:46:7A:F5:7D:2B:0C:5C:0E:EB:12:79:6D:52:F2:F3:9B:D7:23:2B
Certificate issuer: /CN=dc7821e1bcbf6e074ea4814aaa5c63e3ba813c5f
Certificate serial: 0187EAC4170A9FD4A9898AA1407A22E0F139
Authority key identifier: DC:78:21:E1:BC:BF:6E:07:4E:A4:81:4A:AA:5C:63:E3:BA:81:3C:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Hgh4by_bgdOpIFKqlxj47qBPF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/CkZ69X0rDFwO6xJ5bVLy85vXIys.roa
Signing time: Fri 05 May 2023 07:15:32 +0000
ROA not before: Fri 05 May 2023 07:15:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35577
IP address blocks: 193.33.33.0/24 maxlen: 24
194.117.234.0/24 maxlen: 24
194.117.235.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ea:c4:17:0a:9f:d4:a9:89:8a:a1:40:7a:22:e0:f1:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc7821e1bcbf6e074ea4814aaa5c63e3ba813c5f
Validity
Not Before: May 5 07:15:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a467af57d2b0c5c0eeb12796d52f2f39bd7232b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e1:26:7f:f2:71:e1:89:ee:04:bc:5d:3d:da:
02:d6:ce:23:f3:86:c5:a7:90:f3:9b:d8:e0:ca:03:
92:24:77:ad:5e:2d:3b:e4:66:a1:d5:db:0e:d5:2b:
73:37:02:ae:bd:d3:74:61:80:b2:ef:31:c6:a3:57:
0a:fe:04:5b:70:60:8a:23:c6:f9:1f:e6:db:51:7e:
c2:da:04:61:b4:25:e5:76:85:19:0b:29:3b:26:77:
94:83:50:25:13:cf:09:f8:01:96:4b:75:9e:60:78:
de:3c:81:95:7e:ba:84:fd:73:82:65:33:1c:ea:b0:
4b:38:f7:63:27:2f:b3:a4:43:14:d1:ff:39:bf:6c:
dc:0e:33:87:18:8b:88:b8:a2:38:99:ed:33:ca:c2:
13:4d:86:45:41:a8:93:c1:11:09:ad:03:75:a3:68:
15:12:9d:c2:fa:b7:12:6a:de:ea:72:66:ae:da:86:
81:a1:1e:b9:ed:5c:be:88:2b:28:b6:78:df:22:46:
4f:b4:89:02:49:a2:d6:7d:c9:85:03:fb:d3:7b:2e:
3b:d5:e6:45:06:6b:a5:10:f8:fd:c8:bd:d9:bf:ad:
43:42:d9:a7:2b:31:11:51:81:d1:be:7b:1b:0a:f2:
b5:98:44:ba:4a:a8:49:74:34:67:ed:c3:37:0d:10:
bb:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:46:7A:F5:7D:2B:0C:5C:0E:EB:12:79:6D:52:F2:F3:9B:D7:23:2B
X509v3 Authority Key Identifier:
keyid:DC:78:21:E1:BC:BF:6E:07:4E:A4:81:4A:AA:5C:63:E3:BA:81:3C:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Hgh4by_bgdOpIFKqlxj47qBPF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/CkZ69X0rDFwO6xJ5bVLy85vXIys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/3Hgh4by_bgdOpIFKqlxj47qBPF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.33.33.0/24
194.117.234.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:32:a9:73:c5:3c:bd:00:7d:97:24:ee:0c:2f:b0:de:7b:b4:
c5:3f:a2:57:8f:a3:52:47:bd:20:44:b8:b5:4c:80:aa:56:5d:
20:61:f1:6c:a1:c6:e1:fa:82:50:0a:66:e5:d8:93:81:0b:6a:
72:d9:ac:2d:fa:2b:cb:ba:a9:3a:60:b3:91:78:ca:ee:12:3b:
d5:c1:91:f9:e1:38:fb:37:fd:e1:3b:8c:a0:bc:8a:04:2e:fc:
8b:d6:8d:cd:d3:1d:95:5d:b6:3b:83:1b:b7:1a:52:2b:61:6a:
9d:8b:1e:7b:9d:4d:a8:43:a9:de:a4:b5:07:b5:97:82:b4:8f:
bc:ba:cc:54:9b:4b:28:80:9a:2e:38:8f:69:81:f1:a6:ea:f7:
14:11:3a:83:05:3f:c2:76:73:7c:30:47:e4:42:c9:12:86:b3:
99:a9:70:db:7a:1e:9b:c0:9e:eb:c6:a2:74:d2:b4:46:50:57:
bb:41:37:e9:94:dd:cd:36:3f:7b:51:82:33:c0:a0:18:4a:fe:
94:22:01:49:cc:93:ca:dc:f1:94:13:03:fb:c9:b2:8b:92:b8:
e3:f0:b6:c1:5f:5b:a0:6e:c6:8b:93:33:73:8b:fb:29:fa:0c:
56:b3:43:b6:30:ee:d1:74:a9:66:5f:02:25:bc:43:5d:d8:3f:
b1:70:0e:e9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYfqxBcKn9SpiYqhQHoi4PE5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzgyMWUxYmNiZjZlMDc0ZWE0ODE0YWFhNWM2M2UzYmE4
MTNjNWYwHhcNMjMwNTA1MDcxNTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTQ2N2FmNTdkMmIwYzVjMGVlYjEyNzk2ZDUyZjJmMzliZDcyMzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteEmf/Jx4YnuBLxdPdoC1s4j84bF
p5Dzm9jgygOSJHetXi075Gah1dsO1StzNwKuvdN0YYCy7zHGo1cK/gRbcGCKI8b5
H+bbUX7C2gRhtCXldoUZCyk7JneUg1AlE88J+AGWS3WeYHjePIGVfrqE/XOCZTMc
6rBLOPdjJy+zpEMU0f85v2zcDjOHGIuIuKI4me0zysITTYZFQaiTwREJrQN1o2gV
Ep3C+rcSat7qcmau2oaBoR657Vy+iCsotnjfIkZPtIkCSaLWfcmFA/vTey471eZF
BmulEPj9yL3Zv61DQtmnKzERUYHRvnsbCvK1mES6SqhJdDRn7cM3DRC7twIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFApGevV9KwxcDusSeW1S8vOb1yMrMB8GA1UdIwQY
MBaAFNx4IeG8v24HTqSBSqpcY+O6gTxfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hnaDRieV9iZ2RPcElGS3FseGo0N3FCUEY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC85ZGFmZjQtZjE1OC00ODBmLWI0MWYt
ZDQ4YjQyZWYxNTliLzEvQ2taNjlYMHJERndPNnhKNWJWTHk4NXZYSXlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC85ZGFmZjQtZjE1OC00ODBmLWI0MWYtZDQ4YjQyZWYxNTli
LzEvM0hnaDRieV9iZ2RPcElGS3FseGo0N3FCUEY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwSEhAwQB
wnXqMA0GCSqGSIb3DQEBCwUAA4IBAQBNMqlzxTy9AH2XJO4ML7Dee7TFP6JXj6NS
R70gRLi1TICqVl0gYfFsocbh+oJQCmbl2JOBC2py2awt+ivLuqk6YLOReMruEjvV
wZH54Tj7N/3hO4ygvIoELvyL1o3N0x2VXbY7gxu3GlIrYWqdix57nU2oQ6nepLUH
tZeCtI+8usxUm0sogJouOI9pgfGm6vcUETqDBT/CdnN8MEfkQskShrOZqXDbeh6b
wJ7rxqJ00rRGUFe7QTfplN3NNj97UYIzwKAYSv6UIgFJzJPK3PGUEwP7ybKLkrjj
8LbBX1ugbsaLkzNzi/sp+gxWs0O2MO7RdKlmXwIlvENd2D+xcA7p
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:23:50 2025 by rpki-client