Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/29accb-9c66-4eaf-8396-6dac96c16bf6/1/ZTMeGn2itPC3npzuORSvUHlIWA4.roa
File: ZTMeGn2itPC3npzuORSvUHlIWA4.roa (raw, json)
Hash identifier: lH9UfWgPI2SpoWJEb7JBPVcOewj6JjZcnZmTyzC30e0=
Subject key identifier: 65:33:1E:1A:7D:A2:B4:F0:B7:9E:9C:EE:39:14:AF:50:79:48:58:0E
Certificate issuer: /CN=d4ddb0e63eddf07369f493ec7d310135adfed94f
Certificate serial: 018CC7256FCFD92469E42904D199F0431ADD
Authority key identifier: D4:DD:B0:E6:3E:DD:F0:73:69:F4:93:EC:7D:31:01:35:AD:FE:D9:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1N2w5j7d8HNp9JPsfTEBNa3-2U8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/29accb-9c66-4eaf-8396-6dac96c16bf6/1/ZTMeGn2itPC3npzuORSvUHlIWA4.roa
Signing time: Mon 01 Jan 2024 22:29:28 +0000
ROA not before: Mon 01 Jan 2024 22:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196695
IP address blocks: 217.28.132.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:6f:cf:d9:24:69:e4:29:04:d1:99:f0:43:1a:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4ddb0e63eddf07369f493ec7d310135adfed94f
Validity
Not Before: Jan 1 22:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=65331e1a7da2b4f0b79e9cee3914af507948580e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:bd:cd:3f:b6:cd:14:09:6b:d4:fd:49:18:fa:
24:b3:07:b3:e1:8c:03:96:c7:a7:ea:c5:45:e0:9d:
e6:76:fb:7a:1b:e6:4e:58:36:04:84:72:fa:aa:43:
9c:40:0e:ad:73:dc:75:21:4b:a9:a0:7b:3c:f0:cb:
3c:be:bb:a7:71:58:5c:f6:ab:96:fc:ce:5f:90:90:
f3:d4:de:bd:00:95:b3:c6:25:a1:72:3b:a3:7f:8b:
dc:a0:b6:a3:79:7d:94:61:bc:e1:0b:49:a5:d0:14:
ad:0a:8c:28:1e:06:23:30:9d:5d:d4:7a:f6:77:e1:
a2:46:8b:b5:e2:15:d1:e8:84:c1:fc:fa:af:4d:f1:
a1:bc:be:70:eb:e9:dc:9e:e7:09:1d:5a:7a:71:fc:
a7:10:49:a4:d7:4f:42:06:54:3a:68:0c:96:95:db:
98:41:5e:7a:7f:2f:80:c4:31:97:0e:d6:77:47:8a:
49:59:8d:79:5e:3b:2d:7d:d2:5b:11:d8:75:90:ce:
28:f2:7d:12:10:0c:7a:ae:d6:eb:1f:82:7b:b6:72:
64:9a:ed:74:d9:83:92:53:93:b0:fe:b1:0e:d7:bb:
5a:7f:1d:27:32:4c:d6:b6:42:ce:dc:5f:c0:1d:82:
86:2f:03:0b:1e:45:5f:ce:53:18:37:aa:e2:0e:a6:
4f:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:33:1E:1A:7D:A2:B4:F0:B7:9E:9C:EE:39:14:AF:50:79:48:58:0E
X509v3 Authority Key Identifier:
keyid:D4:DD:B0:E6:3E:DD:F0:73:69:F4:93:EC:7D:31:01:35:AD:FE:D9:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1N2w5j7d8HNp9JPsfTEBNa3-2U8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/29accb-9c66-4eaf-8396-6dac96c16bf6/1/ZTMeGn2itPC3npzuORSvUHlIWA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/29accb-9c66-4eaf-8396-6dac96c16bf6/1/1N2w5j7d8HNp9JPsfTEBNa3-2U8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.28.132.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:f3:b0:05:45:51:99:41:8c:bb:d9:26:90:c5:57:ee:35:46:
75:1a:62:a9:84:47:e3:c2:32:6d:45:18:98:d0:0a:a9:5e:9b:
e3:97:af:c5:35:29:6d:7c:24:93:f2:ac:8e:28:d0:bd:f1:ab:
2a:20:90:76:5f:4c:26:e5:34:6c:c5:9f:41:b2:6c:1f:3d:a5:
10:69:4a:47:80:d6:17:72:a6:87:a8:73:23:ca:3b:e5:c5:b3:
65:6d:0f:39:35:40:a7:f3:ed:95:f0:5e:ca:26:18:6b:a5:03:
b9:e5:44:38:2d:c5:44:ae:ec:1f:50:60:c7:5e:13:04:01:8a:
88:c5:9b:aa:45:68:f6:e1:c9:a3:80:a4:7f:50:76:19:87:cf:
31:cf:67:12:f9:97:18:3b:8b:9e:8b:e4:12:ec:d7:44:87:25:
3b:92:2a:25:e8:26:5b:45:a7:10:a9:fc:28:5d:50:82:49:39:
1f:1c:d3:e6:7f:f0:f1:fc:a0:45:de:d4:f1:aa:e5:f0:ff:6d:
ef:a4:80:14:72:be:b2:42:11:ef:ff:85:3d:15:af:a0:1c:15:
9b:89:e9:2e:15:83:1f:e3:04:06:42:29:4b:39:0c:b1:0d:9e:
cd:b3:6f:f1:99:9a:31:9c:8c:00:1c:6e:62:87:d1:fe:0a:e5:
ef:8b:f3:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJW/P2SRp5CkE0ZnwQxrdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZGRiMGU2M2VkZGYwNzM2OWY0OTNlYzdkMzEwMTM1YWRm
ZWQ5NGYwHhcNMjQwMTAxMjIyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTMzMWUxYTdkYTJiNGYwYjc5ZTljZWUzOTE0YWY1MDc5NDg1ODBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgb3NP7bNFAlr1P1JGPokswez4YwD
lsen6sVF4J3mdvt6G+ZOWDYEhHL6qkOcQA6tc9x1IUupoHs88Ms8vruncVhc9quW
/M5fkJDz1N69AJWzxiWhcjujf4vcoLajeX2UYbzhC0ml0BStCowoHgYjMJ1d1Hr2
d+GiRou14hXR6ITB/PqvTfGhvL5w6+ncnucJHVp6cfynEEmk109CBlQ6aAyWlduY
QV56fy+AxDGXDtZ3R4pJWY15XjstfdJbEdh1kM4o8n0SEAx6rtbrH4J7tnJkmu10
2YOSU5Ow/rEO17tafx0nMkzWtkLO3F/AHYKGLwMLHkVfzlMYN6riDqZPBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGUzHhp9orTwt56c7jkUr1B5SFgOMB8GA1UdIwQY
MBaAFNTdsOY+3fBzafST7H0xATWt/tlPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU4ydzVqN2Q4SE5wOUpQc2ZURUJOYTMtMlU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8yOWFjY2ItOWM2Ni00ZWFmLTgzOTYt
NmRhYzk2YzE2YmY2LzEvWlRNZUduMml0UEMzbnB6dU9SU3ZVSGxJV0E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8yOWFjY2ItOWM2Ni00ZWFmLTgzOTYtNmRhYzk2YzE2YmY2
LzEvMU4ydzVqN2Q4SE5wOUpQc2ZURUJOYTMtMlU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RyEMA0G
CSqGSIb3DQEBCwUAA4IBAQCO87AFRVGZQYy72SaQxVfuNUZ1GmKphEfjwjJtRRiY
0AqpXpvjl6/FNSltfCST8qyOKNC98asqIJB2X0wm5TRsxZ9BsmwfPaUQaUpHgNYX
cqaHqHMjyjvlxbNlbQ85NUCn8+2V8F7KJhhrpQO55UQ4LcVEruwfUGDHXhMEAYqI
xZuqRWj24cmjgKR/UHYZh88xz2cS+ZcYO4uei+QS7NdEhyU7kiol6CZbRacQqfwo
XVCCSTkfHNPmf/Dx/KBF3tTxquXw/23vpIAUcr6yQhHv/4U9Fa+gHBWbiekuFYMf
4wQGQilLOQyxDZ7Ns2/xmZoxnIwAHG5ih9H+CuXvi/N/
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:35 2025 by rpki-client