Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/696f99-f411-4e2e-b26a-4cae54191cd5/1/z3XgDaOZINpf3tLXkIZCK8CjWC4.roa
File: z3XgDaOZINpf3tLXkIZCK8CjWC4.roa (raw, json)
Hash identifier: 4TcxueewH2zuh6sp1vmzfIRwh2jxywrPeQucKDERM+o=
Subject key identifier: CF:75:E0:0D:A3:99:20:DA:5F:DE:D2:D7:90:86:42:2B:C0:A3:58:2E
Certificate issuer: /CN=b80737ce1cfbe6533b5880b66ea9e2413cd9c825
Certificate serial: 018341819942FCC220DC5BDA73D11054E156
Authority key identifier: B8:07:37:CE:1C:FB:E6:53:3B:58:80:B6:6E:A9:E2:41:3C:D9:C8:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAc3zhz75lM7WIC2bqniQTzZyCU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/696f99-f411-4e2e-b26a-4cae54191cd5/1/z3XgDaOZINpf3tLXkIZCK8CjWC4.roa
Signing time: Thu 15 Sep 2022 14:15:55 +0000
ROA not before: Thu 15 Sep 2022 14:15:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33943
IP address blocks: 84.19.64.0/19 maxlen: 19
2a0a:8380::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:41:81:99:42:fc:c2:20:dc:5b:da:73:d1:10:54:e1:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b80737ce1cfbe6533b5880b66ea9e2413cd9c825
Validity
Not Before: Sep 15 14:15:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cf75e00da39920da5fded2d79086422bc0a3582e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:2a:41:2d:57:8f:e6:ad:9b:64:5f:13:cf:18:
8e:24:0c:d2:c2:04:8d:0c:ae:b5:62:36:b4:80:7a:
0a:03:0c:36:f5:63:0f:6f:f8:9d:8c:ae:67:94:65:
bd:56:91:1f:52:8d:8b:b6:b6:5a:3d:3c:fd:a4:9a:
ff:3b:98:dc:39:7e:ee:3b:2f:ac:e5:ef:b7:8a:50:
78:03:41:02:17:a2:c9:7e:f6:cc:89:ed:91:be:8d:
4b:eb:65:54:82:26:84:f3:4f:c9:15:86:d6:aa:fb:
fd:bb:b1:a0:3a:a4:93:f6:eb:30:ff:50:20:97:f9:
10:2b:70:76:76:f9:f4:3e:6d:5c:e3:81:9e:5d:69:
73:e3:43:46:f6:76:77:64:11:5e:5f:d7:26:78:41:
a3:d7:ed:b8:ab:22:5d:44:98:9a:e2:d6:2a:8d:10:
ea:57:77:e3:21:f5:d4:4f:5b:d8:b2:31:5a:c6:31:
37:f2:c5:76:e8:7e:eb:c8:d5:b8:af:64:30:6c:50:
67:50:ed:69:66:40:85:3d:63:fa:fd:39:7b:68:45:
ae:a1:f0:8b:dc:69:d4:a5:4f:de:39:92:e0:93:5c:
2b:fc:a9:95:4a:b6:76:42:64:32:c2:29:6b:35:33:
65:a6:df:de:8f:0e:a0:36:c8:7c:a1:1f:d2:ef:c9:
8a:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:75:E0:0D:A3:99:20:DA:5F:DE:D2:D7:90:86:42:2B:C0:A3:58:2E
X509v3 Authority Key Identifier:
keyid:B8:07:37:CE:1C:FB:E6:53:3B:58:80:B6:6E:A9:E2:41:3C:D9:C8:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAc3zhz75lM7WIC2bqniQTzZyCU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/696f99-f411-4e2e-b26a-4cae54191cd5/1/z3XgDaOZINpf3tLXkIZCK8CjWC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/696f99-f411-4e2e-b26a-4cae54191cd5/1/uAc3zhz75lM7WIC2bqniQTzZyCU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.19.64.0/19
IPv6:
2a0a:8380::/29
Signature Algorithm: sha256WithRSAEncryption
53:a7:2f:8f:a7:cb:5e:1d:6f:55:82:e2:d8:28:9d:5a:1a:5c:
c2:a4:7f:ea:bd:8b:07:3d:76:93:93:55:51:11:4f:69:56:43:
76:fd:18:62:f0:8c:42:a7:17:1f:cc:4d:33:75:93:d3:23:97:
af:2a:eb:67:d4:1e:18:36:4f:74:50:a7:bb:8d:38:95:62:8e:
1e:4c:ac:88:3a:89:ee:13:be:e7:fe:e6:d1:a5:de:9d:01:0b:
dd:b4:d7:8f:ca:29:71:f1:b8:c0:53:8e:15:c3:a3:20:c7:f1:
91:90:55:b6:97:a6:57:79:06:dd:59:67:ff:31:36:9c:96:97:
aa:95:f6:be:d6:9f:da:bb:62:d6:a1:f6:f4:3f:21:6b:f4:7f:
bc:d5:9c:c9:b9:a6:34:e2:e1:e9:b2:7f:65:d4:ce:1e:19:30:
67:16:78:6d:4d:85:19:6f:0d:4e:d2:01:ed:a2:3b:7e:24:6c:
9d:1d:94:01:e9:65:ea:19:f9:a9:a3:2f:f2:bf:ba:f2:e4:dc:
a4:b4:8a:7c:42:1c:84:50:52:81:49:7e:25:ea:39:d8:17:06:
5e:20:e9:09:11:dd:dd:ee:90:8f:56:23:8c:71:92:0f:d3:ce:
12:3e:14:3d:fe:0a:08:7b:9f:f3:42:00:d8:be:9e:50:a8:f2:
73:82:28:aa
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYNBgZlC/MIg3Fvac9EQVOFWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDczN2NlMWNmYmU2NTMzYjU4ODBiNjZlYTllMjQxM2Nk
OWM4MjUwHhcNMjIwOTE1MTQxNTU1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjc1ZTAwZGEzOTkyMGRhNWZkZWQyZDc5MDg2NDIyYmMwYTM1ODJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSpBLVeP5q2bZF8TzxiOJAzSwgSN
DK61Yja0gHoKAww29WMPb/idjK5nlGW9VpEfUo2LtrZaPTz9pJr/O5jcOX7uOy+s
5e+3ilB4A0ECF6LJfvbMie2Rvo1L62VUgiaE80/JFYbWqvv9u7GgOqST9usw/1Ag
l/kQK3B2dvn0Pm1c44GeXWlz40NG9nZ3ZBFeX9cmeEGj1+24qyJdRJia4tYqjRDq
V3fjIfXUT1vYsjFaxjE38sV26H7ryNW4r2QwbFBnUO1pZkCFPWP6/Tl7aEWuofCL
3GnUpU/eOZLgk1wr/KmVSrZ2QmQywilrNTNlpt/ejw6gNsh8oR/S78mKyQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFM914A2jmSDaX97S15CGQivAo1guMB8GA1UdIwQY
MBaAFLgHN84c++ZTO1iAtm6p4kE82cglMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFjM3poejc1bE03V0lDMmJxbmlRVHpaeUNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS82OTZmOTktZjQxMS00ZTJlLWIyNmEt
NGNhZTU0MTkxY2Q1LzEvejNYZ0RhT1pJTnBmM3RMWGtJWkNLOENqV0M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS82OTZmOTktZjQxMS00ZTJlLWIyNmEtNGNhZTU0MTkxY2Q1
LzEvdUFjM3poejc1bE03V0lDMmJxbmlRVHpaeUNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFVBNAMA0E
AgACMAcDBQMqCoOAMA0GCSqGSIb3DQEBCwUAA4IBAQBTpy+Pp8teHW9VguLYKJ1a
GlzCpH/qvYsHPXaTk1VREU9pVkN2/Rhi8IxCpxcfzE0zdZPTI5evKutn1B4YNk90
UKe7jTiVYo4eTKyIOonuE77n/ubRpd6dAQvdtNePyilx8bjAU44Vw6Mgx/GRkFW2
l6ZXeQbdWWf/MTaclpeqlfa+1p/au2LWofb0PyFr9H+81ZzJuaY04uHpsn9l1M4e
GTBnFnhtTYUZbw1O0gHtojt+JGydHZQB6WXqGfmpoy/yv7ry5NyktIp8QhyEUFKB
SX4l6jnYFwZeIOkJEd3d7pCPViOMcZIP084SPhQ9/goIe5/zQgDYvp5QqPJzgiiq
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:40:50 2025 by rpki-client