Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/ZS9A90jBDC6ToLvW2J7HZx3EtR0.roa
File: ZS9A90jBDC6ToLvW2J7HZx3EtR0.roa (raw, json)
Hash identifier: VUcHV0KW93cVvZqwWzyEx/lNAZTJbVg6bgHxbw5SkhA=
Subject key identifier: 65:2F:40:F7:48:C1:0C:2E:93:A0:BB:D6:D8:9E:C7:67:1D:C4:B5:1D
Certificate issuer: /CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Certificate serial: 018EEE544CCC8DA054F149AD6B0FA1DA0C9E
Authority key identifier: 40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/ZS9A90jBDC6ToLvW2J7HZx3EtR0.roa
Signing time: Wed 17 Apr 2024 23:11:25 +0000
ROA not before: Wed 17 Apr 2024 23:11:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ee:54:4c:cc:8d:a0:54:f1:49:ad:6b:0f:a1:da:0c:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Validity
Not Before: Apr 17 23:11:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=652f40f748c10c2e93a0bbd6d89ec7671dc4b51d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b7:1f:a6:1f:ab:4b:0f:dc:4d:92:a4:b7:8b:
e3:9a:6e:0d:60:a1:17:59:c2:b4:6a:fe:78:62:3b:
30:69:d4:97:49:5d:ac:0d:22:2b:cf:26:c8:dc:6a:
d7:8b:68:6b:a0:db:19:da:29:f0:49:86:0b:21:b3:
0c:cc:d1:b9:ab:20:56:81:40:d0:7c:ce:69:07:37:
46:7a:13:70:98:f1:3f:b8:61:58:84:5c:a5:88:fc:
bd:bd:2f:17:25:7b:15:bc:f2:89:bf:22:19:60:03:
9f:9c:81:15:4d:82:dd:4d:d9:80:d1:26:2d:ed:2d:
52:58:2f:a7:ab:ed:cc:d8:3f:79:10:20:6d:a4:6e:
a2:b7:7c:e1:68:f5:bc:60:dc:18:00:8b:e5:36:84:
06:ee:b2:b2:00:64:fb:f1:ca:eb:74:d0:be:fd:f5:
39:55:32:2f:0c:5c:c1:d6:8d:08:74:22:f3:09:93:
b8:6e:05:c6:ea:83:77:00:49:f8:7a:ad:a7:9c:6f:
60:1f:88:72:11:fa:01:f5:ae:67:2a:88:f4:63:d9:
ef:9e:28:af:24:54:8a:28:82:0a:93:0b:97:75:9d:
5c:0e:80:47:e3:89:0a:56:74:b8:6b:b1:54:e9:82:
5d:b1:5c:a9:aa:ca:5b:38:32:84:05:91:10:a2:4e:
0f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:2F:40:F7:48:C1:0C:2E:93:A0:BB:D6:D8:9E:C7:67:1D:C4:B5:1D
X509v3 Authority Key Identifier:
keyid:40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/ZS9A90jBDC6ToLvW2J7HZx3EtR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0f:3f:95:a1:8c:c6:10:e7:31:c8:6f:5a:97:d2:6c:81:46:61:
bd:44:b4:cf:aa:db:40:36:3d:72:8a:c9:cd:96:92:99:5e:a3:
a1:cc:37:49:16:6b:07:55:af:a1:a3:e1:ed:60:31:e9:7d:9c:
3b:27:3e:97:2d:4c:81:40:b0:60:c3:ad:91:b0:f9:a2:21:98:
da:e8:fe:83:fd:25:1b:c3:1b:74:80:3e:4d:0d:25:f6:3a:90:
12:3c:5d:6a:d7:a7:57:45:ef:51:85:a2:38:a8:14:4d:79:2f:
9f:d0:e8:bf:3e:39:3b:f0:ec:58:73:55:59:d9:8e:43:4a:79:
07:66:39:79:72:3d:9f:a4:c7:02:eb:9d:13:50:71:51:85:d3:
68:3f:78:09:a9:e6:d6:7f:81:22:df:0c:ed:02:f7:5d:08:10:
e6:b7:dc:2e:00:55:87:20:13:05:b7:5b:b5:9e:bb:06:04:7f:
97:54:39:8b:aa:20:0a:0d:95:cb:e2:36:e2:8e:9b:8d:db:22:
f3:57:80:a3:ea:b2:58:26:b1:d9:ed:21:3b:8a:1b:dd:82:75:
05:6e:b1:c3:ae:8a:fa:c8:75:b4:84:36:8e:ca:86:9c:75:f8:
11:e8:ef:33:e9:1f:b7:00:8f:8d:57:66:71:ad:96:9c:89:a3:
c0:a9:fd:89
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7uVEzMjaBU8Umtaw+h2gyeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYjEzMmMxN2U1OThmMTFiNmExMGY0MmVmM2JjZTk2MWUx
OGU4ZWYwHhcNMjQwNDE3MjMxMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTJmNDBmNzQ4YzEwYzJlOTNhMGJiZDZkODllYzc2NzFkYzRiNTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprcfph+rSw/cTZKkt4vjmm4NYKEX
WcK0av54YjswadSXSV2sDSIrzybI3GrXi2hroNsZ2inwSYYLIbMMzNG5qyBWgUDQ
fM5pBzdGehNwmPE/uGFYhFyliPy9vS8XJXsVvPKJvyIZYAOfnIEVTYLdTdmA0SYt
7S1SWC+nq+3M2D95ECBtpG6it3zhaPW8YNwYAIvlNoQG7rKyAGT78crrdNC+/fU5
VTIvDFzB1o0IdCLzCZO4bgXG6oN3AEn4eq2nnG9gH4hyEfoB9a5nKoj0Y9nvniiv
JFSKKIIKkwuXdZ1cDoBH44kKVnS4a7FU6YJdsVypqspbODKEBZEQok4PMQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGUvQPdIwQwuk6C71tiex2cdxLUdMB8GA1UdIwQY
MBaAFECxMsF+WY8RtqEPQu87zpYeGOjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzIt
OGM4ZWJmNTg4OWRhLzEvWlM5QTkwakJEQzZUb0x2VzJKN0haeDNFdFIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzItOGM4ZWJmNTg4OWRh
LzEvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA8/laGMxhDnMchvWpfS
bIFGYb1EtM+q20A2PXKKyc2Wkpleo6HMN0kWawdVr6Gj4e1gMel9nDsnPpctTIFA
sGDDrZGw+aIhmNro/oP9JRvDG3SAPk0NJfY6kBI8XWrXp1dF71GFojioFE15L5/Q
6L8+OTvw7FhzVVnZjkNKeQdmOXlyPZ+kxwLrnRNQcVGF02g/eAmp5tZ/gSLfDO0C
910IEOa33C4AVYcgEwW3W7WeuwYEf5dUOYuqIAoNlcviNuKOm43bIvNXgKPqslgm
sdntITuKG92CdQVuscOuivrIdbSENo7Khpx1+BHo7zPpH7cAj41XZnGtlpyJo8Cp
/Yk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:00 2024 by rpki-client on console-ams.rpki-client.org