Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/zdol1WqE-8qiszlVqCjqoBLYJ8M.roa
File: zdol1WqE-8qiszlVqCjqoBLYJ8M.roa (raw, json)
Hash identifier: Z4HgwgTffCl9WtkJ9B825bMKU6/tnEuoDMcz410Ru28=
Subject key identifier: CD:DA:25:D5:6A:84:FB:CA:A2:B3:39:55:A8:28:EA:A0:12:D8:27:C3
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A732DC5F159889E65273CD5B001CA0D94
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/zdol1WqE-8qiszlVqCjqoBLYJ8M.roa
Signing time: Fri 08 Sep 2023 05:04:54 +0000
ROA not before: Fri 08 Sep 2023 05:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:732d:4451/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:73:2d:c5:f1:59:88:9e:65:27:3c:d5:b0:01:ca:0d:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 8 05:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cdda25d56a84fbcaa2b33955a828eaa012d827c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:85:05:d1:c4:34:4f:40:10:3a:30:1c:28:fa:
08:17:b0:7c:57:16:fe:f6:44:81:37:d9:5d:a1:2a:
73:19:24:9f:72:25:13:d2:d9:31:46:ce:06:a3:ab:
66:d6:fc:92:0a:6b:1d:f8:19:73:69:cc:87:88:4f:
e7:5b:6a:ac:41:77:3c:1c:11:84:5b:2a:44:7b:06:
05:5e:c5:17:79:ab:2d:86:3f:7a:fb:14:f3:5c:64:
65:36:21:be:91:48:f9:48:a4:00:aa:f7:32:83:26:
e8:6a:c5:eb:5d:e0:39:9c:27:7b:27:75:de:d3:39:
4b:42:48:16:2f:0a:10:de:be:7e:8a:e5:91:eb:cb:
fb:b8:b4:7d:e3:2c:38:64:d6:73:f5:e5:ef:90:e3:
3b:6c:51:6f:e9:aa:fc:14:94:0b:3d:7e:63:50:65:
66:44:4f:72:ad:5f:4e:90:87:31:0c:61:d7:3f:7b:
76:4b:63:f8:d2:71:f6:e8:bb:05:9a:3c:4c:cc:d5:
0e:0a:b4:b5:9f:55:ac:35:57:dc:e6:7e:f7:62:e3:
7d:f1:03:dc:e1:a6:4d:35:71:a1:83:e2:33:81:99:
16:09:1f:4a:b1:74:5f:14:1e:56:72:69:6b:c3:af:
cb:0c:22:5f:71:4e:1e:7b:53:a1:7f:fb:de:2a:3b:
ed:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:DA:25:D5:6A:84:FB:CA:A2:B3:39:55:A8:28:EA:A0:12:D8:27:C3
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/zdol1WqE-8qiszlVqCjqoBLYJ8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2f:65:5a:f8:1e:9e:64:33:51:ad:90:1a:83:64:78:0b:ab:95:
b2:fc:27:23:75:eb:4e:bb:f3:95:e5:2d:e8:bb:e0:4f:f1:6e:
df:ab:df:8c:54:2b:8c:f4:a6:a7:0b:91:31:7f:03:09:3e:a5:
b3:f6:61:17:24:03:01:4f:95:05:ea:57:3a:eb:58:de:04:8e:
63:11:b5:0a:e2:85:cb:ac:77:35:e8:84:9c:f8:59:75:69:43:
a6:c7:fc:a5:d3:0c:7b:dd:3b:6e:b1:bb:5e:63:dc:86:82:60:
e5:f9:be:31:77:d8:dc:36:0e:47:e4:12:22:c2:bb:7b:7e:3a:
3b:7c:89:ba:5f:5a:5b:8f:e7:f3:f1:b2:6f:93:17:12:6d:eb:
b1:7c:11:66:4d:c0:d4:ad:fd:1d:86:49:fa:e7:6e:98:0c:69:
42:70:11:60:72:f7:0a:9e:01:e4:e0:a6:00:22:9f:e2:cb:16:
e3:ed:0f:b4:0d:24:80:80:81:3b:48:c6:56:ff:75:59:e2:a3:
c0:67:a2:fa:cd:0b:43:a0:2e:4d:4b:38:9c:86:cb:e1:cf:4c:
8c:07:9f:a6:3a:e4:13:81:63:30:ae:d0:ec:84:99:6a:4e:7f:
78:85:df:31:7e:71:db:c6:a1:f8:5b:fb:cb:fe:1f:9c:64:2b:
f7:c8:13:f8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpzLcXxWYieZSc81bAByg2UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA4MDUwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGRhMjVkNTZhODRmYmNhYTJiMzM5NTVhODI4ZWFhMDEyZDgyN2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YUF0cQ0T0AQOjAcKPoIF7B8Vxb+
9kSBN9ldoSpzGSSfciUT0tkxRs4Go6tm1vySCmsd+BlzacyHiE/nW2qsQXc8HBGE
WypEewYFXsUXeasthj96+xTzXGRlNiG+kUj5SKQAqvcygyboasXrXeA5nCd7J3Xe
0zlLQkgWLwoQ3r5+iuWR68v7uLR94yw4ZNZz9eXvkOM7bFFv6ar8FJQLPX5jUGVm
RE9yrV9OkIcxDGHXP3t2S2P40nH26LsFmjxMzNUOCrS1n1WsNVfc5n73YuN98QPc
4aZNNXGhg+IzgZkWCR9KsXRfFB5Wcmlrw6/LDCJfcU4ee1Ohf/veKjvt1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM3aJdVqhPvKorM5Vago6qAS2CfDMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvemRvbDFXcUUtOHFpc3psVnFDanFvQkxZSjhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC9lWvgenmQzUa2QGoNk
eAurlbL8JyN1606785XlLei74E/xbt+r34xUK4z0pqcLkTF/Awk+pbP2YRckAwFP
lQXqVzrrWN4EjmMRtQrihcusdzXohJz4WXVpQ6bH/KXTDHvdO26xu15j3IaCYOX5
vjF32Nw2DkfkEiLCu3t+Ojt8ibpfWluP5/Pxsm+TFxJt67F8EWZNwNSt/R2GSfrn
bpgMaUJwEWBy9wqeAeTgpgAin+LLFuPtD7QNJICAgTtIxlb/dVnio8BnovrNC0Og
Lk1LOJyGy+HPTIwHn6Y65BOBYzCu0OyEmWpOf3iF3zF+cdvGofhb+8v+H5xkK/fI
E/g=
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:15:19 2025 by rpki-client