Route Origin Authorization
$ rpki-client -vvf rpki.zappiehost.com/repo/ZAPPIE-RPKI/2/AS200809.roa
File: AS200809.roa (raw, json)
Hash identifier: kPRw9mInwfFsx1N4+ctZqKP/DO1TW4e1/FPtLfkk5xE=
Subject key identifier: 7A:18:D7:3A:CF:7D:68:98:81:4B:37:0A:D2:DC:2E:A8:6F:09:E6:7D
Certificate issuer: /CN=abdbfabaf201e2bb85b9edb4d643594ac30bbfe2
Certificate serial: 141838D7A846E908DA0843503F11158D11657E14
Authority key identifier: AB:DB:FA:BA:F2:01:E2:BB:85:B9:ED:B4:D6:43:59:4A:C3:0B:BF:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q9v6uvIB4ruFue201kNZSsMLv-I.cer
Subject info access: rsync://rpki.zappiehost.com/repo/ZAPPIE-RPKI/2/AS200809.roa
Signing time: Sun 01 Jan 2023 08:12:52 +0000
ROA not before: Sun 01 Jan 2023 08:07:52 +0000
ROA not after: Sun 31 Dec 2023 08:12:52 +0000
asID: 200809
IP address blocks: 2a06:a005:2670::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:18:38:d7:a8:46:e9:08:da:08:43:50:3f:11:15:8d:11:65:7e:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abdbfabaf201e2bb85b9edb4d643594ac30bbfe2
Validity
Not Before: Jan 1 08:07:52 2023 GMT
Not After : Dec 31 08:12:52 2023 GMT
Subject: CN=7A18D73ACF7D6898814B370AD2DC2EA86F09E67D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:00:68:03:e9:74:e1:dc:fa:62:f6:50:ef:8e:
0d:cc:40:6d:ad:dd:ec:f1:14:32:34:da:c6:e0:5f:
03:5c:ab:6a:8d:94:09:45:97:ba:66:f6:b7:68:ba:
b7:0b:1d:4c:00:72:23:d9:05:ab:98:71:02:b4:93:
ab:80:b1:63:be:53:c2:43:38:84:91:fb:fe:4b:91:
62:d0:fe:b2:c6:ef:80:c3:14:1f:ef:0e:75:aa:f4:
3f:f1:6a:2d:b6:31:48:2b:1e:b7:49:67:75:96:18:
66:08:b0:b3:22:9e:39:53:a3:90:19:14:6e:88:7d:
e5:68:1b:6c:4c:8a:26:e5:7b:f0:25:40:0a:d3:d3:
70:4b:24:b9:1c:3a:25:e1:4e:56:75:4b:0a:2f:d3:
9c:ff:13:b9:f7:dd:11:c9:4d:cd:21:60:81:f0:f4:
25:b3:d2:9e:d3:4d:fa:29:be:c9:7b:43:75:99:76:
fb:94:2a:44:7e:fd:41:26:29:49:16:b6:57:14:88:
d3:ac:0a:e1:e0:b7:0a:52:d9:a6:1a:07:78:43:c0:
c9:15:4f:22:d1:54:6f:b4:20:97:ca:43:e8:26:fd:
45:fc:3a:b8:2c:4c:39:ca:1c:13:59:70:2e:5f:2f:
25:4b:02:1c:a0:5b:6c:a7:07:53:5e:cf:ed:c3:cb:
bd:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:18:D7:3A:CF:7D:68:98:81:4B:37:0A:D2:DC:2E:A8:6F:09:E6:7D
X509v3 Authority Key Identifier:
keyid:AB:DB:FA:BA:F2:01:E2:BB:85:B9:ED:B4:D6:43:59:4A:C3:0B:BF:E2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.zappiehost.com/repo/ZAPPIE-RPKI/2/ABDBFABAF201E2BB85B9EDB4D643594AC30BBFE2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q9v6uvIB4ruFue201kNZSsMLv-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.zappiehost.com/repo/ZAPPIE-RPKI/2/AS200809.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:2670::/44
Signature Algorithm: sha256WithRSAEncryption
67:04:43:0e:91:87:f5:86:13:65:8d:f6:9e:87:2f:79:f0:ad:
6b:31:65:01:3f:9a:d5:f2:bd:52:4a:35:28:71:a3:bf:b6:08:
2b:68:ae:34:01:5e:be:e4:9d:98:3d:fa:ac:48:70:a5:1a:83:
a8:ad:f6:60:94:d6:e1:bb:8f:49:6e:f7:82:1c:10:35:e7:4d:
61:05:92:08:03:6f:f9:fd:05:89:78:c3:8f:7d:2f:05:b2:0b:
bd:28:de:dc:f2:b8:77:4f:16:71:f6:d6:9c:f8:c7:06:29:4f:
a8:30:c1:8e:6b:fd:34:83:7c:5d:d3:01:f6:ce:d0:f3:cf:26:
de:80:9c:9d:e7:e2:9b:9a:76:b5:ff:92:51:6e:82:bd:99:e5:
51:11:37:a5:d2:0a:ad:88:2e:da:70:51:cb:73:97:a9:27:f1:
0b:2f:b7:91:f9:63:77:60:61:88:16:7f:54:dc:21:15:1d:52:
07:38:bf:99:0e:28:a9:86:22:43:5d:46:42:6e:f5:d7:c0:02:
41:87:5c:14:34:73:32:13:bf:cb:3f:38:86:9b:24:27:ae:d0:
e4:01:4e:2c:de:52:02:7f:f1:0e:17:04:c0:67:f1:02:5d:1c:
60:df:ae:92:19:5d:2d:d5:f4:60:4f:7f:f0:54:39:ca:27:5c:
88:42:7c:0b
-----BEGIN CERTIFICATE-----
MIIEtTCCA52gAwIBAgIUFBg416hG6QjaCENQPxEVjRFlfhQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWJkYmZhYmFmMjAxZTJiYjg1YjllZGI0ZDY0MzU5NGFj
MzBiYmZlMjAeFw0yMzAxMDEwODA3NTJaFw0yMzEyMzEwODEyNTJaMDMxMTAvBgNV
BAMTKDdBMThENzNBQ0Y3RDY4OTg4MTRCMzcwQUQyREMyRUE4NkYwOUU2N0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhAGgD6XTh3Ppi9lDvjg3MQG2t
3ezxFDI02sbgXwNcq2qNlAlFl7pm9rdourcLHUwAciPZBauYcQK0k6uAsWO+U8JD
OISR+/5LkWLQ/rLG74DDFB/vDnWq9D/xai22MUgrHrdJZ3WWGGYIsLMinjlTo5AZ
FG6IfeVoG2xMiible/AlQArT03BLJLkcOiXhTlZ1Swov05z/E7n33RHJTc0hYIHw
9CWz0p7TTfopvsl7Q3WZdvuUKkR+/UEmKUkWtlcUiNOsCuHgtwpS2aYaB3hDwMkV
TyLRVG+0IJfKQ+gm/UX8OrgsTDnKHBNZcC5fLyVLAhygW2ynB1Nez+3Dy73JAgMB
AAGjggG/MIIBuzAdBgNVHQ4EFgQUehjXOs99aJiBSzcK0twuqG8J5n0wHwYDVR0j
BBgwFoAUq9v6uvIB4ruFue201kNZSsMLv+IwDgYDVR0PAQH/BAQDAgeAMGwGA1Ud
HwRlMGMwYaBfoF2GW3JzeW5jOi8vcnBraS56YXBwaWVob3N0LmNvbS9yZXBvL1pB
UFBJRS1SUEtJLzIvQUJEQkZBQkFGMjAxRTJCQjg1QjlFREI0RDY0MzU5NEFDMzBC
QkZFMi5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jw
a2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3E5djZ1dklCNHJ1RnVlMjAx
a05aU3NNTHYtSS5jZXIwVwYIKwYBBQUHAQsESzBJMEcGCCsGAQUFBzALhjtyc3lu
YzovL3Jwa2kuemFwcGllaG9zdC5jb20vcmVwby9aQVBQSUUtUlBLSS8yL0FTMjAw
ODA5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/
BBMwETAPBAIAAjAJAwcEKgagBSZwMA0GCSqGSIb3DQEBCwUAA4IBAQBnBEMOkYf1
hhNljfaehy958K1rMWUBP5rV8r1SSjUocaO/tggraK40AV6+5J2YPfqsSHClGoOo
rfZglNbhu49JbveCHBA1501hBZIIA2/5/QWJeMOPfS8Fsgu9KN7c8rh3TxZx9tac
+McGKU+oMMGOa/00g3xd0wH2ztDzzybegJyd5+Kbmna1/5JRboK9meVRETel0gqt
iC7acFHLc5epJ/ELL7eR+WN3YGGIFn9U3CEVHVIHOL+ZDiiphiJDXUZCbvXXwAJB
h1wUNHMyE7/LPziGmyQnrtDkAU4s3lICf/EOFwTAZ/ECXRxg366SGV0t1fRgT3/w
VDnKJ1yIQnwL
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:18:47 2025 by rpki-client