Route Origin Authorization
$ rpki-client -vvf rpki.zappiehost.com/repo/ZAPPIE-RPKI/2/AS924.roa
File: AS924.roa (raw, json)
Hash identifier: oxvxYoMURPPvjXXq7ymgywP3/VOlvJC3Y5BkShr0Diw=
Subject key identifier: C8:F1:EA:3E:32:7C:64:5E:3D:20:04:5C:94:87:9E:A0:CC:69:5F:FC
Certificate issuer: /CN=abdbfabaf201e2bb85b9edb4d643594ac30bbfe2
Certificate serial: 17818FC433B9F8AA03330F4BC7E6D335666F915E
Authority key identifier: AB:DB:FA:BA:F2:01:E2:BB:85:B9:ED:B4:D6:43:59:4A:C3:0B:BF:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q9v6uvIB4ruFue201kNZSsMLv-I.cer
Subject info access: rsync://rpki.zappiehost.com/repo/ZAPPIE-RPKI/2/AS924.roa
Signing time: Wed 21 Dec 2022 16:56:49 +0000
ROA not before: Wed 21 Dec 2022 16:51:49 +0000
ROA not after: Wed 20 Dec 2023 16:56:49 +0000
asID: 924
IP address blocks: 2a06:a005:d30::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:81:8f:c4:33:b9:f8:aa:03:33:0f:4b:c7:e6:d3:35:66:6f:91:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abdbfabaf201e2bb85b9edb4d643594ac30bbfe2
Validity
Not Before: Dec 21 16:51:49 2022 GMT
Not After : Dec 20 16:56:49 2023 GMT
Subject: CN=C8F1EA3E327C645E3D20045C94879EA0CC695FFC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4e:1a:3f:e1:7f:b5:ae:ae:6b:12:07:04:cd:
96:b9:a8:fe:28:61:be:5d:03:64:db:cd:a7:4a:7d:
99:9d:7b:ee:97:ad:eb:6f:44:a5:7e:1d:45:28:6c:
07:5b:b1:fc:9f:88:1c:34:54:a1:69:16:d6:87:d8:
3a:47:e7:34:a1:e7:fc:97:88:1b:0b:75:4b:7c:30:
ef:e9:43:29:4b:56:41:f5:3f:55:2a:44:21:b0:e5:
aa:a4:32:7e:40:8a:2f:71:49:f2:f3:0b:a6:b1:47:
ac:e1:a6:85:d0:9f:27:0a:be:8c:b9:8b:84:50:1a:
65:af:21:78:58:e2:78:70:88:50:6b:6e:74:b3:90:
76:73:fe:fb:f1:47:82:da:8e:11:26:d3:eb:98:79:
c4:7a:9e:e7:a9:ab:c5:6b:47:13:b5:88:f0:33:5a:
54:7b:5a:e1:c2:fc:f7:db:b9:af:1f:bb:e2:5d:5d:
17:25:59:bb:ea:7f:28:97:00:14:d6:5e:44:90:5f:
5e:f9:56:f9:eb:ad:e2:28:56:c1:d2:ce:f9:ef:2d:
19:e4:c2:e7:2f:ca:6f:f2:c1:60:73:a0:63:22:85:
96:13:d0:39:0f:ad:6c:f6:5f:73:91:f1:00:d2:e1:
4a:b3:12:46:4a:1c:b1:22:b6:9a:59:bf:87:90:62:
19:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:F1:EA:3E:32:7C:64:5E:3D:20:04:5C:94:87:9E:A0:CC:69:5F:FC
X509v3 Authority Key Identifier:
keyid:AB:DB:FA:BA:F2:01:E2:BB:85:B9:ED:B4:D6:43:59:4A:C3:0B:BF:E2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.zappiehost.com/repo/ZAPPIE-RPKI/2/ABDBFABAF201E2BB85B9EDB4D643594AC30BBFE2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q9v6uvIB4ruFue201kNZSsMLv-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.zappiehost.com/repo/ZAPPIE-RPKI/2/AS924.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:d30::/44
Signature Algorithm: sha256WithRSAEncryption
77:4e:39:4a:c5:bf:96:44:c2:f6:4e:b2:e2:a9:24:eb:cb:39:
3a:f8:b6:a9:ec:91:8d:28:5c:9f:97:48:db:1c:c9:54:26:0a:
1b:6a:33:04:75:23:11:5d:06:8b:af:3d:3e:87:88:44:2a:d0:
2e:39:7b:64:14:6a:cd:9a:08:10:a3:f8:23:87:3c:64:97:1a:
a1:b4:48:91:cf:5d:d6:92:85:0c:45:36:59:b8:2d:ea:d8:45:
fc:57:20:92:33:8a:0c:b2:09:c8:fc:69:47:8f:17:38:8d:c6:
3e:97:ea:5d:5c:ec:87:68:80:f3:e3:1d:34:d6:a2:3a:16:25:
50:e4:81:4f:dc:7b:78:8a:7e:de:d0:bc:26:10:41:89:ed:88:
fd:a6:1d:2f:03:d7:fe:fa:85:85:be:54:45:e8:a6:c9:b7:89:
fa:2e:93:e8:80:bd:f2:da:e5:72:77:9d:e1:eb:40:bc:58:3b:
4b:12:3f:81:59:0f:b4:48:40:1f:66:e0:be:8e:e1:bc:c2:59:
b0:6f:83:24:1e:ba:a1:8b:9c:b0:6b:3d:31:bd:f2:81:ba:8a:
9b:71:25:34:25:6a:2e:c0:cb:70:ca:49:14:9c:e5:c6:ef:48:
f4:36:d4:17:6a:d8:8c:3b:5d:8e:4d:1f:e6:a7:23:63:7d:c2:
4b:30:c2:26
-----BEGIN CERTIFICATE-----
MIIEsjCCA5qgAwIBAgIUF4GPxDO5+KoDMw9Lx+bTNWZvkV4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWJkYmZhYmFmMjAxZTJiYjg1YjllZGI0ZDY0MzU5NGFj
MzBiYmZlMjAeFw0yMjEyMjExNjUxNDlaFw0yMzEyMjAxNjU2NDlaMDMxMTAvBgNV
BAMTKEM4RjFFQTNFMzI3QzY0NUUzRDIwMDQ1Qzk0ODc5RUEwQ0M2OTVGRkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3Tho/4X+1rq5rEgcEzZa5qP4o
Yb5dA2TbzadKfZmde+6XretvRKV+HUUobAdbsfyfiBw0VKFpFtaH2DpH5zSh5/yX
iBsLdUt8MO/pQylLVkH1P1UqRCGw5aqkMn5Aii9xSfLzC6axR6zhpoXQnycKvoy5
i4RQGmWvIXhY4nhwiFBrbnSzkHZz/vvxR4LajhEm0+uYecR6nuepq8VrRxO1iPAz
WlR7WuHC/Pfbua8fu+JdXRclWbvqfyiXABTWXkSQX175VvnrreIoVsHSzvnvLRnk
wucvym/ywWBzoGMihZYT0DkPrWz2X3OR8QDS4UqzEkZKHLEitppZv4eQYhmZAgMB
AAGjggG8MIIBuDAdBgNVHQ4EFgQUyPHqPjJ8ZF49IARclIeeoMxpX/wwHwYDVR0j
BBgwFoAUq9v6uvIB4ruFue201kNZSsMLv+IwDgYDVR0PAQH/BAQDAgeAMGwGA1Ud
HwRlMGMwYaBfoF2GW3JzeW5jOi8vcnBraS56YXBwaWVob3N0LmNvbS9yZXBvL1pB
UFBJRS1SUEtJLzIvQUJEQkZBQkFGMjAxRTJCQjg1QjlFREI0RDY0MzU5NEFDMzBC
QkZFMi5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jw
a2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3E5djZ1dklCNHJ1RnVlMjAx
a05aU3NNTHYtSS5jZXIwVAYIKwYBBQUHAQsESDBGMEQGCCsGAQUFBzALhjhyc3lu
YzovL3Jwa2kuemFwcGllaG9zdC5jb20vcmVwby9aQVBQSUUtUlBLSS8yL0FTOTI0
LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMw
ETAPBAIAAjAJAwcEKgagBQ0wMA0GCSqGSIb3DQEBCwUAA4IBAQB3TjlKxb+WRML2
TrLiqSTryzk6+Lap7JGNKFyfl0jbHMlUJgobajMEdSMRXQaLrz0+h4hEKtAuOXtk
FGrNmggQo/gjhzxklxqhtEiRz13WkoUMRTZZuC3q2EX8VyCSM4oMsgnI/GlHjxc4
jcY+l+pdXOyHaIDz4x001qI6FiVQ5IFP3Ht4in7e0LwmEEGJ7Yj9ph0vA9f++oWF
vlRF6KbJt4n6LpPogL3y2uVyd53h60C8WDtLEj+BWQ+0SEAfZuC+juG8wlmwb4Mk
Hrqhi5ywaz0xvfKBuoqbcSU0JWouwMtwykkUnOXG70j0NtQXatiMO12OTR/mpyNj
fcJLMMIm
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:00:21 2025 by rpki-client