Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/zoSV2C68MzykQRp_pP9hDjpsWnY.roa
File: zoSV2C68MzykQRp_pP9hDjpsWnY.roa (raw, json)
Hash identifier: 1iFkbdOLaIbPSSu/OBaKYxtPMi4lPlThhGGDOqEnD5w=
Subject key identifier: CE:84:95:D8:2E:BC:33:3C:A4:41:1A:7F:A4:FF:61:0E:3A:6C:5A:76
Certificate issuer: /CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Certificate serial: 018EF041C54EF8619BC0169CF42F050DCB73
Authority key identifier: 40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/zoSV2C68MzykQRp_pP9hDjpsWnY.roa
Signing time: Thu 18 Apr 2024 08:10:25 +0000
ROA not before: Thu 18 Apr 2024 08:10:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f0:41:c5:4e:f8:61:9b:c0:16:9c:f4:2f:05:0d:cb:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Validity
Not Before: Apr 18 08:10:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce8495d82ebc333ca4411a7fa4ff610e3a6c5a76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:b2:6e:7f:cf:25:e1:e3:1b:3b:04:38:f7:4a:
ce:92:9c:c3:f0:42:40:ea:5c:ee:ca:87:1e:74:46:
7f:c1:b0:0d:99:45:47:23:c8:9e:cf:e0:4f:65:5c:
75:f3:f0:5f:27:14:21:0a:e0:cf:31:dc:68:1e:3a:
68:14:9f:ef:3c:0f:c2:9e:03:2a:3c:d1:19:2c:01:
4e:3f:50:b9:35:87:8b:f3:b4:d7:49:ad:ce:ec:24:
c8:2d:0f:9a:55:ea:da:e4:64:47:24:db:fa:02:93:
9f:22:cf:15:4d:e7:59:e0:48:63:75:9e:17:82:29:
70:c8:83:6c:a6:88:60:93:6f:63:b3:10:af:95:f9:
6f:5a:01:34:e8:28:98:bb:5f:2d:97:a7:fc:fa:6f:
6b:16:aa:f1:1f:da:b1:13:b6:db:2b:0a:8b:c2:db:
db:b8:6b:da:4a:84:7d:9c:86:f2:25:bd:f1:d1:01:
f6:e5:26:db:52:5f:26:93:c4:63:e1:83:83:a1:df:
54:17:11:76:a8:fa:36:db:09:88:ac:b6:e1:42:0d:
29:66:8b:15:2d:97:59:68:31:1a:f6:49:d9:ad:43:
50:49:0d:ba:34:0e:fe:41:54:01:3e:f9:27:18:81:
33:f4:e6:ab:cc:4a:da:3f:2e:fb:23:d0:3e:5a:51:
3d:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:84:95:D8:2E:BC:33:3C:A4:41:1A:7F:A4:FF:61:0E:3A:6C:5A:76
X509v3 Authority Key Identifier:
keyid:40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/zoSV2C68MzykQRp_pP9hDjpsWnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1d:7a:de:92:75:76:4f:e9:14:92:5f:f5:ae:51:eb:33:49:a2:
fc:86:76:fa:3d:ca:8d:cf:e6:28:06:63:5a:4f:e4:65:b4:6c:
6a:30:7f:32:2e:91:06:69:aa:f7:65:87:39:83:b1:67:1b:27:
ad:07:57:b2:af:20:e4:8b:4e:f3:88:81:ad:11:70:97:3c:47:
d6:07:d0:3d:27:64:e4:bd:fb:1a:13:c7:04:4b:0d:a4:9f:46:
e3:53:cb:67:6d:12:68:2e:ca:98:e5:c8:62:a1:63:91:5d:ab:
c4:61:cf:ab:05:72:d2:2e:2e:26:3d:d1:b9:13:bc:d3:92:1a:
c9:14:bb:cf:aa:56:22:c9:98:f2:cd:84:c1:e4:1e:f5:84:63:
2a:5b:fc:34:80:95:c9:bb:9c:1a:cd:81:e0:02:78:a7:c6:c4:
18:4e:08:88:20:36:24:1a:0d:73:a9:c3:cb:16:5e:e4:9a:cb:
33:41:9c:f6:90:21:e1:b8:ff:43:c5:5f:95:f5:af:ff:00:d6:
56:ff:9f:6f:b5:b5:a7:57:96:c1:81:9e:33:49:f9:3e:3d:ae:
46:ae:83:a0:08:0f:b1:65:1e:a7:7e:c2:86:93:6e:9a:17:ad:
5d:66:8d:3f:ad:ef:50:43:9f:92:09:b5:54:f2:ba:22:f9:6a:
4e:53:3c:4b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7wQcVO+GGbwBac9C8FDctzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYjEzMmMxN2U1OThmMTFiNmExMGY0MmVmM2JjZTk2MWUx
OGU4ZWYwHhcNMjQwNDE4MDgxMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTg0OTVkODJlYmMzMzNjYTQ0MTFhN2ZhNGZmNjEwZTNhNmM1YTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+rJuf88l4eMbOwQ490rOkpzD8EJA
6lzuyocedEZ/wbANmUVHI8iez+BPZVx18/BfJxQhCuDPMdxoHjpoFJ/vPA/CngMq
PNEZLAFOP1C5NYeL87TXSa3O7CTILQ+aVera5GRHJNv6ApOfIs8VTedZ4EhjdZ4X
gilwyINspohgk29jsxCvlflvWgE06CiYu18tl6f8+m9rFqrxH9qxE7bbKwqLwtvb
uGvaSoR9nIbyJb3x0QH25SbbUl8mk8Rj4YODod9UFxF2qPo22wmIrLbhQg0pZosV
LZdZaDEa9knZrUNQSQ26NA7+QVQBPvknGIEz9OarzEraPy77I9A+WlE94wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM6EldguvDM8pEEaf6T/YQ46bFp2MB8GA1UdIwQY
MBaAFECxMsF+WY8RtqEPQu87zpYeGOjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzIt
OGM4ZWJmNTg4OWRhLzEvem9TVjJDNjhNenlrUVJwX3BQOWhEanBzV25ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzItOGM4ZWJmNTg4OWRh
LzEvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB163pJ1dk/pFJJf9a5R
6zNJovyGdvo9yo3P5igGY1pP5GW0bGowfzIukQZpqvdlhzmDsWcbJ60HV7KvIOSL
TvOIga0RcJc8R9YH0D0nZOS9+xoTxwRLDaSfRuNTy2dtEmguypjlyGKhY5Fdq8Rh
z6sFctIuLiY90bkTvNOSGskUu8+qViLJmPLNhMHkHvWEYypb/DSAlcm7nBrNgeAC
eKfGxBhOCIggNiQaDXOpw8sWXuSayzNBnPaQIeG4/0PFX5X1r/8A1lb/n2+1tadX
lsGBnjNJ+T49rkaug6AID7FlHqd+woaTbpoXrV1mjT+t71BDn5IJtVTyuiL5ak5T
PEs=
-----END CERTIFICATE-----
Generated at Sun May 11 02:02:43 2025 by rpki-client