Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fc0ed1-5666-4bb7-bb7c-7b627582fd2d/1/zPHYYf64cnazRpEP2DM-tC5zi20.roa
File: zPHYYf64cnazRpEP2DM-tC5zi20.roa (raw, json)
Hash identifier: KRY5tyMHgi4pvRx1DdmJaDKEtzRxICuicXJ6HWfF+Yg=
Subject key identifier: CC:F1:D8:61:FE:B8:72:76:B3:46:91:0F:D8:33:3E:B4:2E:73:8B:6D
Certificate issuer: /CN=3b61c8b61ff4ab975a2f6c67d0bce6379362e2fe
Certificate serial: 0194266BAC8240F3559CD53E09CFC6EA6912
Authority key identifier: 3B:61:C8:B6:1F:F4:AB:97:5A:2F:6C:67:D0:BC:E6:37:93:62:E2:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O2HIth_0q5daL2xn0LzmN5Ni4v4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fc0ed1-5666-4bb7-bb7c-7b627582fd2d/1/zPHYYf64cnazRpEP2DM-tC5zi20.roa
Signing time: Thu 02 Jan 2025 09:49:38 +0000
ROA not before: Thu 02 Jan 2025 09:49:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199637
IP address blocks: 193.24.96.0/24 maxlen: 24
2a13:e480::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:ac:82:40:f3:55:9c:d5:3e:09:cf:c6:ea:69:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b61c8b61ff4ab975a2f6c67d0bce6379362e2fe
Validity
Not Before: Jan 2 09:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ccf1d861feb87276b346910fd8333eb42e738b6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ee:75:8d:32:89:fc:6b:9d:50:a6:90:37:e5:
1e:df:e7:40:3e:e2:de:99:3f:10:d7:b3:e0:c4:da:
15:df:98:07:2b:10:0a:bc:16:76:4c:8b:bd:17:34:
89:e7:59:ec:1d:c9:ab:25:76:76:b6:c2:9d:70:10:
57:12:06:88:d4:3a:f5:a6:7c:97:8a:4e:dc:10:b6:
03:73:bd:7d:88:f3:9d:bb:3a:c4:d0:f4:3e:a6:87:
06:d1:b4:53:d2:df:fd:28:d4:8f:c2:fd:cf:eb:43:
78:60:bd:c8:f1:ac:e1:b4:4e:36:18:86:5d:4d:f2:
77:07:a6:b3:ec:f6:26:d0:3f:96:4b:d0:a1:84:0f:
b0:d4:54:d4:ef:86:c8:56:0c:3c:f8:3a:d9:2e:4a:
26:68:2a:d2:af:45:3a:3b:f7:af:da:99:5c:a6:d0:
fc:3f:d4:d6:bb:be:a4:7e:21:af:be:86:f4:40:b5:
5a:52:87:f9:cb:17:b6:7e:f6:a4:55:09:e0:6a:60:
82:46:de:1f:58:a8:0d:20:4a:09:d1:1e:a1:f5:25:
f7:fd:93:c9:a1:94:56:69:79:4a:2c:61:6e:79:93:
a0:54:f2:c5:4c:9d:64:d1:f2:e4:84:e0:92:f7:f6:
11:94:43:ea:e8:d8:36:a4:5d:41:cf:0a:b4:eb:f7:
24:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:F1:D8:61:FE:B8:72:76:B3:46:91:0F:D8:33:3E:B4:2E:73:8B:6D
X509v3 Authority Key Identifier:
keyid:3B:61:C8:B6:1F:F4:AB:97:5A:2F:6C:67:D0:BC:E6:37:93:62:E2:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O2HIth_0q5daL2xn0LzmN5Ni4v4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fc0ed1-5666-4bb7-bb7c-7b627582fd2d/1/zPHYYf64cnazRpEP2DM-tC5zi20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fc0ed1-5666-4bb7-bb7c-7b627582fd2d/1/O2HIth_0q5daL2xn0LzmN5Ni4v4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.24.96.0/24
IPv6:
2a13:e480::/29
Signature Algorithm: sha256WithRSAEncryption
a1:bf:44:62:64:bb:30:c9:88:b0:8c:a5:77:a4:80:18:a8:76:
b1:0f:70:3a:90:03:31:15:a2:5a:fa:4a:36:ce:6d:56:55:a0:
69:f6:f0:c7:79:7d:5d:d2:d1:4c:db:b8:a0:c6:be:10:0c:71:
6c:14:36:6e:e0:f2:7c:98:40:72:73:ce:18:05:5d:64:53:69:
e1:54:2b:9e:3f:21:80:86:70:57:c1:6b:1f:06:a2:63:a1:af:
0c:8b:e4:92:41:d1:c4:3d:95:94:f3:48:1e:cf:43:e3:da:81:
98:fc:83:f1:dd:09:9e:25:a6:05:c2:4e:fd:5c:17:af:fe:a2:
b8:1f:c1:ff:8e:6d:25:b5:d4:c3:4d:b1:27:05:d2:57:d8:6d:
3c:9b:a7:2e:23:28:aa:a8:41:70:ba:63:4e:ba:9e:55:82:c3:
c4:79:89:2b:e3:a0:6a:38:37:71:6f:f9:f4:50:9c:a6:b5:e6:
85:69:bb:84:e0:d8:e2:58:4e:6f:44:ae:23:1c:e2:f6:52:cf:
0f:e6:dd:c9:69:86:2f:cd:5a:cf:d6:cc:cf:0f:00:c7:e7:2a:
12:c4:37:51:78:ff:77:6a:71:ac:8b:30:9e:09:52:18:c3:04:
0f:4d:25:e8:33:e1:d8:02:e2:d8:0f:42:ca:96:89:0a:12:87:
21:2e:72:7e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQma6yCQPNVnNU+Cc/G6mkSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNjFjOGI2MWZmNGFiOTc1YTJmNmM2N2QwYmNlNjM3OTM2
MmUyZmUwHhcNMjUwMTAyMDk0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2YxZDg2MWZlYjg3Mjc2YjM0NjkxMGZkODMzM2ViNDJlNzM4YjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwO51jTKJ/GudUKaQN+Ue3+dAPuLe
mT8Q17PgxNoV35gHKxAKvBZ2TIu9FzSJ51nsHcmrJXZ2tsKdcBBXEgaI1Dr1pnyX
ik7cELYDc719iPOduzrE0PQ+pocG0bRT0t/9KNSPwv3P60N4YL3I8azhtE42GIZd
TfJ3B6az7PYm0D+WS9ChhA+w1FTU74bIVgw8+DrZLkomaCrSr0U6O/ev2plcptD8
P9TWu76kfiGvvob0QLVaUof5yxe2fvakVQngamCCRt4fWKgNIEoJ0R6h9SX3/ZPJ
oZRWaXlKLGFueZOgVPLFTJ1k0fLkhOCS9/YRlEPq6Ng2pF1Bzwq06/ck9wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMzx2GH+uHJ2s0aRD9gzPrQuc4ttMB8GA1UdIwQY
MBaAFDthyLYf9KuXWi9sZ9C85jeTYuL+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzJISXRoXzBxNWRhTDJ4bjBMem1ONU5pNHY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mYzBlZDEtNTY2Ni00YmI3LWJiN2Mt
N2I2Mjc1ODJmZDJkLzEvelBIWVlmNjRjbmF6UnBFUDJETS10QzV6aTIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mYzBlZDEtNTY2Ni00YmI3LWJiN2MtN2I2Mjc1ODJmZDJk
LzEvTzJISXRoXzBxNWRhTDJ4bjBMem1ONU5pNHY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwRhgMA0E
AgACMAcDBQMqE+SAMA0GCSqGSIb3DQEBCwUAA4IBAQChv0RiZLswyYiwjKV3pIAY
qHaxD3A6kAMxFaJa+ko2zm1WVaBp9vDHeX1d0tFM27igxr4QDHFsFDZu4PJ8mEBy
c84YBV1kU2nhVCuePyGAhnBXwWsfBqJjoa8Mi+SSQdHEPZWU80gez0Pj2oGY/IPx
3QmeJaYFwk79XBev/qK4H8H/jm0ltdTDTbEnBdJX2G08m6cuIyiqqEFwumNOup5V
gsPEeYkr46BqODdxb/n0UJymteaFabuE4NjiWE5vRK4jHOL2Us8P5t3JaYYvzVrP
1szPDwDH5yoSxDdReP93anGsizCeCVIYwwQPTSXoM+HYAuLYD0LKlokKEochLnJ+
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:24:22 2025 by rpki-client