Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/3564e7-11d4-4d7a-8bcc-a953768fde2f/1/ZdLIbn9HJxp8pdvNeDczvn0TQ4Q.roa
File: ZdLIbn9HJxp8pdvNeDczvn0TQ4Q.roa (raw, json)
Hash identifier: rg+IefpKLZ6BZTDP0ZlvyqCjjEypkuxTFlnDiZulEgg=
Subject key identifier: 65:D2:C8:6E:7F:47:27:1A:7C:A5:DB:CD:78:37:33:BE:7D:13:43:84
Certificate issuer: /CN=1a4d0923ec10667760ad882e6af9a15699c05ef8
Certificate serial: 01942368DA31EC34DE844BABA49CFD389461
Authority key identifier: 1A:4D:09:23:EC:10:66:77:60:AD:88:2E:6A:F9:A1:56:99:C0:5E:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gk0JI-wQZndgrYguavmhVpnAXvg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/3564e7-11d4-4d7a-8bcc-a953768fde2f/1/ZdLIbn9HJxp8pdvNeDczvn0TQ4Q.roa
Signing time: Wed 01 Jan 2025 19:47:41 +0000
ROA not before: Wed 01 Jan 2025 19:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41737
IP address blocks: 193.110.144.0/24 maxlen: 24
193.110.168.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:da:31:ec:34:de:84:4b:ab:a4:9c:fd:38:94:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a4d0923ec10667760ad882e6af9a15699c05ef8
Validity
Not Before: Jan 1 19:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=65d2c86e7f47271a7ca5dbcd783733be7d134384
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:6c:d5:2e:58:b2:9a:03:dd:8e:23:46:14:0b:
ca:7c:17:bc:c0:d1:6d:33:5e:2e:06:ea:e9:96:7a:
31:f9:f1:18:83:60:dd:7e:60:49:23:55:7a:fa:f5:
20:62:58:9a:fa:33:95:42:04:f5:e4:e7:2b:51:29:
80:73:5e:5d:90:8d:18:48:9e:a1:c8:35:34:98:b2:
fa:92:da:ec:a5:0a:eb:71:d6:11:c8:91:f7:10:31:
f0:d2:a7:9a:19:48:4b:f7:3a:93:0c:a6:76:70:a6:
2b:92:22:98:74:16:71:3b:60:bb:92:e0:05:76:f9:
67:6b:d3:cc:17:00:7b:66:ff:71:78:f3:ea:1a:20:
c6:87:38:7e:89:c7:35:db:f1:99:94:32:38:fb:97:
45:1b:af:d0:8d:3c:25:77:af:8d:cc:22:a7:a0:a1:
f6:b4:b1:11:b9:09:15:16:39:f1:e0:41:30:85:56:
c4:ee:30:eb:e9:61:71:bf:a2:3d:10:5f:1a:73:f9:
36:e1:05:b6:5a:56:5c:d0:7e:52:d3:73:bb:f9:27:
6d:93:fa:42:b2:84:48:06:94:69:07:e4:2a:96:59:
85:5a:74:64:2e:e8:64:d4:54:bb:15:a0:a1:3e:24:
4c:0e:b7:bf:cf:95:f4:ce:5c:1d:99:8c:08:7f:aa:
db:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:D2:C8:6E:7F:47:27:1A:7C:A5:DB:CD:78:37:33:BE:7D:13:43:84
X509v3 Authority Key Identifier:
keyid:1A:4D:09:23:EC:10:66:77:60:AD:88:2E:6A:F9:A1:56:99:C0:5E:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gk0JI-wQZndgrYguavmhVpnAXvg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/3564e7-11d4-4d7a-8bcc-a953768fde2f/1/ZdLIbn9HJxp8pdvNeDczvn0TQ4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/3564e7-11d4-4d7a-8bcc-a953768fde2f/1/Gk0JI-wQZndgrYguavmhVpnAXvg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.110.144.0/24
193.110.168.0/23
Signature Algorithm: sha256WithRSAEncryption
ad:ca:45:4f:86:b0:43:2b:3c:c0:07:49:6f:2d:b8:28:7a:97:
b2:f7:9a:55:56:02:f8:48:70:13:58:2e:f9:84:b8:30:3d:10:
4d:ec:9d:21:40:b6:39:5e:ee:a2:23:fe:46:64:82:9a:a9:e6:
bf:e5:75:fb:b3:c7:cb:03:c9:18:f9:37:10:d6:4a:8e:0c:a0:
60:ec:6a:7c:ce:24:f1:fa:1b:a3:c9:0d:b9:a6:e5:3c:c9:7e:
a1:f4:ca:1c:47:7b:21:3d:d9:37:2b:3a:20:0e:b3:c6:14:74:
4c:2c:84:dd:07:8f:7b:34:3e:58:3c:5c:8e:b9:44:31:92:22:
fa:dd:8a:e7:1f:b3:fb:a1:65:09:35:41:a5:e0:cc:a4:2d:16:
14:56:db:9f:25:4b:da:9c:76:52:2a:6b:3b:d2:8f:40:d7:41:
02:a8:54:97:be:34:a2:95:bf:5f:be:99:4f:8e:11:9f:28:f9:
ea:b5:af:02:0f:20:97:f7:1e:72:a7:27:4d:5b:b2:57:d1:0b:
4c:10:b8:cd:77:97:f9:c6:68:51:ee:62:c8:b3:ce:1f:e1:5e:
01:75:6b:9a:e3:0e:d5:3b:dc:13:5b:ae:f6:79:3e:c9:63:c5:
cd:cd:ec:80:a1:4c:af:42:3a:1e:34:e9:c0:eb:0f:4a:be:cc:
24:59:bc:17
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQjaNox7DTehEurpJz9OJRhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNGQwOTIzZWMxMDY2Nzc2MGFkODgyZTZhZjlhMTU2OTlj
MDVlZjgwHhcNMjUwMTAxMTk0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWQyYzg2ZTdmNDcyNzFhN2NhNWRiY2Q3ODM3MzNiZTdkMTM0Mzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumzVLliymgPdjiNGFAvKfBe8wNFt
M14uBurplnox+fEYg2DdfmBJI1V6+vUgYlia+jOVQgT15OcrUSmAc15dkI0YSJ6h
yDU0mLL6ktrspQrrcdYRyJH3EDHw0qeaGUhL9zqTDKZ2cKYrkiKYdBZxO2C7kuAF
dvlna9PMFwB7Zv9xePPqGiDGhzh+icc12/GZlDI4+5dFG6/QjTwld6+NzCKnoKH2
tLERuQkVFjnx4EEwhVbE7jDr6WFxv6I9EF8ac/k24QW2WlZc0H5S03O7+Sdtk/pC
soRIBpRpB+QqllmFWnRkLuhk1FS7FaChPiRMDre/z5X0zlwdmYwIf6rbHwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGXSyG5/RycafKXbzXg3M759E0OEMB8GA1UdIwQY
MBaAFBpNCSPsEGZ3YK2ILmr5oVaZwF74MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2swSkktd1FabmRncllndWF2bWhWcG5BWHZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8zNTY0ZTctMTFkNC00ZDdhLThiY2Mt
YTk1Mzc2OGZkZTJmLzEvWmRMSWJuOUhKeHA4cGR2TmVEY3p2bjBUUTRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8zNTY0ZTctMTFkNC00ZDdhLThiY2MtYTk1Mzc2OGZkZTJm
LzEvR2swSkktd1FabmRncllndWF2bWhWcG5BWHZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwW6QAwQB
wW6oMA0GCSqGSIb3DQEBCwUAA4IBAQCtykVPhrBDKzzAB0lvLbgoepey95pVVgL4
SHATWC75hLgwPRBN7J0hQLY5Xu6iI/5GZIKaqea/5XX7s8fLA8kY+TcQ1kqODKBg
7Gp8ziTx+hujyQ25puU8yX6h9MocR3shPdk3KzogDrPGFHRMLITdB497ND5YPFyO
uUQxkiL63YrnH7P7oWUJNUGl4MykLRYUVtufJUvanHZSKms70o9A10ECqFSXvjSi
lb9fvplPjhGfKPnqta8CDyCX9x5ypydNW7JX0QtMELjNd5f5xmhR7mLIs84f4V4B
dWua4w7VO9wTW672eT7JY8XNzeyAoUyvQjoeNOnA6w9KvswkWbwX
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:30:02 2025 by rpki-client