Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/09c980-38eb-4222-b225-d71130c6c0f9/1/ZXtK8i0ZkTBxTFkF4gT8SCIZTmw.roa
File: ZXtK8i0ZkTBxTFkF4gT8SCIZTmw.roa (raw, json)
Hash identifier: KikSjMlfZMQPJYB8hmRvlc00FrgqM6UWZDTUG/QEicY=
Subject key identifier: 65:7B:4A:F2:2D:19:91:30:71:4C:59:05:E2:04:FC:48:22:19:4E:6C
Certificate issuer: /CN=210d1c0db5aa1880d7747e22f1dbf4716d3101a9
Certificate serial: 01941F8C031953963C5A9D0D39F9D0A00D08
Authority key identifier: 21:0D:1C:0D:B5:AA:18:80:D7:74:7E:22:F1:DB:F4:71:6D:31:01:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQ0cDbWqGIDXdH4i8dv0cW0xAak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/09c980-38eb-4222-b225-d71130c6c0f9/1/ZXtK8i0ZkTBxTFkF4gT8SCIZTmw.roa
Signing time: Wed 01 Jan 2025 01:47:37 +0000
ROA not before: Wed 01 Jan 2025 01:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207415
IP address blocks: 193.111.209.0/24 maxlen: 24
2a13:6700::/48 maxlen: 48
2a13:6700:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:03:19:53:96:3c:5a:9d:0d:39:f9:d0:a0:0d:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=210d1c0db5aa1880d7747e22f1dbf4716d3101a9
Validity
Not Before: Jan 1 01:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=657b4af22d199130714c5905e204fc4822194e6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:64:98:4c:6a:d0:3b:dc:61:26:be:ba:c6:97:
b5:3b:6f:ff:0f:45:1c:a1:8a:a6:1e:ae:cf:7e:d4:
9b:6f:b2:9f:16:55:7e:48:67:6f:2e:a4:a5:b4:4b:
3a:b4:11:83:c0:a1:57:a3:f8:82:3e:bf:ca:a6:85:
25:1a:bc:cc:da:37:dc:79:92:15:2e:89:5a:1b:3e:
e9:58:56:46:c1:21:00:f5:c2:e9:5e:42:10:9f:30:
d3:43:e2:7f:78:9f:7e:56:77:b2:ba:31:2d:21:c6:
0d:18:b2:fe:e9:59:c1:a3:61:80:e5:22:cd:4e:99:
ca:a0:a9:c7:17:1f:0d:2d:fc:96:3d:74:fc:aa:4e:
5e:06:c3:03:3e:9f:94:45:9a:8e:2c:c5:99:49:2c:
a4:5e:33:2c:5d:1f:06:ca:af:87:47:ba:1d:b8:54:
57:53:5d:c0:32:cc:20:32:c7:5c:69:a9:5f:89:fd:
7e:1e:3b:88:85:ee:57:45:72:c3:65:6a:b6:bc:9b:
77:5b:7d:a6:50:31:c7:df:14:61:6a:c5:b9:73:e5:
b4:d0:fd:05:8e:21:98:8e:ce:b7:86:4e:20:09:a9:
f1:3b:1a:98:9a:c6:76:18:c1:40:f7:c1:b6:e9:a5:
36:50:4a:c2:f3:e7:30:01:41:84:01:ce:57:19:70:
81:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:7B:4A:F2:2D:19:91:30:71:4C:59:05:E2:04:FC:48:22:19:4E:6C
X509v3 Authority Key Identifier:
keyid:21:0D:1C:0D:B5:AA:18:80:D7:74:7E:22:F1:DB:F4:71:6D:31:01:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQ0cDbWqGIDXdH4i8dv0cW0xAak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/09c980-38eb-4222-b225-d71130c6c0f9/1/ZXtK8i0ZkTBxTFkF4gT8SCIZTmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/09c980-38eb-4222-b225-d71130c6c0f9/1/IQ0cDbWqGIDXdH4i8dv0cW0xAak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.209.0/24
IPv6:
2a13:6700::/47
Signature Algorithm: sha256WithRSAEncryption
49:23:92:dd:69:ea:e3:9a:9d:54:61:9c:dc:d3:a3:a0:ac:9f:
e3:0a:6b:2c:c6:84:6b:4f:36:cf:60:4d:7a:35:03:bd:cf:ac:
0f:c5:55:a5:c3:7f:8a:1e:cb:7f:ed:a6:3d:86:c0:51:92:3e:
f1:dc:74:56:ce:a0:ee:63:43:b2:1f:7f:4e:58:4f:f3:85:0c:
0d:2e:e8:34:77:82:43:1f:61:9c:44:07:3e:6e:cf:aa:d9:70:
81:96:a6:29:4b:2a:37:7b:79:7c:aa:81:ef:9e:2c:9a:91:65:
cc:13:66:09:0f:c8:fc:fc:d7:c3:e2:ec:31:3a:dc:91:bd:a2:
1c:6c:64:f1:70:87:26:d2:b3:c6:a5:5e:d8:e6:1b:2b:00:8a:
71:8b:15:f3:f6:ab:ce:8d:8a:eb:fd:ab:e2:af:d9:24:64:53:
f8:2d:03:ed:99:16:cc:bc:e7:52:70:b7:a7:c4:51:06:2a:56:
1c:d4:43:2d:57:68:69:b1:64:3a:89:aa:90:7b:69:91:0e:fb:
85:69:bc:8e:fe:bc:1a:20:b4:80:5f:26:ee:2c:ca:0a:c8:c9:
fb:7d:22:9e:ed:6f:25:f1:d1:54:1a:cb:fd:53:7b:eb:58:8f:
75:34:fc:38:eb:76:df:b7:ba:1a:0e:8d:3a:a5:0b:af:77:de:
35:08:65:2d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQfjAMZU5Y8Wp0NOfnQoA0IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMGQxYzBkYjVhYTE4ODBkNzc0N2UyMmYxZGJmNDcxNmQz
MTAxYTkwHhcNMjUwMTAxMDE0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTdiNGFmMjJkMTk5MTMwNzE0YzU5MDVlMjA0ZmM0ODIyMTk0ZTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8GSYTGrQO9xhJr66xpe1O2//D0Uc
oYqmHq7PftSbb7KfFlV+SGdvLqSltEs6tBGDwKFXo/iCPr/KpoUlGrzM2jfceZIV
LolaGz7pWFZGwSEA9cLpXkIQnzDTQ+J/eJ9+VneyujEtIcYNGLL+6VnBo2GA5SLN
TpnKoKnHFx8NLfyWPXT8qk5eBsMDPp+URZqOLMWZSSykXjMsXR8Gyq+HR7oduFRX
U13AMswgMsdcaalfif1+HjuIhe5XRXLDZWq2vJt3W32mUDHH3xRhasW5c+W00P0F
jiGYjs63hk4gCanxOxqYmsZ2GMFA98G26aU2UErC8+cwAUGEAc5XGXCBSwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGV7SvItGZEwcUxZBeIE/EgiGU5sMB8GA1UdIwQY
MBaAFCENHA21qhiA13R+IvHb9HFtMQGpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVEwY0RiV3FHSURYZEg0aThkdjBjVzB4QWFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8wOWM5ODAtMzhlYi00MjIyLWIyMjUt
ZDcxMTMwYzZjMGY5LzEvWlh0SzhpMFprVEJ4VEZrRjRnVDhTQ0laVG13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8wOWM5ODAtMzhlYi00MjIyLWIyMjUtZDcxMTMwYzZjMGY5
LzEvSVEwY0RiV3FHSURYZEg0aThkdjBjVzB4QWFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwW/RMA8E
AgACMAkDBwEqE2cAAAAwDQYJKoZIhvcNAQELBQADggEBAEkjkt1p6uOanVRhnNzT
o6Csn+MKayzGhGtPNs9gTXo1A73PrA/FVaXDf4oey3/tpj2GwFGSPvHcdFbOoO5j
Q7Iff05YT/OFDA0u6DR3gkMfYZxEBz5uz6rZcIGWpilLKjd7eXyqge+eLJqRZcwT
ZgkPyPz818Pi7DE63JG9ohxsZPFwhybSs8alXtjmGysAinGLFfP2q86Niuv9q+Kv
2SRkU/gtA+2ZFsy851Jwt6fEUQYqVhzUQy1XaGmxZDqJqpB7aZEO+4VpvI7+vBog
tIBfJu4sygrIyft9Ip7tbyXx0VQay/1Te+tYj3U0/Djrdt+3uhoOjTqlC6933jUI
ZS0=
-----END CERTIFICATE-----
Generated at Sun Apr 27 01:40:51 2025 by rpki-client