Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/zdrdCklw5a5U5WRj_eUiaHs0c2I.roa
File: zdrdCklw5a5U5WRj_eUiaHs0c2I.roa (raw, json)
Hash identifier: OzjZp7ZnTkphb2saNeNdDLwIW806TSXdgI/PXFLxWUs=
Subject key identifier: CD:DA:DD:0A:49:70:E5:AE:54:E5:64:63:FD:E5:22:68:7B:34:73:62
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184F695C1C1088283C52DBFBB5972DD539A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/zdrdCklw5a5U5WRj_eUiaHs0c2I.roa
Signing time: Fri 09 Dec 2022 11:12:00 +0000
ROA not before: Fri 09 Dec 2022 11:12:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f6:95:c1:c1:08:82:83:c5:2d:bf:bb:59:72:dd:53:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 9 11:12:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cddadd0a4970e5ae54e56463fde522687b347362
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:85:6a:79:f1:32:dd:af:6e:ad:c8:1c:8a:f0:
ac:9e:c7:b1:9b:bd:80:00:c4:06:4c:34:10:2c:4c:
22:1e:85:d7:62:d0:7c:60:ab:04:1f:eb:74:81:4a:
20:60:4f:46:6a:e3:46:9b:63:57:b1:25:15:fb:71:
8d:9c:9d:42:56:95:2f:c4:29:d6:c0:27:e7:f0:be:
1f:ed:b6:cd:71:83:83:66:5b:ac:d3:0b:7b:7d:42:
4f:e2:96:64:5b:81:26:a1:07:df:b5:8b:ca:5d:1f:
89:76:56:83:58:83:0f:19:62:af:c5:44:12:ad:8d:
ca:80:7f:8d:17:c6:cf:5b:e2:98:f4:48:9d:32:e8:
1d:25:c2:95:90:90:eb:aa:70:1f:15:20:a4:d0:56:
a9:08:86:ac:59:0c:36:23:8e:18:f5:77:b0:9e:b4:
6b:be:4c:94:7b:86:e5:fb:fe:9b:b1:bf:8c:bb:15:
68:ef:55:66:83:af:60:34:ac:95:3e:b1:ac:3c:78:
ba:2e:34:cd:72:6e:60:9d:9e:52:53:26:13:c2:6b:
4e:8a:9e:46:a7:d9:61:88:9b:ae:3d:6e:96:2b:39:
7e:9f:ab:a1:bb:a4:36:be:be:d0:2b:db:fb:2e:e4:
55:a6:85:80:14:36:f6:e0:01:e6:f6:68:af:40:dc:
91:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:DA:DD:0A:49:70:E5:AE:54:E5:64:63:FD:E5:22:68:7B:34:73:62
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/zdrdCklw5a5U5WRj_eUiaHs0c2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
66:0d:18:a5:f3:8a:44:9a:fc:8d:52:35:de:c8:a3:b4:2c:ce:
1e:ba:2e:e4:07:7f:74:3c:ac:7f:5c:36:0b:1b:96:bc:4c:6d:
5b:ee:3b:4d:8d:6a:0b:28:70:45:a0:56:b5:47:d1:cf:9a:19:
65:57:21:75:99:fe:ff:d8:84:22:15:a6:5a:a7:c8:af:34:45:
25:b6:59:3e:a3:9e:be:23:b4:2c:64:4d:7d:27:06:fd:02:6a:
07:94:0e:55:00:d2:bc:ae:52:01:5b:80:a5:97:60:18:e3:ec:
d3:8b:0d:d8:33:ad:75:a9:2d:2a:07:e0:2d:4b:c4:36:43:3c:
d9:c9:79:f1:ff:e9:ce:d4:17:09:cf:af:4b:76:c7:c6:ce:4a:
52:23:8b:f5:3a:cd:fb:0e:d3:d0:ea:f8:36:f4:49:69:04:31:
57:e5:9f:6e:af:67:51:1f:97:96:8a:bc:be:b6:e7:ae:d5:f6:
6b:05:0f:00:17:5e:5c:3c:c2:b8:72:c7:f2:e1:18:ee:3c:8e:
f9:37:d1:c5:60:97:8e:78:b3:f4:25:43:c7:a3:c5:5f:3e:d7:
a9:37:3e:6a:b0:f6:79:e4:0b:df:8d:77:e4:0e:aa:eb:f8:9c:
9f:b7:8e:45:43:65:48:91:c0:e9:2e:48:51:9e:a0:41:2a:43:
7f:05:25:cb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYT2lcHBCIKDxS2/u1ly3VOaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjA5MTExMjAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGRhZGQwYTQ5NzBlNWFlNTRlNTY0NjNmZGU1MjI2ODdiMzQ3MzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYVqefEy3a9urcgcivCsnsexm72A
AMQGTDQQLEwiHoXXYtB8YKsEH+t0gUogYE9GauNGm2NXsSUV+3GNnJ1CVpUvxCnW
wCfn8L4f7bbNcYODZlus0wt7fUJP4pZkW4EmoQfftYvKXR+JdlaDWIMPGWKvxUQS
rY3KgH+NF8bPW+KY9EidMugdJcKVkJDrqnAfFSCk0FapCIasWQw2I44Y9XewnrRr
vkyUe4bl+/6bsb+MuxVo71Vmg69gNKyVPrGsPHi6LjTNcm5gnZ5SUyYTwmtOip5G
p9lhiJuuPW6WKzl+n6uhu6Q2vr7QK9v7LuRVpoWAFDb24AHm9mivQNyRQwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM3a3QpJcOWuVOVkY/3lImh7NHNiMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvemRyZENrbHc1YTVVNVdSal9lVWlhSHMwYzJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGYNGKXzikSa/I1SNd7I
o7Qszh66LuQHf3Q8rH9cNgsblrxMbVvuO02NagsocEWgVrVH0c+aGWVXIXWZ/v/Y
hCIVplqnyK80RSW2WT6jnr4jtCxkTX0nBv0CageUDlUA0ryuUgFbgKWXYBjj7NOL
DdgzrXWpLSoH4C1LxDZDPNnJefH/6c7UFwnPr0t2x8bOSlIji/U6zfsO09Dq+Db0
SWkEMVfln26vZ1Efl5aKvL62567V9msFDwAXXlw8wrhyx/LhGO48jvk30cVgl454
s/QlQ8ejxV8+16k3Pmqw9nnkC9+Nd+QOquv4nJ+3jkVDZUiRwOkuSFGeoEEqQ38F
Jcs=
-----END CERTIFICATE-----
Generated at Thu May 1 17:08:52 2025 by rpki-client