Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ZTHQYAJqU-Yb3JDNHrPnLTRW3v0.roa
File: ZTHQYAJqU-Yb3JDNHrPnLTRW3v0.roa (raw, json)
Hash identifier: D1JRqybZy4iERuVz7HQhA2MtMBUoDCaLVfEhJ5mYhVg=
Subject key identifier: 65:31:D0:60:02:6A:53:E6:1B:DC:90:CD:1E:B3:E7:2D:34:56:DE:FD
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E8E2CCFAD96894E392D41205316EC83AD
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ZTHQYAJqU-Yb3JDNHrPnLTRW3v0.roa
Signing time: Sat 30 Mar 2024 07:04:45 +0000
ROA not before: Sat 30 Mar 2024 07:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
2001:67c:64:ffff:0:18e:8e2c:5f25/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:8e:2c:cf:ad:96:89:4e:39:2d:41:20:53:16:ec:83:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 30 07:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6531d060026a53e61bdc90cd1eb3e72d3456defd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:72:4f:b8:1d:9b:77:4c:db:28:e9:7f:f8:98:
a4:9f:2f:28:be:0d:99:88:f1:7e:86:02:6b:e9:ff:
50:6f:69:f0:1a:2f:c8:41:61:2e:0e:4f:6a:3c:2b:
db:5f:1c:44:71:ce:a8:f0:b6:9f:1e:66:50:7a:1f:
9f:1f:f7:28:66:39:cf:95:f4:c7:65:20:ac:a1:38:
b4:f8:c6:b0:58:58:f3:e4:0c:77:52:53:9b:3c:f5:
80:57:54:66:84:8c:c9:c4:bc:f9:94:2a:cc:e4:b5:
c3:d0:7b:78:47:6f:84:ae:ff:41:9d:0f:8a:e5:96:
7d:45:9c:42:e2:d2:8c:22:ff:e7:ff:14:88:98:6c:
ae:8b:e7:24:56:9a:8c:70:aa:95:a3:8d:63:90:fe:
a3:9a:d2:ac:15:37:8b:a9:c5:7a:b8:39:48:af:2e:
b6:5d:b5:64:9c:71:e8:e6:2b:c9:c0:01:69:b7:2a:
04:3a:d0:79:ea:53:22:3a:e8:81:65:c9:65:b3:13:
9c:eb:9d:01:d1:43:7c:57:65:9c:b0:f2:1c:a0:a9:
76:34:28:94:7e:0f:1d:6f:ad:f5:90:7a:f4:bd:7e:
84:26:a9:24:21:ba:61:dd:1a:27:3b:6c:7f:cc:78:
72:c6:7d:9d:80:ba:9a:ad:6a:1c:2c:24:0f:db:c7:
54:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:31:D0:60:02:6A:53:E6:1B:DC:90:CD:1E:B3:E7:2D:34:56:DE:FD
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ZTHQYAJqU-Yb3JDNHrPnLTRW3v0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
73:53:3e:6f:8d:20:b0:9a:19:fa:00:b3:e7:02:dc:14:a8:ec:
16:35:07:6a:0e:37:d9:68:f8:0e:b9:ee:d8:d6:f6:8e:10:c3:
79:86:97:c9:8a:ae:9d:7d:ad:26:59:a7:9b:48:1f:14:f2:a8:
80:b4:08:82:44:ff:77:2b:07:d0:5a:46:91:63:d3:7a:93:5d:
69:fc:d8:70:15:30:3e:88:4b:70:c0:13:a4:fa:1d:0b:62:73:
2d:48:db:ea:a6:ca:e4:9e:3d:07:03:60:15:9a:8b:35:45:58:
57:59:f0:5e:6f:c1:fd:1d:0e:06:14:65:b5:ce:7f:29:fa:c3:
a7:26:ce:06:06:3f:25:87:30:06:8b:17:98:c8:98:13:e7:04:
c2:d3:c2:d1:40:76:20:af:87:81:9b:af:07:d1:92:f2:a6:ee:
9c:ce:0a:31:9f:3d:c7:4a:5a:7b:5d:3c:ee:da:a9:11:83:3f:
5d:c3:66:71:a9:ee:6e:ff:e1:ad:9a:0b:a6:56:34:50:48:8a:
8c:d7:86:60:9c:1b:43:bd:42:7a:95:6f:48:fe:fd:3e:03:21:
27:54:0f:96:9c:92:80:b6:c2:b2:81:ef:a1:01:a3:b0:28:9d:
d9:92:aa:ac:39:bb:0d:f4:67:f7:79:98:3a:af:c7:ff:0f:26:
4b:41:be:8f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6OLM+tlolOOS1BIFMW7IOtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzMwMDcwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTMxZDA2MDAyNmE1M2U2MWJkYzkwY2QxZWIzZTcyZDM0NTZkZWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnJPuB2bd0zbKOl/+Jikny8ovg2Z
iPF+hgJr6f9Qb2nwGi/IQWEuDk9qPCvbXxxEcc6o8LafHmZQeh+fH/coZjnPlfTH
ZSCsoTi0+MawWFjz5Ax3UlObPPWAV1RmhIzJxLz5lCrM5LXD0Ht4R2+Erv9BnQ+K
5ZZ9RZxC4tKMIv/n/xSImGyui+ckVpqMcKqVo41jkP6jmtKsFTeLqcV6uDlIry62
XbVknHHo5ivJwAFptyoEOtB56lMiOuiBZcllsxOc650B0UN8V2WcsPIcoKl2NCiU
fg8db631kHr0vX6EJqkkIbph3RonO2x/zHhyxn2dgLqarWocLCQP28dU4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGUx0GACalPmG9yQzR6z5y00Vt79MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWlRIUVlBSnFVLVliM0pETkhyUG5MVFJXM3YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHNTPm+NILCaGfoAs+cC
3BSo7BY1B2oON9lo+A657tjW9o4Qw3mGl8mKrp19rSZZp5tIHxTyqIC0CIJE/3cr
B9BaRpFj03qTXWn82HAVMD6IS3DAE6T6HQticy1I2+qmyuSePQcDYBWaizVFWFdZ
8F5vwf0dDgYUZbXOfyn6w6cmzgYGPyWHMAaLF5jImBPnBMLTwtFAdiCvh4GbrwfR
kvKm7pzOCjGfPcdKWntdPO7aqRGDP13DZnGp7m7/4a2aC6ZWNFBIiozXhmCcG0O9
QnqVb0j+/T4DISdUD5ackoC2wrKB76EBo7AondmSqqw5uw30Z/d5mDqvx/8PJktB
vo8=
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:53:45 2025 by rpki-client