Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/kz6JNJfxOdjjOAkEAop3IRCa6JM.roa
File: kz6JNJfxOdjjOAkEAop3IRCa6JM.roa (raw, json)
Hash identifier: XwVP3TywQR9n7SfHe2NDGp9/M0JBSrQtqs+ABrn7MzM=
Subject key identifier: 93:3E:89:34:97:F1:39:D8:E3:38:09:04:02:8A:77:21:10:9A:E8:93
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D3DF96770F3051388DC1654AD01DE2AE0
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/kz6JNJfxOdjjOAkEAop3IRCa6JM.roa
Signing time: Thu 25 Jan 2024 00:16:11 +0000
ROA not before: Thu 25 Jan 2024 00:16:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3d:f9:67:70:f3:05:13:88:dc:16:54:ad:01:de:2a:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 25 00:16:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=933e893497f139d8e3380904028a7721109ae893
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:76:84:07:55:da:69:db:9c:78:2a:77:74:c0:
49:ad:15:f7:b3:f6:90:70:6e:c7:d9:5d:59:bb:4c:
84:34:b7:30:00:83:49:8d:ae:2b:e3:22:db:e3:5b:
4e:e5:bc:6d:7b:58:27:fe:66:75:3e:7c:c1:39:b1:
de:d0:c0:e6:01:b8:37:58:c8:0e:1f:b4:cb:a1:16:
9e:f8:27:94:c3:73:bb:88:f5:97:26:bd:8e:44:cc:
d6:ea:8e:33:9d:02:e6:52:fd:e3:8f:3b:23:20:24:
34:57:c9:9f:b9:e5:9a:fc:a2:17:c2:fc:67:7e:28:
65:0b:dd:78:6a:f8:fb:2f:fd:54:24:72:a6:d9:e3:
93:44:4e:fd:f0:62:11:da:45:b7:d9:ea:84:a9:c5:
02:13:4f:dc:c4:0a:1c:de:a0:9b:58:10:31:a7:36:
cb:6d:6d:25:e2:be:b2:bc:d7:89:39:ac:11:cb:b2:
cc:3c:46:7a:31:da:2c:93:a2:94:75:1e:5c:46:81:
d2:45:8b:5a:8e:f9:bf:1d:e4:77:3b:ab:38:9e:2e:
fb:79:0f:6b:69:8f:b6:88:cf:a3:85:8b:e7:19:03:
e5:91:71:dc:27:53:ff:19:e3:0f:f3:f3:e1:19:26:
a9:5a:bd:ce:60:f1:7c:b9:d0:d3:d4:ec:0f:21:ed:
6f:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:3E:89:34:97:F1:39:D8:E3:38:09:04:02:8A:77:21:10:9A:E8:93
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/kz6JNJfxOdjjOAkEAop3IRCa6JM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1e:c0:94:e5:5b:27:d1:1b:28:f8:f7:83:e3:41:ad:f3:6c:37:
19:de:88:2e:51:a5:36:e8:ae:80:ad:e4:fd:f0:a0:31:eb:98:
45:42:d8:b1:f3:cc:88:df:68:c1:4e:ed:26:fb:46:29:db:29:
e1:16:1d:4b:40:0b:1e:6a:68:2e:fa:6b:f0:85:2c:41:d3:4e:
33:18:7e:89:03:60:87:58:6d:81:b7:26:64:0e:8f:ab:c0:7c:
53:d6:64:cd:4d:1b:98:75:ea:b2:29:e7:18:c8:b6:ed:fe:77:
45:3e:77:92:ae:5c:cc:6f:5b:91:c6:60:52:6e:fe:b2:7d:51:
8f:bb:ad:64:5e:ea:01:2e:e3:79:51:b2:77:6f:68:aa:df:a8:
7c:1b:f9:17:22:01:2f:97:a2:64:7f:23:ed:c5:45:28:44:82:
82:5d:67:59:b0:83:77:3b:2a:fd:bf:35:93:ee:ca:1e:e6:f4:
26:95:cc:5f:43:0e:86:08:d4:0e:66:e6:1f:39:f4:07:e0:42:
3b:b8:8c:c1:4a:9a:6d:6d:aa:b3:40:db:2e:c4:8b:90:6d:62:
50:3e:ce:2d:99:45:95:ec:bc:81:b1:d4:a2:a8:b3:9c:61:b3:
89:57:d4:4f:4f:67:e4:51:1c:80:54:e0:1d:de:59:30:70:c7:
36:31:79:42
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY09+Wdw8wUTiNwWVK0B3irgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTI1MDAxNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzNlODkzNDk3ZjEzOWQ4ZTMzODA5MDQwMjhhNzcyMTEwOWFlODkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXaEB1XaaduceCp3dMBJrRX3s/aQ
cG7H2V1Zu0yENLcwAINJja4r4yLb41tO5bxte1gn/mZ1PnzBObHe0MDmAbg3WMgO
H7TLoRae+CeUw3O7iPWXJr2ORMzW6o4znQLmUv3jjzsjICQ0V8mfueWa/KIXwvxn
fihlC914avj7L/1UJHKm2eOTRE798GIR2kW32eqEqcUCE0/cxAoc3qCbWBAxpzbL
bW0l4r6yvNeJOawRy7LMPEZ6Mdosk6KUdR5cRoHSRYtajvm/HeR3O6s4ni77eQ9r
aY+2iM+jhYvnGQPlkXHcJ1P/GeMP8/PhGSapWr3OYPF8udDT1OwPIe1vtQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJM+iTSX8TnY4zgJBAKKdyEQmuiTMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEva3o2Sk5KZnhPZGpqT0FrRUFvcDNJUkNhNkpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB7AlOVbJ9EbKPj3g+NB
rfNsNxneiC5RpTboroCt5P3woDHrmEVC2LHzzIjfaMFO7Sb7RinbKeEWHUtACx5q
aC76a/CFLEHTTjMYfokDYIdYbYG3JmQOj6vAfFPWZM1NG5h16rIp5xjItu3+d0U+
d5KuXMxvW5HGYFJu/rJ9UY+7rWRe6gEu43lRsndvaKrfqHwb+RciAS+XomR/I+3F
RShEgoJdZ1mwg3c7Kv2/NZPuyh7m9CaVzF9DDoYI1A5m5h859AfgQju4jMFKmm1t
qrNA2y7Ei5BtYlA+zi2ZRZXsvIGx1KKos5xhs4lX1E9PZ+RRHIBU4B3eWTBwxzYx
eUI=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:03:21 2025 by rpki-client