Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/21E38ZJn3Y3wnYOg6rZryW7jINU.roa
File: 21E38ZJn3Y3wnYOg6rZryW7jINU.roa (raw, json)
Hash identifier: SAUPXrysKyx0/ciMHZtWkr2xOaCTGgvaZdUfJqupJuQ=
Subject key identifier: DB:51:37:F1:92:67:DD:8D:F0:9D:83:A0:EA:B6:6B:C9:6E:E3:20:D5
Certificate issuer: /CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3
Certificate serial: 0194221F6D867964819C25FE7F75932D64B9
Authority key identifier: CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/21E38ZJn3Y3wnYOg6rZryW7jINU.roa
Signing time: Wed 01 Jan 2025 13:47:52 +0000
ROA not before: Wed 01 Jan 2025 13:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19197
IP address blocks: 57.72.96.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:6d:86:79:64:81:9c:25:fe:7f:75:93:2d:64:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3
Validity
Not Before: Jan 1 13:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db5137f19267dd8df09d83a0eab66bc96ee320d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e6:cb:14:f1:52:c0:f3:11:b8:a3:73:94:c3:
66:68:2c:a1:c4:81:cd:3b:39:a9:62:6f:96:1b:d9:
64:87:00:5f:0c:47:b5:71:4b:3c:f9:55:16:43:a3:
66:89:86:3a:80:3b:67:ed:ae:aa:97:13:78:6c:82:
d4:69:1d:d3:b7:6c:fe:53:da:5e:24:46:04:18:95:
b0:6b:1f:0f:3b:b5:28:20:8c:93:ba:a4:d5:75:b8:
df:d1:6e:d4:bc:69:09:b5:6f:ec:9c:b8:a8:3e:c2:
3f:06:8b:de:2a:80:99:88:3c:df:78:0a:be:41:f3:
f8:b3:13:2a:d6:7f:3c:a7:0a:49:6c:64:be:28:fb:
71:24:93:fc:65:40:dd:47:4a:f2:8a:0d:90:7c:19:
19:21:8a:8f:2d:6a:7b:37:e4:68:2a:23:f5:7a:72:
47:2a:07:bd:d0:bc:c5:1a:9b:91:e5:da:d8:f7:f4:
07:19:70:0d:85:48:ed:40:23:9f:b0:c9:4f:86:9e:
aa:cd:c5:c1:1e:92:3d:64:91:49:54:71:83:a8:f3:
ea:26:43:15:f0:57:af:57:91:6e:d1:9e:39:58:40:
34:3c:25:e6:08:31:15:26:31:50:2f:a6:72:5c:19:
02:a8:e4:95:f7:d9:7e:cd:0a:26:b5:2f:08:5f:ff:
54:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:51:37:F1:92:67:DD:8D:F0:9D:83:A0:EA:B6:6B:C9:6E:E3:20:D5
X509v3 Authority Key Identifier:
keyid:CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/21E38ZJn3Y3wnYOg6rZryW7jINU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/zbg8_lSJg18pTQr03U2249wl8fM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.72.96.0/24
Signature Algorithm: sha256WithRSAEncryption
87:4a:67:5b:41:1d:03:cb:46:2f:dd:a3:67:1b:3f:c5:c0:5b:
3f:ce:bc:24:61:67:f1:2d:5c:35:cf:ab:27:b2:4e:33:b9:e6:
84:e0:a0:88:ea:ed:62:3c:d4:40:21:ed:ec:64:c4:31:ad:c8:
09:80:a9:8e:1f:55:63:30:49:05:f9:84:39:9e:ac:b5:76:e7:
c1:a1:bb:30:0c:49:ff:49:f9:08:39:58:cf:d6:1a:33:dc:d5:
9c:e7:89:07:8c:f3:86:bd:a2:d7:cb:b6:e5:be:38:cb:36:96:
08:d4:37:16:31:6a:fe:f7:95:2d:4a:71:0a:1f:58:1e:3d:de:
fa:2d:a5:ea:f5:1b:4e:10:5c:6d:8a:e1:f1:d5:34:e7:0e:94:
4a:80:d1:22:13:2a:83:b9:ae:3b:81:10:b9:69:f6:56:61:dc:
89:a9:9f:28:c1:2e:d5:19:9f:58:ec:da:49:b4:07:ba:26:bf:
08:60:82:64:0c:f1:79:6e:96:01:eb:ed:6d:c2:42:ff:11:08:
2c:d7:e3:c7:59:6a:76:f5:a3:49:da:21:06:95:e3:18:6a:29:
8f:ff:f3:01:5c:fd:2d:5f:dd:16:3c:3f:80:ea:c8:2d:68:5b:
d6:01:54:c8:9c:d7:96:c7:8c:2a:9f:e7:0e:d3:69:9d:a5:4b:
f1:10:5d:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH22GeWSBnCX+f3WTLWS5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYjgzY2ZlNTQ4OTgzNWYyOTRkMGFmNGRkNGRiNmUzZGMy
NWYxZjMwHhcNMjUwMTAxMTM0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjUxMzdmMTkyNjdkZDhkZjA5ZDgzYTBlYWI2NmJjOTZlZTMyMGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnubLFPFSwPMRuKNzlMNmaCyhxIHN
OzmpYm+WG9lkhwBfDEe1cUs8+VUWQ6NmiYY6gDtn7a6qlxN4bILUaR3Tt2z+U9pe
JEYEGJWwax8PO7UoIIyTuqTVdbjf0W7UvGkJtW/snLioPsI/BoveKoCZiDzfeAq+
QfP4sxMq1n88pwpJbGS+KPtxJJP8ZUDdR0ryig2QfBkZIYqPLWp7N+RoKiP1enJH
Kge90LzFGpuR5drY9/QHGXANhUjtQCOfsMlPhp6qzcXBHpI9ZJFJVHGDqPPqJkMV
8FevV5Fu0Z45WEA0PCXmCDEVJjFQL6ZyXBkCqOSV99l+zQomtS8IX/9UBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNtRN/GSZ92N8J2DoOq2a8lu4yDVMB8GA1UdIwQY
MBaAFM24PP5UiYNfKU0K9N1NtuPcJfHzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemJnOF9sU0pnMThwVFFyMDNVMjI0OXdsOGZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83Mzk3MTYtOWFmMi00N2Y1LWE2ZjEt
YTNiNzRmOTY0MWFjLzEvMjFFMzhaSm4zWTN3bllPZzZyWnJ5VzdqSU5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS83Mzk3MTYtOWFmMi00N2Y1LWE2ZjEtYTNiNzRmOTY0MWFj
LzEvemJnOF9sU0pnMThwVFFyMDNVMjI0OXdsOGZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAOUhgMA0G
CSqGSIb3DQEBCwUAA4IBAQCHSmdbQR0Dy0Yv3aNnGz/FwFs/zrwkYWfxLVw1z6sn
sk4zueaE4KCI6u1iPNRAIe3sZMQxrcgJgKmOH1VjMEkF+YQ5nqy1dufBobswDEn/
SfkIOVjP1hoz3NWc54kHjPOGvaLXy7blvjjLNpYI1DcWMWr+95UtSnEKH1gePd76
LaXq9RtOEFxtiuHx1TTnDpRKgNEiEyqDua47gRC5afZWYdyJqZ8owS7VGZ9Y7NpJ
tAe6Jr8IYIJkDPF5bpYB6+1twkL/EQgs1+PHWWp29aNJ2iEGleMYaimP//MBXP0t
X90WPD+A6sgtaFvWAVTInNeWx4wqn+cO02mdpUvxEF0I
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:54 2025 by rpki-client on console.sobornost.net