Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/ZpHfWVjuEOKskBrtwaYIwjI0Guo.roa
File: ZpHfWVjuEOKskBrtwaYIwjI0Guo.roa (raw, json)
Hash identifier: Wbu0UAoyfqfRNfVd83E/JzBGqxjkg6na3mvNKvAeptw=
Subject key identifier: 66:91:DF:59:58:EE:10:E2:AC:90:1A:ED:C1:A6:08:C2:32:34:1A:EA
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019600E1F2AF4E1EE3D642B0DA3226EDB6BC
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/ZpHfWVjuEOKskBrtwaYIwjI0Guo.roa
Signing time: Fri 04 Apr 2025 12:58:49 +0000
ROA not before: Fri 04 Apr 2025 12:58:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:00:e1:f2:af:4e:1e:e3:d6:42:b0:da:32:26:ed:b6:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Apr 4 12:58:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6691df5958ee10e2ac901aedc1a608c232341aea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:5a:67:b9:1f:3d:42:f6:b9:2c:bd:fc:a1:66:
d0:b8:6b:5c:c0:04:ec:37:72:98:8b:38:8f:fb:b1:
35:d0:2c:53:02:de:af:d6:71:e4:cb:41:1f:29:b7:
be:c7:b3:51:86:62:bc:92:d9:26:e4:25:cd:f8:82:
fb:b9:a1:5a:7d:9d:57:d3:89:27:7a:ad:85:34:d3:
07:6c:f5:b0:4e:2e:8a:33:a3:28:b9:fc:61:69:d5:
5e:9f:fc:8d:72:f2:d7:bf:fb:87:de:e0:6d:3d:78:
8c:7d:ed:40:f7:2f:dc:f6:37:22:66:dd:8a:11:d5:
41:8c:de:0f:67:03:f9:cd:7f:46:1a:0f:5c:94:81:
4a:ec:cc:27:9b:70:02:cc:44:63:18:14:6d:a0:06:
91:0d:9e:9e:6d:06:9c:af:d7:43:a6:2b:8d:74:58:
84:2b:c2:9f:52:7f:a4:d0:f6:6c:73:f7:73:c1:b8:
b8:57:e5:47:71:4f:18:9f:dd:76:1f:a2:d9:2e:f8:
b5:1d:91:24:16:b1:f1:4b:ae:19:b5:48:02:08:11:
53:55:a1:e4:e5:49:c7:ac:01:c9:c0:e2:7f:c8:3a:
5c:06:9d:46:7d:78:86:cf:0d:e5:e5:d0:12:22:21:
00:6a:c8:5f:d7:f3:c3:a1:23:a8:3e:1f:ff:8a:3c:
52:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:91:DF:59:58:EE:10:E2:AC:90:1A:ED:C1:A6:08:C2:32:34:1A:EA
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/ZpHfWVjuEOKskBrtwaYIwjI0Guo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5b:af:0c:74:9b:f3:e8:9f:8d:eb:1a:d1:c6:8d:76:a7:a3:72:
28:67:d8:83:ad:ed:91:56:00:2a:be:37:0e:d1:5b:5b:0d:d3:
42:21:d0:1e:a5:19:76:71:63:7c:ef:3a:6c:8e:cb:cf:a7:6b:
18:60:00:4d:7d:ce:c9:b9:d3:47:a4:6a:e3:2f:49:db:6d:84:
76:50:20:6a:f0:b5:36:54:d1:eb:65:a4:d0:aa:6d:ee:2f:0c:
6a:65:27:3e:ed:65:e2:76:19:49:c2:20:26:43:ba:f1:69:e9:
96:16:80:c2:bd:8c:27:4f:0a:cd:8c:c9:f1:46:d4:e8:9d:eb:
cd:f0:3e:99:24:27:10:a6:23:3e:d0:74:5e:ce:5f:53:9d:7c:
ec:9f:33:31:e4:d7:ed:e2:b8:bc:4c:2b:64:e4:b3:b7:bc:16:
3f:6f:71:18:82:ad:00:92:0a:8a:e1:fc:2e:c0:26:bb:e9:50:
da:0c:80:e0:43:ca:44:e3:22:8c:4e:16:be:da:cb:c9:0b:2a:
e9:39:2a:a6:68:55:4a:cf:3c:b4:c0:84:6e:7a:d2:1f:04:73:
24:fb:c2:d3:a3:9a:96:04:ad:78:0d:11:8f:73:e7:c3:ac:28:
cf:88:03:8c:16:4f:2d:45:54:6a:f3:c6:e4:b7:91:1f:bf:8e:
72:15:46:f8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZYA4fKvTh7j1kKw2jIm7ba8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNDA0MTI1ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjkxZGY1OTU4ZWUxMGUyYWM5MDFhZWRjMWE2MDhjMjMyMzQxYWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVpnuR89Qva5LL38oWbQuGtcwATs
N3KYiziP+7E10CxTAt6v1nHky0EfKbe+x7NRhmK8ktkm5CXN+IL7uaFafZ1X04kn
eq2FNNMHbPWwTi6KM6MoufxhadVen/yNcvLXv/uH3uBtPXiMfe1A9y/c9jciZt2K
EdVBjN4PZwP5zX9GGg9clIFK7Mwnm3ACzERjGBRtoAaRDZ6ebQacr9dDpiuNdFiE
K8KfUn+k0PZsc/dzwbi4V+VHcU8Yn912H6LZLvi1HZEkFrHxS64ZtUgCCBFTVaHk
5UnHrAHJwOJ/yDpcBp1GfXiGzw3l5dASIiEAashf1/PDoSOoPh//ijxSPwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGaR31lY7hDirJAa7cGmCMIyNBrqMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvWnBIZldWanVFT0tza0JydHdhWUl3akkwR3VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFuvDHSb8+ifjesa0caN
dqejcihn2IOt7ZFWACq+Nw7RW1sN00Ih0B6lGXZxY3zvOmyOy8+naxhgAE19zsm5
00ekauMvSdtthHZQIGrwtTZU0etlpNCqbe4vDGplJz7tZeJ2GUnCICZDuvFp6ZYW
gMK9jCdPCs2MyfFG1Oid683wPpkkJxCmIz7QdF7OX1OdfOyfMzHk1+3iuLxMK2Tk
s7e8Fj9vcRiCrQCSCorh/C7AJrvpUNoMgOBDykTjIoxOFr7ay8kLKuk5KqZoVUrP
PLTAhG560h8EcyT7wtOjmpYErXgNEY9z58OsKM+IA4wWTy1FVGrzxuS3kR+/jnIV
Rvg=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:30 2025 by rpki-client on console.sobornost.net