Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ZH2FlVIo99nxMJu8iLVYw5uJGLY.roa
File: ZH2FlVIo99nxMJu8iLVYw5uJGLY.roa (raw, json)
Hash identifier: ab9T83dy06XzUT6Cc5WM2AM/FkXoy4Tk5QfZwgliIVk=
Subject key identifier: 64:7D:85:95:52:28:F7:D9:F1:30:9B:BC:88:B5:58:C3:9B:89:18:B6
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185255AA38ABCFE5EE986BACEE8097CCED7
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ZH2FlVIo99nxMJu8iLVYw5uJGLY.roa
Signing time: Sun 18 Dec 2022 13:09:34 +0000
ROA not before: Sun 18 Dec 2022 13:09:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:25:5a:a3:8a:bc:fe:5e:e9:86:ba:ce:e8:09:7c:ce:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 18 13:09:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=647d85955228f7d9f1309bbc88b558c39b8918b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:05:e4:96:87:cc:8c:30:73:1c:a1:c6:36:e5:
7d:c3:d1:ff:21:d9:56:bb:b2:49:63:c5:07:9a:ea:
81:c3:01:ab:d1:68:3d:39:a9:32:78:67:63:bf:cd:
f0:a7:dd:cc:6e:e2:3a:51:cf:db:fa:b3:c4:84:04:
3e:1e:00:c2:99:14:c3:0d:3a:be:21:f9:1a:ac:22:
bc:e5:b6:00:c1:e7:51:2f:87:02:94:3f:d3:d6:c2:
60:52:79:7e:a2:2b:60:c6:11:12:3f:f6:73:10:9d:
c5:3f:62:46:00:29:d7:a0:9b:39:65:c7:32:42:95:
f3:47:75:45:96:81:04:58:02:6b:72:ef:b1:96:fd:
b5:e4:23:e6:4f:e5:af:42:41:43:42:56:07:29:9f:
8c:41:bf:4d:2e:3c:8b:32:a0:52:5d:45:4f:c9:12:
8d:65:29:5b:53:b9:dc:7b:5d:e2:12:ea:1b:a4:f7:
f2:20:9a:b0:eb:9a:04:b6:64:22:e6:20:c9:80:68:
7e:07:86:84:a6:f2:98:9f:29:f5:4c:4b:6a:4e:c2:
64:7c:ed:c6:07:d9:d0:00:35:0d:4b:ee:b5:e9:be:
0b:8a:53:fb:74:f3:fe:ec:f8:5c:27:33:20:32:a2:
b4:11:b5:81:8d:41:b7:01:96:74:34:6a:f0:cb:ed:
e7:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:7D:85:95:52:28:F7:D9:F1:30:9B:BC:88:B5:58:C3:9B:89:18:B6
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ZH2FlVIo99nxMJu8iLVYw5uJGLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
61:53:78:16:c6:34:e3:e6:b2:b6:a6:4f:33:86:c8:19:0e:55:
65:7f:d7:96:57:bf:2b:e3:bd:19:c7:83:b7:6e:55:9a:34:67:
37:37:3a:84:26:d5:c8:c7:76:10:52:fc:69:54:25:c8:8b:dc:
2c:b8:88:77:12:00:0c:16:d7:fd:81:64:bf:22:3a:b5:b4:94:
4c:c8:85:fd:f5:fd:53:f7:aa:50:73:40:bc:27:53:21:56:8a:
5e:fa:fa:7d:dc:85:3e:f6:e5:f5:b8:6f:cf:2a:0e:d5:cf:d2:
04:a8:bc:78:52:ab:fb:ab:07:71:df:fa:3b:96:97:f2:7c:c4:
aa:3c:04:db:ac:95:19:72:7e:e0:61:8a:4e:d5:5a:7d:52:bf:
c2:98:39:40:e1:bc:96:40:49:30:c6:7d:6f:f7:87:a3:d9:fe:
f9:41:1c:1b:f7:d4:8e:81:5f:68:d5:9f:35:04:95:1d:0d:49:
ea:83:f1:a6:fe:dc:b1:13:ae:69:22:df:bb:44:80:62:84:60:
ac:f9:dc:41:2f:7d:81:b6:86:22:f2:4c:63:9d:9b:9a:f0:ab:
7c:48:f1:b0:f6:4b:3d:22:e0:bc:dd:96:54:d5:2c:47:e0:e7:
de:bc:fb:31:78:63:1c:5b:ff:a3:b9:4b:9d:2c:52:13:b1:e2:
8e:1c:2d:84
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUlWqOKvP5e6Ya6zugJfM7XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjE4MTMwOTM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDdkODU5NTUyMjhmN2Q5ZjEzMDliYmM4OGI1NThjMzliODkxOGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygXklofMjDBzHKHGNuV9w9H/IdlW
u7JJY8UHmuqBwwGr0Wg9OakyeGdjv83wp93MbuI6Uc/b+rPEhAQ+HgDCmRTDDTq+
IfkarCK85bYAwedRL4cClD/T1sJgUnl+oitgxhESP/ZzEJ3FP2JGACnXoJs5Zccy
QpXzR3VFloEEWAJrcu+xlv215CPmT+WvQkFDQlYHKZ+MQb9NLjyLMqBSXUVPyRKN
ZSlbU7nce13iEuobpPfyIJqw65oEtmQi5iDJgGh+B4aEpvKYnyn1TEtqTsJkfO3G
B9nQADUNS+616b4LilP7dPP+7PhcJzMgMqK0EbWBjUG3AZZ0NGrwy+3nCQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGR9hZVSKPfZ8TCbvIi1WMObiRi2MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWkgyRmxWSW85OW54TUp1OGlMVll3NXVKR0xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGFTeBbGNOPmsramTzOG
yBkOVWV/15ZXvyvjvRnHg7duVZo0Zzc3OoQm1cjHdhBS/GlUJciL3Cy4iHcSAAwW
1/2BZL8iOrW0lEzIhf31/VP3qlBzQLwnUyFWil76+n3chT725fW4b88qDtXP0gSo
vHhSq/urB3Hf+juWl/J8xKo8BNuslRlyfuBhik7VWn1Sv8KYOUDhvJZASTDGfW/3
h6PZ/vlBHBv31I6BX2jVnzUElR0NSeqD8ab+3LETrmki37tEgGKEYKz53EEvfYG2
hiLyTGOdm5rwq3xI8bD2Sz0i4LzdllTVLEfg5968+zF4Yxxb/6O5S50sUhOx4o4c
LYQ=
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:30:48 2025 by rpki-client