Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Z8qxs_pJF_lLb8xsFIZmR9aWrTM.roa
File: Z8qxs_pJF_lLb8xsFIZmR9aWrTM.roa (raw, json)
Hash identifier: rRoWfYLPXXLnLnkg29GPn4t3CkTsfrHy5vlBpB6SPZ4=
Subject key identifier: 67:CA:B1:B3:FA:49:17:F9:4B:6F:CC:6C:14:86:66:47:D6:96:AD:33
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CAA173BD8062C6E466AA4AB0FDEDC37DD
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Z8qxs_pJF_lLb8xsFIZmR9aWrTM.roa
Signing time: Wed 27 Dec 2023 07:04:58 +0000
ROA not before: Wed 27 Dec 2023 07:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18c:aa16:9e12/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:aa:17:3b:d8:06:2c:6e:46:6a:a4:ab:0f:de:dc:37:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 27 07:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67cab1b3fa4917f94b6fcc6c14866647d696ad33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ab:cc:58:e2:83:7e:05:c5:5b:87:a8:5a:7e:
9f:98:67:b8:11:97:f5:6e:dc:38:43:21:a5:32:4f:
c1:58:41:16:20:74:10:55:1f:22:4d:fa:31:d7:f0:
f1:5c:c2:66:51:28:54:07:d2:3c:3a:b0:03:5f:27:
c9:d1:10:dd:4e:1a:ca:98:e1:42:4a:04:23:cc:55:
28:18:34:9b:e1:6f:13:8c:8a:3c:fc:71:84:5c:57:
ae:ca:52:0d:a2:fd:31:b0:3f:17:c2:9e:4e:3f:56:
16:5c:83:04:d8:28:75:79:f1:8d:d6:32:f9:76:d2:
00:1e:55:6c:f0:21:61:6d:e1:32:32:ad:ab:d3:0b:
6e:2b:17:57:f3:83:be:7f:b9:d9:f0:74:43:7d:af:
79:5f:7a:28:4d:43:e5:43:c8:6f:67:cd:d7:7f:98:
a1:50:81:29:a9:d7:e4:bb:0a:ef:89:a2:d3:8f:99:
9e:4d:c0:b3:75:28:74:03:44:22:9a:15:8c:6d:af:
f5:0e:3e:15:37:57:87:cb:41:8a:47:ea:d5:11:ad:
c7:a3:d4:8c:89:cb:14:f1:2d:d6:5e:b6:b6:24:1b:
33:cf:6d:99:11:56:a9:2e:fd:9f:48:b5:ee:b4:8c:
e7:50:3c:20:f3:1a:72:06:04:ee:62:60:ad:01:7e:
b9:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:CA:B1:B3:FA:49:17:F9:4B:6F:CC:6C:14:86:66:47:D6:96:AD:33
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Z8qxs_pJF_lLb8xsFIZmR9aWrTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
77:b4:cf:54:c5:21:ef:88:f0:f6:c4:99:db:f0:17:f1:46:71:
61:fd:ab:50:46:23:ab:4a:03:79:e5:bb:19:b9:4f:64:b3:ca:
6a:c1:ed:d5:f6:50:89:82:48:c2:c8:22:23:ef:c9:02:2f:fd:
22:66:f4:dd:65:f5:52:3a:90:39:67:cd:4b:2a:b8:97:4f:af:
67:40:fe:73:28:96:21:0c:9e:75:cc:3a:ee:ab:48:29:f2:4d:
2b:83:f9:bd:7f:27:0d:76:72:ba:a2:dd:d4:36:6d:b0:19:7d:
74:8f:3e:cd:c9:b8:52:20:0a:b7:c7:d2:56:b0:d4:09:9a:d9:
59:01:9a:b0:52:1b:71:b7:d0:02:dd:d5:e4:64:b6:6c:5e:02:
02:7d:b7:fa:ca:c8:39:41:7a:cc:49:49:72:1a:fa:3f:6e:7d:
91:3e:16:97:ab:b2:c1:e0:5a:65:2c:65:f2:e0:06:b1:5a:c0:
b4:a7:c8:6a:a4:9e:46:bd:ed:31:c1:3c:34:1d:16:97:f7:f8:
a4:e0:9d:f1:02:75:b4:94:71:84:59:12:fe:9a:57:34:ab:0f:
34:d2:3e:fe:7b:c1:35:cb:24:d3:bb:da:00:c4:4b:db:e2:c6:
25:6b:cd:87:5d:ba:8e:90:48:ae:f8:d5:8e:76:e4:09:5f:6e:
b8:cf:83:40
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyqFzvYBixuRmqkqw/e3DfdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI3MDcwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2NhYjFiM2ZhNDkxN2Y5NGI2ZmNjNmMxNDg2NjY0N2Q2OTZhZDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6vMWOKDfgXFW4eoWn6fmGe4EZf1
btw4QyGlMk/BWEEWIHQQVR8iTfox1/DxXMJmUShUB9I8OrADXyfJ0RDdThrKmOFC
SgQjzFUoGDSb4W8TjIo8/HGEXFeuylINov0xsD8Xwp5OP1YWXIME2Ch1efGN1jL5
dtIAHlVs8CFhbeEyMq2r0wtuKxdX84O+f7nZ8HRDfa95X3ooTUPlQ8hvZ83Xf5ih
UIEpqdfkuwrviaLTj5meTcCzdSh0A0QimhWMba/1Dj4VN1eHy0GKR+rVEa3Ho9SM
icsU8S3WXra2JBszz22ZEVapLv2fSLXutIznUDwg8xpyBgTuYmCtAX65hwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGfKsbP6SRf5S2/MbBSGZkfWlq0zMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWjhxeHNfcEpGX2xMYjh4c0ZJWm1SOWFXclRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHe0z1TFIe+I8PbEmdvw
F/FGcWH9q1BGI6tKA3nluxm5T2SzymrB7dX2UImCSMLIIiPvyQIv/SJm9N1l9VI6
kDlnzUsquJdPr2dA/nMoliEMnnXMOu6rSCnyTSuD+b1/Jw12crqi3dQ2bbAZfXSP
Ps3JuFIgCrfH0law1Ama2VkBmrBSG3G30ALd1eRktmxeAgJ9t/rKyDlBesxJSXIa
+j9ufZE+FperssHgWmUsZfLgBrFawLSnyGqknka97THBPDQdFpf3+KTgnfECdbSU
cYRZEv6aVzSrDzTSPv57wTXLJNO72gDES9vixiVrzYdduo6QSK741Y525AlfbrjP
g0A=
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:42:55 2025 by rpki-client