Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2ZBp1vtXmQk1cdMjmtqiUm1jXjo.roa
File: 2ZBp1vtXmQk1cdMjmtqiUm1jXjo.roa (raw, json)
Hash identifier: li9wVlR98MhwCrvDnpgN/FwcLwxs8plw4sceYIrM3c0=
Subject key identifier: D9:90:69:D6:FB:57:99:09:35:71:D3:23:9A:DA:A2:52:6D:63:5E:3A
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C330B3269EB029B269012BDDECBDF1718
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2ZBp1vtXmQk1cdMjmtqiUm1jXjo.roa
Signing time: Mon 04 Dec 2023 04:17:00 +0000
ROA not before: Mon 04 Dec 2023 04:17:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:33:0b:32:69:eb:02:9b:26:90:12:bd:de:cb:df:17:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 4 04:17:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d99069d6fb5799093571d3239adaa2526d635e3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:14:68:1d:71:b7:28:c2:1d:a3:e6:8a:1c:bf:
83:21:8f:b5:c0:96:f5:cd:2d:fb:f9:aa:82:e9:a6:
fb:ab:08:ed:9f:ed:82:8f:1b:9a:9d:90:64:39:c0:
5e:16:19:35:79:66:94:73:e2:82:ca:d8:7d:14:15:
06:5b:92:1b:16:4b:f1:0e:bf:46:4f:b5:69:80:a3:
8f:fa:3e:cd:19:8b:10:76:88:7d:1f:5d:64:52:c1:
4d:4f:be:36:ec:93:1b:75:1d:b0:e6:21:dc:96:17:
84:f4:05:cd:93:27:2c:69:a5:1c:f8:28:92:ae:80:
9d:fc:52:a7:f9:65:2b:ba:1f:16:f5:77:c2:7b:57:
e4:63:54:3d:f5:b7:07:7d:f1:fd:7f:35:6a:08:f8:
00:bb:a1:04:2d:c9:20:ba:58:99:8c:f6:1c:9e:66:
59:44:fc:a6:f0:cd:0d:f3:06:b6:63:87:d1:c0:33:
80:40:19:10:41:bc:35:4a:a6:3a:cd:12:16:3e:46:
c8:ca:37:ac:b5:84:8d:25:f0:32:e8:f5:6c:61:c2:
47:a0:bb:f9:68:66:6e:e6:25:9e:be:ea:44:4c:a9:
68:75:a5:76:5c:90:ce:2c:99:e5:0e:2b:db:db:f3:
5b:fd:09:8f:88:02:5d:53:ff:5b:2b:68:f1:ba:46:
00:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:90:69:D6:FB:57:99:09:35:71:D3:23:9A:DA:A2:52:6D:63:5E:3A
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2ZBp1vtXmQk1cdMjmtqiUm1jXjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a3:ec:05:2c:25:e0:92:fb:38:8b:30:85:54:5f:4c:42:65:1e:
b1:6b:e4:c0:23:31:c3:ec:7a:41:7b:ae:f5:94:74:96:7a:3a:
19:85:cf:b3:42:76:d0:19:37:15:29:1e:99:0e:36:59:41:16:
5a:be:11:97:d1:6d:ac:7a:64:0d:2d:37:20:ee:7f:7c:ec:2a:
e3:bd:ba:a7:7a:14:f7:b6:fe:33:a0:73:40:fe:a5:43:8c:71:
e8:de:e6:91:f8:5e:eb:6b:89:de:74:3d:21:ba:83:01:b3:a7:
54:6a:37:48:36:8c:a5:2a:9f:7b:2e:8f:b5:0a:c8:6f:7a:18:
d6:fd:1e:82:f1:5f:06:f0:17:2a:de:3c:53:32:88:77:50:ba:
99:a3:c5:ad:78:76:f6:37:25:57:51:c5:67:e7:ad:90:b1:de:
b1:28:91:43:ac:62:5b:7c:90:2e:54:d3:37:42:50:50:3e:8b:
07:50:c0:9c:5c:1e:8a:98:52:ee:4c:95:3a:2a:dd:e4:ea:a6:
90:aa:e0:49:f7:d7:a2:fe:15:c7:b3:a8:bc:ba:5a:d8:9b:6d:
78:c7:54:53:a2:0e:b7:83:46:d6:bf:07:a3:f7:6d:a4:3c:33:
19:d4:99:17:91:43:86:a7:f6:7b:77:07:ef:5a:5b:b6:fb:89:
b6:0d:a7:f5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwzCzJp6wKbJpASvd7L3xcYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA0MDQxNzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTkwNjlkNmZiNTc5OTA5MzU3MWQzMjM5YWRhYTI1MjZkNjM1ZTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshRoHXG3KMIdo+aKHL+DIY+1wJb1
zS37+aqC6ab7qwjtn+2CjxuanZBkOcBeFhk1eWaUc+KCyth9FBUGW5IbFkvxDr9G
T7VpgKOP+j7NGYsQdoh9H11kUsFNT7427JMbdR2w5iHclheE9AXNkycsaaUc+CiS
roCd/FKn+WUruh8W9XfCe1fkY1Q99bcHffH9fzVqCPgAu6EELckguliZjPYcnmZZ
RPym8M0N8wa2Y4fRwDOAQBkQQbw1SqY6zRIWPkbIyjestYSNJfAy6PVsYcJHoLv5
aGZu5iWevupETKlodaV2XJDOLJnlDivb2/Nb/QmPiAJdU/9bK2jxukYAHQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNmQadb7V5kJNXHTI5raolJtY146MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMlpCcDF2dFhtUWsxY2RNam10cWlVbTFqWGpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKPsBSwl4JL7OIswhVRf
TEJlHrFr5MAjMcPsekF7rvWUdJZ6OhmFz7NCdtAZNxUpHpkONllBFlq+EZfRbax6
ZA0tNyDuf3zsKuO9uqd6FPe2/jOgc0D+pUOMceje5pH4Xutrid50PSG6gwGzp1Rq
N0g2jKUqn3suj7UKyG96GNb9HoLxXwbwFyrePFMyiHdQupmjxa14dvY3JVdRxWfn
rZCx3rEokUOsYlt8kC5U0zdCUFA+iwdQwJxcHoqYUu5MlToq3eTqppCq4En316L+
FcezqLy6WtibbXjHVFOiDreDRta/B6P3baQ8MxnUmReRQ4an9nt3B+9aW7b7ibYN
p/U=
-----END CERTIFICATE-----
Generated at Sun Apr 20 20:04:02 2025 by rpki-client