Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/DZPpZc1s6RzeuCAfvqCryEdMKWg.roa
File: DZPpZc1s6RzeuCAfvqCryEdMKWg.roa (raw, json)
Hash identifier: /+xE47KyECslfoUWig1wPFuXhNbnnO9Or/zoTvGzRFo=
Subject key identifier: 0D:93:E9:65:CD:6C:E9:1C:DE:B8:20:1F:BE:A0:AB:C8:47:4C:29:68
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B62076EDA6FCA35562B9671CD4F66B2CB
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/DZPpZc1s6RzeuCAfvqCryEdMKWg.roa
Signing time: Tue 24 Oct 2023 14:12:16 +0000
ROA not before: Tue 24 Oct 2023 14:12:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:62:07:6e:da:6f:ca:35:56:2b:96:71:cd:4f:66:b2:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 24 14:12:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d93e965cd6ce91cdeb8201fbea0abc8474c2968
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a5:fc:95:0a:53:0f:08:44:97:fb:15:08:d5:
ac:5d:e2:0a:46:b8:6f:e7:5a:0b:87:65:0f:c4:67:
98:02:40:6b:74:9a:25:5d:c0:4f:4f:58:2f:5c:8d:
aa:4c:98:e9:24:b0:33:b7:7f:87:61:6b:49:e3:c9:
58:7f:b3:2b:ad:73:21:a0:11:6e:53:72:f3:be:14:
ca:30:5d:7d:73:9d:de:46:d4:e0:40:48:28:c9:77:
be:48:94:47:63:8d:1c:9f:e3:73:b2:35:ed:17:62:
84:de:4c:49:27:e5:a0:d5:d3:8a:4a:8a:b3:2f:1b:
20:bf:b0:d7:12:2c:5f:a6:85:af:e3:7c:1b:7e:55:
6a:0d:71:46:97:f0:c0:a9:23:ad:d5:f4:57:0b:66:
b3:e4:64:97:ee:2b:f8:6f:ee:c9:fd:c6:ac:b0:37:
ce:1d:fb:0a:c6:46:d6:5e:1b:3a:3c:12:d5:b3:20:
dc:9a:fa:ba:35:8c:a9:c4:34:45:dc:6b:06:e8:89:
1d:f8:01:cf:fa:dd:4c:be:b0:7d:ff:ca:ae:72:61:
85:d2:97:da:cf:82:aa:00:a7:1a:f7:de:e8:14:65:
42:64:c9:1d:3e:c2:68:63:5e:19:46:79:5f:aa:84:
cd:d2:d1:c0:17:a8:ad:2c:2a:1b:1c:6b:b6:ec:05:
30:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:93:E9:65:CD:6C:E9:1C:DE:B8:20:1F:BE:A0:AB:C8:47:4C:29:68
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/DZPpZc1s6RzeuCAfvqCryEdMKWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1b:69:84:77:f5:83:6b:48:86:89:f4:1e:ef:1c:3c:44:c3:a1:
e1:4f:75:36:c1:b7:26:cc:eb:84:b1:99:a3:a7:0b:6c:b4:fd:
e5:6e:aa:95:b9:db:31:34:c6:26:9d:45:82:d4:4a:5e:71:d6:
cc:c2:2a:0c:1d:28:0f:e3:45:c1:f7:ae:8c:bd:23:1f:ef:a9:
5a:8e:9f:07:26:80:fe:c8:07:ac:4d:22:22:56:16:29:17:08:
e8:8e:44:94:11:df:34:64:66:48:a3:1f:f3:c2:a5:4c:dd:3a:
40:3d:95:8a:0c:b1:8e:22:c4:13:d4:5c:8c:31:ae:93:08:76:
75:0a:de:bb:57:8f:bc:9d:5d:7c:90:c1:cb:eb:61:50:b6:4b:
a9:21:a2:43:32:9d:b1:99:75:1e:ba:0a:12:4f:aa:99:33:1e:
3a:26:8c:08:a0:85:95:4b:7b:c2:a0:4c:88:ea:86:e5:ec:b4:
2c:7c:69:72:63:5a:0b:5d:0d:67:0a:e0:0b:83:11:24:f1:56:
99:2a:e8:46:76:a4:75:12:b0:8b:aa:4f:0b:94:46:1a:ae:ff:
7b:8f:ae:7a:86:06:62:a3:a5:f8:3b:e1:2d:1a:bb:38:92:46:
02:91:70:fc:ed:07:c0:a9:5d:7a:4e:2c:dd:4d:06:64:7b:63:
31:be:7e:ab
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtiB27ab8o1ViuWcc1PZrLLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI0MTQxMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDkzZTk2NWNkNmNlOTFjZGViODIwMWZiZWEwYWJjODQ3NGMyOTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqX8lQpTDwhEl/sVCNWsXeIKRrhv
51oLh2UPxGeYAkBrdJolXcBPT1gvXI2qTJjpJLAzt3+HYWtJ48lYf7MrrXMhoBFu
U3LzvhTKMF19c53eRtTgQEgoyXe+SJRHY40cn+NzsjXtF2KE3kxJJ+Wg1dOKSoqz
Lxsgv7DXEixfpoWv43wbflVqDXFGl/DAqSOt1fRXC2az5GSX7iv4b+7J/cassDfO
HfsKxkbWXhs6PBLVsyDcmvq6NYypxDRF3GsG6Ikd+AHP+t1MvrB9/8qucmGF0pfa
z4KqAKca997oFGVCZMkdPsJoY14ZRnlfqoTN0tHAF6itLCobHGu27AUwfwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA2T6WXNbOkc3rggH76gq8hHTCloMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvRFpQcFpjMXM2UnpldUNBZnZxQ3J5RWRNS1dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABtphHf1g2tIhon0Hu8c
PETDoeFPdTbBtybM64SxmaOnC2y0/eVuqpW52zE0xiadRYLUSl5x1szCKgwdKA/j
RcH3roy9Ix/vqVqOnwcmgP7IB6xNIiJWFikXCOiORJQR3zRkZkijH/PCpUzdOkA9
lYoMsY4ixBPUXIwxrpMIdnUK3rtXj7ydXXyQwcvrYVC2S6khokMynbGZdR66ChJP
qpkzHjomjAighZVLe8KgTIjqhuXstCx8aXJjWgtdDWcK4AuDESTxVpkq6EZ2pHUS
sIuqTwuURhqu/3uPrnqGBmKjpfg74S0auziSRgKRcPztB8CpXXpOLN1NBmR7YzG+
fqs=
-----END CERTIFICATE-----
Generated at Sun Apr 20 05:02:54 2025 by rpki-client