Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/EVZKBrLhnlsEQbD9wzUFUj7zVjc.roa
File: EVZKBrLhnlsEQbD9wzUFUj7zVjc.roa (raw, json)
Hash identifier: GRHF3ss/OepCQd36S0jtA8kcyqR39kOsLCnizf2ED90=
Subject key identifier: 11:56:4A:06:B2:E1:9E:5B:04:41:B0:FD:C3:35:05:52:3E:F3:56:37
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BAA8C85AF64EBC2C84C1CFBE127F9AB07
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/EVZKBrLhnlsEQbD9wzUFUj7zVjc.roa
Signing time: Tue 07 Nov 2023 16:10:17 +0000
ROA not before: Tue 07 Nov 2023 16:10:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:aa:8c:85:af:64:eb:c2:c8:4c:1c:fb:e1:27:f9:ab:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 7 16:10:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=11564a06b2e19e5b0441b0fdc33505523ef35637
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f2:77:99:be:ed:d9:56:1b:05:15:10:07:09:
4e:c4:e5:f3:fc:46:4d:37:5d:bd:d8:f7:28:5d:eb:
5c:1b:a5:2d:ef:98:e2:bf:58:9c:43:75:a4:41:8f:
eb:ce:c7:04:8b:6d:f1:69:44:27:e6:27:0c:60:87:
06:94:3e:d1:40:67:00:cf:e9:b7:18:52:17:d8:99:
4e:f7:77:7a:6f:d5:5e:5f:75:56:32:3b:94:1a:d0:
dc:83:e5:60:8c:fa:76:e1:1f:3f:2e:61:85:a4:16:
6b:ae:a9:93:75:a1:a0:38:76:7f:7b:d7:2a:b5:2a:
eb:55:0a:cc:e1:63:5f:12:01:cf:6e:ee:36:d3:1c:
4a:31:a8:dc:3d:ba:e6:ee:44:d9:a1:0d:9e:cb:5f:
05:21:72:17:06:15:d0:88:48:ec:23:29:fa:93:06:
c5:23:2f:c2:5d:3c:c6:c1:df:a7:3a:5e:c9:6d:c1:
cc:95:e9:e6:a5:00:6b:45:17:8a:ab:b8:7b:3b:c3:
5c:32:f7:3c:ba:11:60:f6:8b:2f:3f:c5:ef:f0:29:
4c:dc:1c:ae:d4:c4:a9:4c:28:1e:19:c0:d1:6d:a6:
3e:7d:61:32:1c:cc:f0:44:49:a5:95:b8:4a:75:b1:
db:a6:ca:1a:0f:06:bb:7c:3a:0d:96:93:b5:3d:33:
e8:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:56:4A:06:B2:E1:9E:5B:04:41:B0:FD:C3:35:05:52:3E:F3:56:37
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/EVZKBrLhnlsEQbD9wzUFUj7zVjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
39:e8:cb:19:02:df:34:81:31:f4:ca:8f:c1:ce:33:39:7c:06:
03:5a:fd:a7:63:94:81:96:1c:61:c8:28:d8:58:a4:1f:11:a7:
03:33:58:27:cc:be:82:7b:5f:91:3e:24:4b:68:b1:71:54:fd:
5c:1b:57:13:b8:29:86:c0:99:db:95:42:ed:cd:28:2c:66:1e:
e8:68:cb:91:c7:a5:8b:91:0b:31:26:7c:f9:3a:0c:77:54:99:
88:3b:68:96:f5:47:74:52:d5:09:63:da:ab:7b:c3:47:a7:ed:
98:17:82:59:50:8e:38:84:79:83:d1:a0:63:43:bd:fa:4e:1c:
75:f9:de:73:6e:3d:b0:ac:35:fc:03:56:9e:86:ba:86:24:73:
2d:27:72:90:44:0c:a1:54:c0:ab:1e:d9:71:91:94:24:34:e6:
5e:db:d1:54:8c:c1:cc:16:07:6e:9b:e7:08:06:8b:86:29:65:
52:44:24:9c:6b:00:1d:1d:73:ce:ad:43:8a:8e:84:31:51:58:
e8:f5:48:4f:d3:15:72:6e:2a:97:ae:f6:06:93:7e:b1:59:56:
3b:ea:e8:ad:58:e6:72:12:8b:2d:ec:e0:a7:80:01:a8:ad:99:
cc:f5:e2:bb:5d:f5:b6:76:0e:38:93:f0:0a:4a:60:77:f7:c2:
53:13:b1:72
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuqjIWvZOvCyEwc++En+asHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA3MTYxMDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTU2NGEwNmIyZTE5ZTViMDQ0MWIwZmRjMzM1MDU1MjNlZjM1NjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/J3mb7t2VYbBRUQBwlOxOXz/EZN
N1292PcoXetcG6Ut75jiv1icQ3WkQY/rzscEi23xaUQn5icMYIcGlD7RQGcAz+m3
GFIX2JlO93d6b9VeX3VWMjuUGtDcg+VgjPp24R8/LmGFpBZrrqmTdaGgOHZ/e9cq
tSrrVQrM4WNfEgHPbu420xxKMajcPbrm7kTZoQ2ey18FIXIXBhXQiEjsIyn6kwbF
Iy/CXTzGwd+nOl7JbcHMlenmpQBrRReKq7h7O8NcMvc8uhFg9osvP8Xv8ClM3Byu
1MSpTCgeGcDRbaY+fWEyHMzwREmllbhKdbHbpsoaDwa7fDoNlpO1PTPoswIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBFWSgay4Z5bBEGw/cM1BVI+81Y3MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvRVZaS0JyTGhubHNFUWJEOXd6VUZVajd6VmpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADnoyxkC3zSBMfTKj8HO
Mzl8BgNa/adjlIGWHGHIKNhYpB8RpwMzWCfMvoJ7X5E+JEtosXFU/VwbVxO4KYbA
mduVQu3NKCxmHuhoy5HHpYuRCzEmfPk6DHdUmYg7aJb1R3RS1Qlj2qt7w0en7ZgX
gllQjjiEeYPRoGNDvfpOHHX53nNuPbCsNfwDVp6GuoYkcy0ncpBEDKFUwKse2XGR
lCQ05l7b0VSMwcwWB26b5wgGi4YpZVJEJJxrAB0dc86tQ4qOhDFRWOj1SE/TFXJu
Kpeu9gaTfrFZVjvq6K1Y5nISiy3s4KeAAaitmcz14rtd9bZ2DjiT8ApKYHf3wlMT
sXI=
-----END CERTIFICATE-----
Generated at Sun Apr 20 19:57:34 2025 by rpki-client