Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TzzT36ZQr5JpcpK7IxtSxlR-t1s.roa
File: TzzT36ZQr5JpcpK7IxtSxlR-t1s.roa (raw, json)
Hash identifier: LWaYc3y9rIzIKfCHhzfuXO06F0elopQmz1ijPSVUFEg=
Subject key identifier: 4F:3C:D3:DF:A6:50:AF:92:69:72:92:BB:23:1B:52:C6:54:7E:B7:5B
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BA641DD1D0CA5A7D36B8D08FECDCD444A
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TzzT36ZQr5JpcpK7IxtSxlR-t1s.roa
Signing time: Mon 06 Nov 2023 20:10:16 +0000
ROA not before: Mon 06 Nov 2023 20:10:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a6:41:dd:1d:0c:a5:a7:d3:6b:8d:08:fe:cd:cd:44:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 6 20:10:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f3cd3dfa650af92697292bb231b52c6547eb75b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ff:71:09:24:10:fc:18:4a:85:db:44:3b:18:
04:2d:c1:40:ae:94:04:8e:49:cf:2e:26:08:a4:c9:
86:fc:71:cc:1f:df:39:37:ce:ea:63:5f:9c:b2:78:
13:61:df:5d:86:d2:f3:0f:36:d7:80:22:76:7b:7d:
a2:05:e2:45:54:79:5c:b0:30:e4:3f:3f:d5:52:03:
42:81:fc:3e:04:d6:96:77:2e:0f:81:5a:5c:b2:5a:
f9:bc:39:f0:12:41:4d:75:56:e7:6c:cc:b6:de:fa:
47:45:24:08:46:b1:a6:99:02:36:d9:e5:02:7b:97:
e5:f8:5a:6f:60:28:e4:26:31:24:99:23:ca:50:04:
a2:e7:b6:73:7e:c0:4d:b3:ff:cf:7b:b6:06:8b:22:
de:44:34:00:80:93:3a:ab:05:bb:f9:17:43:64:63:
81:50:46:3d:64:1c:06:68:c5:be:55:74:76:0e:23:
1b:32:a4:6d:ab:39:ae:40:b4:3e:94:e7:ba:03:f9:
fd:19:c4:60:1b:f6:e1:55:94:bb:c9:2e:e3:d0:01:
bc:e7:d0:76:bd:67:cf:8b:47:9f:ec:cc:db:27:ce:
db:95:66:9a:bd:af:b6:8e:6c:de:1d:d2:ed:a3:57:
77:75:2a:92:9e:ef:6d:01:b8:9d:1a:4c:7e:09:68:
39:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:3C:D3:DF:A6:50:AF:92:69:72:92:BB:23:1B:52:C6:54:7E:B7:5B
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TzzT36ZQr5JpcpK7IxtSxlR-t1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4d:2f:b2:78:3f:26:52:cd:37:22:86:78:f9:d5:64:eb:e1:fd:
84:bd:84:8f:83:d0:11:64:78:40:c1:cd:e8:25:97:24:25:11:
44:61:0a:53:b2:0a:75:a7:c5:9a:69:30:ae:a2:e0:98:fc:14:
21:4d:56:9a:77:94:a6:07:a2:a7:32:8c:40:a7:14:53:f1:49:
90:6a:87:85:b6:c2:36:d2:6b:e5:b4:2c:11:3e:10:5e:97:74:
d0:2f:bf:cf:28:f2:82:dc:20:fc:3d:4e:3c:cb:0f:44:a5:f7:
0e:e4:02:5c:4a:31:82:37:63:dd:93:13:5f:0c:cc:58:23:09:
80:e9:46:1e:1b:6b:de:22:ae:50:b1:70:db:13:45:49:02:37:
b8:2b:d9:69:42:17:fa:80:53:3c:fa:4e:ee:2c:53:a6:47:4f:
85:c1:1f:91:35:55:58:aa:05:fd:e5:da:c1:d1:1d:a6:d4:61:
8b:b0:c3:c4:0f:c7:55:49:83:45:02:a9:2f:5d:8b:da:23:d0:
5d:dc:38:e2:d5:95:b7:d1:f9:a1:4e:5c:b5:aa:61:88:65:1f:
e5:44:67:e9:5b:19:4a:83:99:0c:13:d1:52:19:fc:19:44:7a:
7d:a4:57:51:b2:90:eb:34:2b:54:fd:2f:0d:c8:c5:22:2d:e3:
01:33:0a:7a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYumQd0dDKWn02uNCP7NzURKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA2MjAxMDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjNjZDNkZmE2NTBhZjkyNjk3MjkyYmIyMzFiNTJjNjU0N2ViNzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnf9xCSQQ/BhKhdtEOxgELcFArpQE
jknPLiYIpMmG/HHMH985N87qY1+csngTYd9dhtLzDzbXgCJ2e32iBeJFVHlcsDDk
Pz/VUgNCgfw+BNaWdy4PgVpcslr5vDnwEkFNdVbnbMy23vpHRSQIRrGmmQI22eUC
e5fl+FpvYCjkJjEkmSPKUASi57ZzfsBNs//Pe7YGiyLeRDQAgJM6qwW7+RdDZGOB
UEY9ZBwGaMW+VXR2DiMbMqRtqzmuQLQ+lOe6A/n9GcRgG/bhVZS7yS7j0AG859B2
vWfPi0ef7MzbJ87blWaava+2jmzeHdLto1d3dSqSnu9tAbidGkx+CWg5qQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE8809+mUK+SaXKSuyMbUsZUfrdbMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVHp6VDM2WlFyNUpwY3BLN0l4dFN4bFItdDFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE0vsng/JlLNNyKGePnV
ZOvh/YS9hI+D0BFkeEDBzegllyQlEURhClOyCnWnxZppMK6i4Jj8FCFNVpp3lKYH
oqcyjECnFFPxSZBqh4W2wjbSa+W0LBE+EF6XdNAvv88o8oLcIPw9TjzLD0Sl9w7k
AlxKMYI3Y92TE18MzFgjCYDpRh4ba94irlCxcNsTRUkCN7gr2WlCF/qAUzz6Tu4s
U6ZHT4XBH5E1VViqBf3l2sHRHabUYYuww8QPx1VJg0UCqS9di9oj0F3cOOLVlbfR
+aFOXLWqYYhlH+VEZ+lbGUqDmQwT0VIZ/BlEen2kV1GykOs0K1T9Lw3IxSIt4wEz
Cno=
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:51:54 2025 by rpki-client