Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/WzX1cQzia-2MVCRyRpxVo0armZQ.roa
File: WzX1cQzia-2MVCRyRpxVo0armZQ.roa (raw, json)
Hash identifier: 65G5v1Yepiu84Aq7eIdr2YBizCM5AU/Jt9EyZ1LZQ8o=
Subject key identifier: 5B:35:F5:71:0C:E2:6B:ED:8C:54:24:72:46:9C:55:A3:46:AB:99:94
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ADF268B8D0B4378705924B50F0F733395
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/WzX1cQzia-2MVCRyRpxVo0armZQ.roa
Signing time: Fri 29 Sep 2023 04:15:59 +0000
ROA not before: Fri 29 Sep 2023 04:15:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:df:26:8b:8d:0b:43:78:70:59:24:b5:0f:0f:73:33:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 29 04:15:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5b35f5710ce26bed8c542472469c55a346ab9994
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:4b:99:e5:56:33:63:19:49:39:c2:5f:a8:3a:
29:b0:c2:7a:33:a1:d1:e4:cb:06:64:7d:a8:09:02:
0a:e5:9c:3a:09:1a:c5:56:6e:2e:e6:53:b8:a8:5a:
da:62:79:1b:19:95:ae:6c:84:ba:ac:42:75:a1:80:
1e:00:63:54:9d:e3:9e:15:d8:c8:d9:ca:50:0a:1d:
48:c8:d4:f7:b6:ee:02:a0:73:1e:40:d1:a1:f2:51:
e1:83:cd:fb:37:06:60:7b:1e:03:b3:1d:88:48:2c:
8d:a5:ad:25:4e:23:e5:1d:03:a2:b5:f0:40:fa:af:
41:43:a3:04:6a:72:f1:f2:60:d2:91:7b:6b:c8:79:
aa:35:bf:be:26:77:45:bc:82:21:af:dd:f0:db:94:
b5:4c:bb:f2:4b:97:63:62:c6:32:1a:01:e6:49:12:
4f:ac:be:8e:0c:77:20:ba:d4:04:18:85:d1:df:4e:
3b:03:83:e2:04:71:19:49:ee:b2:5f:a5:f3:3d:b8:
2d:32:5a:e5:36:43:31:c9:ce:36:fb:a5:b0:88:66:
7f:ef:05:10:04:14:89:94:ea:5f:6c:5f:a9:38:b5:
b2:d7:ed:9d:9f:c5:bc:a2:6d:cc:27:48:c4:fc:f8:
aa:f5:fb:fe:9c:d2:61:c6:14:e1:24:00:3b:45:73:
a0:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:35:F5:71:0C:E2:6B:ED:8C:54:24:72:46:9C:55:A3:46:AB:99:94
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/WzX1cQzia-2MVCRyRpxVo0armZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
59:6c:e2:b0:03:87:17:0f:b9:9d:92:67:f5:a3:08:48:ae:0e:
2d:62:2f:dc:46:3e:8d:87:dd:b5:ac:23:ef:08:7f:3b:1f:92:
1f:e5:13:4c:78:57:03:70:2b:d8:ed:4a:1f:80:b0:88:7c:2e:
ef:2f:95:04:0c:14:46:94:ff:66:5f:e2:81:ff:25:71:5c:32:
66:aa:bd:bf:87:fa:c3:28:24:2e:34:f3:a2:92:b5:14:39:17:
a7:d0:f2:9d:ee:50:6b:ef:23:0e:eb:2e:c8:59:12:13:9b:f4:
f2:af:3b:b7:ae:fb:27:6f:50:c5:e1:1f:27:a8:f9:43:06:9e:
de:88:23:64:d5:66:45:f5:dc:6e:c9:b5:2e:5f:fa:81:c1:4f:
17:11:4f:b9:f7:35:b1:10:f3:03:df:3d:f9:1f:68:fd:c5:99:
ee:bc:ef:b2:2a:f9:56:ef:75:20:8c:f1:1e:a4:cc:92:68:27:
4e:52:d1:9e:11:a7:d4:c6:c1:6c:dc:64:77:1e:f6:18:7d:d9:
19:f1:92:2f:99:49:d2:68:ed:08:26:ff:20:ce:97:75:96:16:
1b:fb:c9:2b:4f:35:7c:fc:35:58:7d:6c:8f:ad:4c:69:6c:1b:
5a:20:1c:63:bd:23:48:11:d5:58:fa:20:2f:f1:d8:1a:27:0d:
43:7e:52:ba
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrfJouNC0N4cFkktQ8PczOVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI5MDQxNTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjM1ZjU3MTBjZTI2YmVkOGM1NDI0NzI0NjljNTVhMzQ2YWI5OTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUuZ5VYzYxlJOcJfqDopsMJ6M6HR
5MsGZH2oCQIK5Zw6CRrFVm4u5lO4qFraYnkbGZWubIS6rEJ1oYAeAGNUneOeFdjI
2cpQCh1IyNT3tu4CoHMeQNGh8lHhg837NwZgex4Dsx2ISCyNpa0lTiPlHQOitfBA
+q9BQ6MEanLx8mDSkXtryHmqNb++JndFvIIhr93w25S1TLvyS5djYsYyGgHmSRJP
rL6ODHcgutQEGIXR3047A4PiBHEZSe6yX6XzPbgtMlrlNkMxyc42+6WwiGZ/7wUQ
BBSJlOpfbF+pOLWy1+2dn8W8om3MJ0jE/Piq9fv+nNJhxhThJAA7RXOgpwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFs19XEM4mvtjFQkckacVaNGq5mUMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvV3pYMWNRemlhLTJNVkNSeVJweFZvMGFybVpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFls4rADhxcPuZ2SZ/Wj
CEiuDi1iL9xGPo2H3bWsI+8Ifzsfkh/lE0x4VwNwK9jtSh+AsIh8Lu8vlQQMFEaU
/2Zf4oH/JXFcMmaqvb+H+sMoJC4086KStRQ5F6fQ8p3uUGvvIw7rLshZEhOb9PKv
O7eu+ydvUMXhHyeo+UMGnt6II2TVZkX13G7JtS5f+oHBTxcRT7n3NbEQ8wPfPfkf
aP3Fme6877Iq+VbvdSCM8R6kzJJoJ05S0Z4Rp9TGwWzcZHce9hh92Rnxki+ZSdJo
7Qgm/yDOl3WWFhv7yStPNXz8NVh9bI+tTGlsG1ogHGO9I0gR1Vj6IC/x2BonDUN+
Uro=
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:16:25 2025 by rpki-client