Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ZF-zQ9CKRGuRyVB9zHQtDkivutQ.roa
File: ZF-zQ9CKRGuRyVB9zHQtDkivutQ.roa (raw, json)
Hash identifier: d8d16gFnBe1ix7mCUOTioF8VXF+rDz85xC0VAbYM/bI=
Subject key identifier: 64:5F:B3:43:D0:8A:44:6B:91:C9:50:7D:CC:74:2D:0E:48:AF:BA:D4
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AAEDDDCD7F4BAA7BE6EBA37A41D14B9DB
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ZF-zQ9CKRGuRyVB9zHQtDkivutQ.roa
Signing time: Tue 19 Sep 2023 19:14:50 +0000
ROA not before: Tue 19 Sep 2023 19:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ae:dd:dc:d7:f4:ba:a7:be:6e:ba:37:a4:1d:14:b9:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 19 19:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645fb343d08a446b91c9507dcc742d0e48afbad4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f7:7e:6f:a3:b8:53:35:0d:a7:de:c5:94:b9:
85:e3:59:6a:d8:b8:76:d0:69:4b:35:9b:0d:8d:67:
59:a5:e0:65:6e:3c:ff:59:b0:31:ca:b6:5c:7c:e6:
d0:0f:03:0a:b4:78:06:d9:5a:ef:fd:c5:66:3c:ed:
05:30:74:78:b9:a3:4d:37:9a:06:5c:f9:50:2b:ca:
7a:71:37:93:4f:3f:ba:71:da:39:11:15:84:e9:5b:
0c:23:bc:b4:e1:0e:14:8d:79:a5:ff:f0:55:13:99:
be:ad:1d:37:ac:f6:3a:8d:c1:cc:69:01:54:61:6d:
22:8f:04:4b:59:9d:f0:b3:d9:bc:ba:9c:90:e7:71:
d2:4f:bd:cf:2d:27:30:a9:3a:fb:c6:56:66:33:5a:
11:4e:29:09:1f:52:b1:3e:62:06:f1:41:66:58:f1:
df:e6:03:a7:f2:37:71:5b:3a:f8:94:1a:ed:10:3c:
9d:cf:03:cf:58:37:94:c3:cd:6f:b9:ca:be:22:f6:
a2:ef:54:f5:7c:c2:c6:59:d9:05:49:b8:d6:3b:09:
04:2f:66:e8:f8:f1:8d:23:16:75:b3:d5:58:33:ab:
1b:28:9b:ab:8e:ce:10:d2:7c:80:9f:d6:64:dc:e9:
98:e2:31:3d:cc:3a:35:d2:49:9a:86:d6:7c:ff:5e:
3a:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:5F:B3:43:D0:8A:44:6B:91:C9:50:7D:CC:74:2D:0E:48:AF:BA:D4
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ZF-zQ9CKRGuRyVB9zHQtDkivutQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3c:93:3f:a3:8b:9d:37:48:fd:22:21:28:32:28:43:fb:78:69:
3c:35:4c:94:ee:6d:ab:99:52:9e:b3:e6:0f:16:10:3b:2e:2a:
f4:df:88:f1:30:1d:9a:87:9f:59:6f:bd:7d:d0:c6:6c:31:d2:
2b:b7:76:43:77:fa:8c:cc:06:0c:b2:9e:63:67:af:df:41:b1:
50:43:01:e8:60:c0:58:f4:73:a8:c0:23:d3:d5:e8:1c:3d:7b:
9a:bc:b2:ea:f9:41:2a:af:af:a6:ec:72:43:5d:53:58:a1:a2:
6a:1d:60:04:0b:55:aa:5e:a1:22:aa:eb:5d:40:6b:89:7e:34:
5f:d9:85:20:af:ac:e6:82:44:96:d5:15:b7:3c:c3:d8:85:81:
76:9c:25:ef:33:d5:f5:8d:2b:50:83:c0:df:25:09:b2:35:e8:
7b:3e:2e:d3:38:21:84:5b:7b:d4:7f:52:37:a2:67:95:e1:15:
7a:ad:78:a6:0a:02:f2:c6:9d:85:36:96:05:2d:1b:1e:15:49:
a7:4f:4b:dd:37:c3:7e:06:f8:5e:c6:ac:6b:31:37:0f:0d:6c:
df:7c:ad:a4:cc:04:4a:3d:56:54:44:d8:14:c4:55:30:2d:96:
a5:05:2b:d4:ad:4d:2e:46:e4:0f:e1:35:26:f4:8b:59:18:d3:
0b:0f:74:a8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqu3dzX9Lqnvm66N6QdFLnbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTE5MTkxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDVmYjM0M2QwOGE0NDZiOTFjOTUwN2RjYzc0MmQwZTQ4YWZiYWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvd+b6O4UzUNp97FlLmF41lq2Lh2
0GlLNZsNjWdZpeBlbjz/WbAxyrZcfObQDwMKtHgG2Vrv/cVmPO0FMHR4uaNNN5oG
XPlQK8p6cTeTTz+6cdo5ERWE6VsMI7y04Q4UjXml//BVE5m+rR03rPY6jcHMaQFU
YW0ijwRLWZ3ws9m8upyQ53HST73PLScwqTr7xlZmM1oRTikJH1KxPmIG8UFmWPHf
5gOn8jdxWzr4lBrtEDydzwPPWDeUw81vucq+Ivai71T1fMLGWdkFSbjWOwkEL2bo
+PGNIxZ1s9VYM6sbKJurjs4Q0nyAn9Zk3OmY4jE9zDo10kmahtZ8/146kQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGRfs0PQikRrkclQfcx0LQ5Ir7rUMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWkYtelE5Q0tSR3VSeVZCOXpIUXREa2l2dXRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADyTP6OLnTdI/SIhKDIo
Q/t4aTw1TJTubauZUp6z5g8WEDsuKvTfiPEwHZqHn1lvvX3Qxmwx0iu3dkN3+ozM
BgyynmNnr99BsVBDAehgwFj0c6jAI9PV6Bw9e5q8sur5QSqvr6bsckNdU1ihomod
YAQLVapeoSKq611Aa4l+NF/ZhSCvrOaCRJbVFbc8w9iFgXacJe8z1fWNK1CDwN8l
CbI16Hs+LtM4IYRbe9R/UjeiZ5XhFXqteKYKAvLGnYU2lgUtGx4VSadPS903w34G
+F7GrGsxNw8NbN98raTMBEo9VlRE2BTEVTAtlqUFK9StTS5G5A/hNSb0i1kY0wsP
dKg=
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:47:25 2025 by rpki-client