Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ZQlVDavKLPOOF9sPi6vpqtiJm3Q.roa
File: ZQlVDavKLPOOF9sPi6vpqtiJm3Q.roa (raw, json)
Hash identifier: xxyUiBGpLpA4ejJTjbJrbxnfbP79oSQuIraI/35mi1c=
Subject key identifier: 65:09:55:0D:AB:CA:2C:F3:8E:17:DB:0F:8B:AB:E9:AA:D8:89:9B:74
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C79D70E14C148C7C0A2E1517BFCDA6E8C
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ZQlVDavKLPOOF9sPi6vpqtiJm3Q.roa
Signing time: Sun 17 Dec 2023 22:13:06 +0000
ROA not before: Sun 17 Dec 2023 22:13:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:79:d7:0e:14:c1:48:c7:c0:a2:e1:51:7b:fc:da:6e:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 17 22:13:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6509550dabca2cf38e17db0f8babe9aad8899b74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:85:93:fc:4c:0c:fe:7a:fa:55:f1:b5:5a:9b:
29:43:9b:25:cf:c4:05:e7:6d:32:2d:56:5f:fb:38:
de:e0:07:d5:fa:81:58:7b:a2:f2:0a:24:63:0b:5e:
4a:d1:f7:50:f1:bb:ea:9f:55:d3:5d:43:dc:c2:60:
95:93:c0:cd:d9:4b:93:ca:31:d4:d7:64:47:83:91:
49:f7:c4:ba:2c:e5:0c:93:e0:38:b4:06:ab:1b:83:
cd:19:96:58:00:19:55:af:09:99:c5:64:0b:72:77:
66:1b:06:65:9b:c8:88:39:75:27:fc:a1:10:67:89:
e8:cf:65:16:b9:ee:57:70:85:8e:24:c1:e7:9e:b0:
23:30:ef:80:f6:ba:34:10:13:4d:43:2d:81:3c:4d:
07:e8:07:4f:b1:f1:e0:14:b8:7e:fc:e3:f1:2a:84:
48:e6:23:cd:66:79:f2:78:eb:a8:c9:06:24:02:b7:
ee:80:a4:0e:65:49:6d:d4:10:29:ac:51:d8:65:ce:
9a:2e:15:f2:6d:be:a4:34:fb:c0:19:16:46:fd:18:
c6:68:ee:c1:96:17:e7:71:92:22:7b:42:1e:ef:84:
e6:dc:c8:5c:0e:c5:ac:ac:88:b5:1e:24:12:6f:87:
db:46:6b:dc:95:91:74:0b:64:90:ba:32:7a:06:1c:
64:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:09:55:0D:AB:CA:2C:F3:8E:17:DB:0F:8B:AB:E9:AA:D8:89:9B:74
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ZQlVDavKLPOOF9sPi6vpqtiJm3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
45:6c:4b:08:9a:cf:39:4e:0f:84:1e:9c:d0:c3:dd:76:83:40:
1f:a9:7f:eb:66:17:af:22:fd:d2:67:b2:96:27:fd:11:da:c3:
81:6a:83:29:94:0c:48:ad:36:7d:c3:b1:23:96:14:fc:0f:e0:
a1:dd:f7:48:00:d8:f8:73:4c:c0:73:9b:ee:97:84:e9:af:a1:
14:6a:7a:10:31:c7:5b:41:3c:5c:96:75:2b:5c:39:a4:05:7d:
52:76:aa:01:05:58:82:33:64:05:1a:88:65:7c:9e:5a:cf:a6:
0e:a9:d3:99:c2:c8:1f:23:be:65:3e:33:6f:b9:26:b5:6d:d0:
07:3c:0d:7e:65:63:cb:c5:7b:d9:a3:99:74:27:73:5d:9f:4f:
f6:78:cd:5d:08:f0:bf:69:0e:80:ea:d7:17:79:28:cd:64:d1:
58:a0:19:74:dd:9d:1a:a9:32:6f:48:22:ea:a8:6f:a1:5b:16:
26:44:4c:98:d3:30:2c:c4:f8:a9:bf:01:cb:20:75:a5:94:c7:
f8:28:b3:1e:4f:53:20:dc:c5:7c:fd:10:05:20:14:a8:2a:5c:
d0:0f:8c:97:05:ee:d3:c6:13:e4:69:d1:96:43:4d:ad:1f:57:
34:c4:64:b3:a3:49:da:78:99:59:bd:3f:de:0c:b3:1c:1f:7a:
1d:b1:37:dc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYx51w4UwUjHwKLhUXv82m6MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE3MjIxMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTA5NTUwZGFiY2EyY2YzOGUxN2RiMGY4YmFiZTlhYWQ4ODk5Yjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIWT/EwM/nr6VfG1WpspQ5slz8QF
520yLVZf+zje4AfV+oFYe6LyCiRjC15K0fdQ8bvqn1XTXUPcwmCVk8DN2UuTyjHU
12RHg5FJ98S6LOUMk+A4tAarG4PNGZZYABlVrwmZxWQLcndmGwZlm8iIOXUn/KEQ
Z4noz2UWue5XcIWOJMHnnrAjMO+A9ro0EBNNQy2BPE0H6AdPsfHgFLh+/OPxKoRI
5iPNZnnyeOuoyQYkArfugKQOZUlt1BAprFHYZc6aLhXybb6kNPvAGRZG/RjGaO7B
lhfncZIie0Ie74Tm3MhcDsWsrIi1HiQSb4fbRmvclZF0C2SQujJ6BhxkxQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGUJVQ2ryizzjhfbD4ur6arYiZt0MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWlFsVkRhdktMUE9PRjlzUGk2dnBxdGlKbTNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEVsSwiazzlOD4QenNDD
3XaDQB+pf+tmF68i/dJnspYn/RHaw4FqgymUDEitNn3DsSOWFPwP4KHd90gA2Phz
TMBzm+6XhOmvoRRqehAxx1tBPFyWdStcOaQFfVJ2qgEFWIIzZAUaiGV8nlrPpg6p
05nCyB8jvmU+M2+5JrVt0Ac8DX5lY8vFe9mjmXQnc12fT/Z4zV0I8L9pDoDq1xd5
KM1k0VigGXTdnRqpMm9IIuqob6FbFiZETJjTMCzE+Km/AcsgdaWUx/gosx5PUyDc
xXz9EAUgFKgqXNAPjJcF7tPGE+Rp0ZZDTa0fVzTEZLOjSdp4mVm9P94Msxwfeh2x
N9w=
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:31:12 2025 by rpki-client