Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ZYN7LH9CYmQpv_iwKNrgsWin3DQ.roa
File: ZYN7LH9CYmQpv_iwKNrgsWin3DQ.roa (raw, json)
Hash identifier: /M72dzuFCPH8/+XVl/46ZT+RDXLLsPdlGDX0hJVDMcs=
Subject key identifier: 65:83:7B:2C:7F:42:62:64:29:BF:F8:B0:28:DA:E0:B1:68:A7:DC:34
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C73D7B7726DB7825DF0B71B1F4D208CEC
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ZYN7LH9CYmQpv_iwKNrgsWin3DQ.roa
Signing time: Sat 16 Dec 2023 18:16:06 +0000
ROA not before: Sat 16 Dec 2023 18:16:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:73:d7:b7:72:6d:b7:82:5d:f0:b7:1b:1f:4d:20:8c:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 16 18:16:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65837b2c7f42626429bff8b028dae0b168a7dc34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:4b:f1:ad:7a:6e:ca:47:04:eb:ff:d5:9f:3b:
99:42:6d:0c:8d:1d:1e:18:a6:59:5c:c8:e5:28:e7:
2f:32:b2:a9:74:0a:59:b3:8b:0d:f2:7f:fe:85:dd:
73:c3:10:76:b6:0c:63:b4:28:f4:a9:85:80:21:d9:
b6:d1:c3:fb:06:9c:15:45:7c:29:97:b3:16:18:a8:
62:5e:0e:56:03:36:18:d2:8f:28:d6:21:ab:92:39:
c6:bb:38:5b:21:96:c9:72:4e:25:96:b1:36:8d:89:
5a:c4:3e:59:c0:fc:9f:e5:9b:49:35:a8:c6:96:ce:
a0:e1:be:a8:91:1c:91:bf:e4:91:e0:3d:10:12:05:
8c:fa:01:68:7d:4a:cc:74:6b:fb:3b:0f:53:96:dd:
da:14:8e:1d:8a:35:9b:1e:76:81:8f:ff:57:7c:a8:
39:ba:d3:33:a2:1b:84:04:ac:b4:a4:ce:d3:c9:c4:
ef:19:d7:7e:3a:3c:a4:f5:b5:60:5d:e9:cf:d2:06:
73:cd:bc:ab:4a:59:bc:b5:25:47:27:cf:5e:b3:74:
80:87:52:99:74:6c:d8:d4:1c:57:12:75:99:97:9a:
b0:66:37:53:ca:99:53:0b:cd:49:d2:b8:b9:fc:d7:
25:f3:40:bf:cd:69:4a:d7:b4:7c:ab:a6:3f:f9:ec:
f2:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:83:7B:2C:7F:42:62:64:29:BF:F8:B0:28:DA:E0:B1:68:A7:DC:34
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ZYN7LH9CYmQpv_iwKNrgsWin3DQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5a:90:85:e2:7c:d0:e7:ba:18:9f:c9:76:7d:dd:11:db:3b:e9:
3c:89:09:4c:e2:84:ac:e3:e6:3c:7c:34:73:85:00:3a:08:5c:
8f:50:7f:f4:09:43:10:98:b5:b0:52:ab:ee:88:39:dc:0f:d6:
68:50:5b:93:4f:b2:88:06:be:10:57:07:c6:c4:07:e2:13:e7:
de:59:0e:9c:a3:b3:d4:45:11:21:86:84:d9:b1:6b:02:4d:78:
0c:c2:5e:5d:6a:be:02:3b:ff:3a:f1:f2:96:a8:b0:07:42:54:
10:fd:1d:0e:98:18:d1:c1:66:1b:d5:06:6f:66:12:85:b6:44:
0f:95:aa:28:dc:98:43:0b:05:54:f2:fa:87:e6:a5:86:92:07:
40:85:0b:84:5d:1b:8b:58:6c:90:f3:ae:58:c4:b2:95:ef:40:
3b:95:83:27:ff:60:de:b9:cc:37:cc:33:e0:da:26:d0:a1:60:
56:e5:62:2b:c2:89:bc:d6:92:d9:a0:bf:df:6b:6e:90:14:d8:
98:ca:79:d8:93:f2:73:28:d7:94:94:23:4d:4d:dc:1c:8d:1c:
3f:c4:39:0a:a2:2a:a5:7d:a2:7c:b9:73:81:5e:75:72:c9:a5:
61:44:0b:01:bd:22:55:91:49:82:bd:18:0a:e6:18:c5:69:18:
eb:8e:8a:6a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxz17dybbeCXfC3Gx9NIIzsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE2MTgxNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTgzN2IyYzdmNDI2MjY0MjliZmY4YjAyOGRhZTBiMTY4YTdkYzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1UvxrXpuykcE6//VnzuZQm0MjR0e
GKZZXMjlKOcvMrKpdApZs4sN8n/+hd1zwxB2tgxjtCj0qYWAIdm20cP7BpwVRXwp
l7MWGKhiXg5WAzYY0o8o1iGrkjnGuzhbIZbJck4llrE2jYlaxD5ZwPyf5ZtJNajG
ls6g4b6okRyRv+SR4D0QEgWM+gFofUrMdGv7Ow9Tlt3aFI4dijWbHnaBj/9XfKg5
utMzohuEBKy0pM7TycTvGdd+Ojyk9bVgXenP0gZzzbyrSlm8tSVHJ89es3SAh1KZ
dGzY1BxXEnWZl5qwZjdTyplTC81J0ri5/Ncl80C/zWlK17R8q6Y/+ezyMQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGWDeyx/QmJkKb/4sCja4LFop9w0MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWllON0xIOUNZbVFwdl9pd0tOcmdzV2luM0RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFqQheJ80Oe6GJ/Jdn3d
Eds76TyJCUzihKzj5jx8NHOFADoIXI9Qf/QJQxCYtbBSq+6IOdwP1mhQW5NPsogG
vhBXB8bEB+IT595ZDpyjs9RFESGGhNmxawJNeAzCXl1qvgI7/zrx8paosAdCVBD9
HQ6YGNHBZhvVBm9mEoW2RA+VqijcmEMLBVTy+ofmpYaSB0CFC4RdG4tYbJDzrljE
spXvQDuVgyf/YN65zDfMM+DaJtChYFblYivCibzWktmgv99rbpAU2JjKediT8nMo
15SUI01N3ByNHD/EOQqiKqV9ony5c4FedXLJpWFECwG9IlWRSYK9GArmGMVpGOuO
imo=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:09:52 2025 by rpki-client