Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ZdG6meYhgJHfNKXnq2WLx_GcXps.roa
File: ZdG6meYhgJHfNKXnq2WLx_GcXps.roa (raw, json)
Hash identifier: OywQWd38n4r0VhIZrvr4UwRhPo1r1kFtsLj79CXozQk=
Subject key identifier: 65:D1:BA:99:E6:21:80:91:DF:34:A5:E7:AB:65:8B:C7:F1:9C:5E:9B
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C709DE94DCA1A1E5447E046038C2C5C73
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ZdG6meYhgJHfNKXnq2WLx_GcXps.roa
Signing time: Sat 16 Dec 2023 03:14:06 +0000
ROA not before: Sat 16 Dec 2023 03:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:70:9d:e9:4d:ca:1a:1e:54:47:e0:46:03:8c:2c:5c:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 16 03:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65d1ba99e6218091df34a5e7ab658bc7f19c5e9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:5a:62:bc:9d:8f:b0:15:1f:55:4e:87:eb:56:
12:32:9b:1e:ef:35:55:32:6e:3f:42:aa:0d:07:52:
ea:9d:85:e6:39:89:ce:1c:9e:09:de:78:5e:8a:cb:
50:65:e1:ae:0e:88:2b:38:22:13:61:3e:6a:45:39:
3e:28:9c:be:b0:b0:63:93:e5:54:63:85:76:98:4a:
94:8f:fd:0a:ce:fc:b5:8b:34:41:0c:0b:a6:dd:79:
b7:0b:86:87:ca:f8:3d:df:2b:3b:19:4a:74:0b:b6:
5a:b2:e4:72:d3:c3:1f:5e:a7:7e:73:d3:ed:f4:85:
f3:ff:57:4b:69:6c:28:56:9a:ee:e7:de:1a:91:c9:
47:3b:c1:8f:7f:e6:30:65:cf:e1:4a:da:0f:d3:69:
27:c3:d2:c2:5c:9a:2a:ee:6b:b7:48:a2:c9:5a:3a:
e6:93:05:8e:81:3e:f2:68:2e:59:04:a7:3c:25:21:
26:e2:6e:49:c3:2d:b8:14:38:a3:68:85:f9:47:10:
02:bc:0a:26:26:ac:79:54:9d:8a:5b:b4:8d:1a:bf:
a8:21:24:72:9c:02:c3:db:92:ff:04:cc:05:c4:8a:
9b:ec:40:73:a6:a4:90:18:7f:e5:dc:bd:a2:c2:d7:
45:ac:89:62:cd:88:2f:2f:6b:ee:50:2c:40:92:b8:
01:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:D1:BA:99:E6:21:80:91:DF:34:A5:E7:AB:65:8B:C7:F1:9C:5E:9B
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ZdG6meYhgJHfNKXnq2WLx_GcXps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
60:94:2b:4d:39:65:dc:ff:bc:69:18:84:b0:9a:e1:85:b4:c0:
26:f9:fa:22:16:8e:66:0a:0e:04:30:fb:1a:61:e0:2f:3f:7a:
cb:1d:c0:97:33:6e:6e:29:cd:07:88:f7:09:13:49:1a:37:f9:
fa:a0:08:35:b0:52:94:01:d0:07:f1:48:c3:f8:95:66:b9:dd:
23:39:82:c2:bf:68:7c:72:c5:d5:bd:ea:e1:81:43:71:26:41:
f4:d4:bb:99:4b:ea:ec:f3:13:9f:ae:dd:32:f9:cd:7c:30:3c:
b1:10:e1:4c:04:87:59:0a:f3:e7:ab:91:98:31:ad:fd:f6:6e:
41:0f:b7:0d:2e:40:2b:ce:7b:e3:74:b1:bd:6c:05:a7:e8:5b:
32:93:ad:64:d3:99:35:d8:c3:7c:3e:ef:fc:e6:16:38:01:ae:
0f:3c:0c:ec:3e:39:75:69:01:7c:dc:68:61:ae:b3:36:cc:7b:
cf:f6:a4:42:92:45:92:6d:ae:a8:70:c3:69:f1:40:f0:bb:40:
50:d6:72:f9:97:1d:17:38:2d:04:7f:cf:0e:bc:0f:96:ce:65:
8a:8b:91:75:d3:45:b6:7a:9b:ac:42:31:f2:c2:37:df:03:83:
8f:92:29:57:95:fb:df:2f:79:6c:0e:dc:2e:3c:c0:1a:a5:54:
cd:f4:69:ae
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxwnelNyhoeVEfgRgOMLFxzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE2MDMxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWQxYmE5OWU2MjE4MDkxZGYzNGE1ZTdhYjY1OGJjN2YxOWM1ZTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFpivJ2PsBUfVU6H61YSMpse7zVV
Mm4/QqoNB1LqnYXmOYnOHJ4J3nheistQZeGuDogrOCITYT5qRTk+KJy+sLBjk+VU
Y4V2mEqUj/0Kzvy1izRBDAum3Xm3C4aHyvg93ys7GUp0C7ZasuRy08MfXqd+c9Pt
9IXz/1dLaWwoVpru594akclHO8GPf+YwZc/hStoP02knw9LCXJoq7mu3SKLJWjrm
kwWOgT7yaC5ZBKc8JSEm4m5Jwy24FDijaIX5RxACvAomJqx5VJ2KW7SNGr+oISRy
nALD25L/BMwFxIqb7EBzpqSQGH/l3L2iwtdFrIlizYgvL2vuUCxAkrgBvwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGXRupnmIYCR3zSl56tli8fxnF6bMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWmRHNm1lWWhnSkhmTktYbnEyV0x4X0djWHBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGCUK005Zdz/vGkYhLCa
4YW0wCb5+iIWjmYKDgQw+xph4C8/essdwJczbm4pzQeI9wkTSRo3+fqgCDWwUpQB
0AfxSMP4lWa53SM5gsK/aHxyxdW96uGBQ3EmQfTUu5lL6uzzE5+u3TL5zXwwPLEQ
4UwEh1kK8+erkZgxrf32bkEPtw0uQCvOe+N0sb1sBafoWzKTrWTTmTXYw3w+7/zm
FjgBrg88DOw+OXVpAXzcaGGuszbMe8/2pEKSRZJtrqhww2nxQPC7QFDWcvmXHRc4
LQR/zw68D5bOZYqLkXXTRbZ6m6xCMfLCN98Dg4+SKVeV+98veWwO3C48wBqlVM30
aa4=
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:35:48 2025 by rpki-client