Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ZhEry7MYpIbaCjzYSF4XIgmALWM.roa
File: ZhEry7MYpIbaCjzYSF4XIgmALWM.roa (raw, json)
Hash identifier: 65t9/NNBOg1LNZVi2VBTRcneTIPiQ3n2zQ01yNT39R4=
Subject key identifier: 66:11:2B:CB:B3:18:A4:86:DA:0A:3C:D8:48:5E:17:22:09:80:2D:63
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B93296803F453AD7B7623D44CE6EE2662
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ZhEry7MYpIbaCjzYSF4XIgmALWM.roa
Signing time: Fri 03 Nov 2023 03:10:46 +0000
ROA not before: Fri 03 Nov 2023 03:10:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64:ffff:0:18b:9323:ae56/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:93:29:68:03:f4:53:ad:7b:76:23:d4:4c:e6:ee:26:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 3 03:10:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66112bcbb318a486da0a3cd8485e172209802d63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:5c:df:a3:7b:36:dd:27:4f:9d:8a:0d:0b:8d:
fc:b1:9a:e0:9d:21:fb:b2:d3:d8:3d:68:3a:70:e7:
76:b0:dd:a4:dc:a4:99:c8:a2:7f:48:d6:31:de:97:
54:ca:e6:69:c4:90:96:62:37:7d:0d:b6:eb:cf:d7:
77:92:9b:ef:19:14:1c:ec:5a:65:84:cb:ba:b1:3a:
a8:ee:19:fb:fe:86:09:62:6b:c6:00:17:2a:4c:a4:
0f:f1:0b:c3:26:bb:03:b8:26:8b:21:64:46:ac:85:
3f:14:47:65:7b:76:f2:f3:da:ff:e4:48:27:39:cd:
f1:05:5b:4d:31:03:d3:30:67:e5:b4:f1:6c:60:84:
52:8d:5d:a2:72:7e:45:de:de:fb:22:a2:87:6f:bf:
c6:e0:d1:d1:3a:98:9c:f9:6d:a9:3a:8a:88:a8:ea:
d5:ab:5f:06:8a:21:ff:4e:c5:c2:f7:ad:7c:71:40:
34:2b:c7:81:61:fb:c6:8c:ae:e3:a1:c4:f6:2c:66:
62:76:16:c5:8a:ce:f3:e0:13:b3:1a:cf:cc:bb:41:
2f:97:8c:2f:e6:de:93:a5:7e:77:35:1a:b7:49:75:
25:ba:e8:9b:b0:75:c1:23:f5:97:7f:b2:d0:2a:d5:
a7:db:b0:d6:08:b6:82:79:dc:d1:99:07:a4:58:98:
2a:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:11:2B:CB:B3:18:A4:86:DA:0A:3C:D8:48:5E:17:22:09:80:2D:63
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ZhEry7MYpIbaCjzYSF4XIgmALWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
89:74:ee:0f:b9:2a:0a:e2:70:bf:57:f7:00:03:d7:87:a6:2e:
f0:ba:90:dd:ff:3c:f0:5c:74:da:f5:c7:b1:b0:87:2e:36:fb:
bd:0c:e2:b1:2e:35:6e:e1:5e:2c:75:94:73:05:c4:e3:af:a3:
df:ba:f0:d0:d4:c1:0e:99:74:10:65:b5:f8:96:42:0a:b6:ae:
f5:17:3d:d3:56:83:de:9e:ca:ff:45:46:60:02:22:e1:91:b7:
f4:c7:da:a4:b2:00:db:9d:01:6f:6a:8a:eb:ec:cb:da:13:af:
70:c9:be:1f:41:ff:c3:35:69:55:36:60:89:b0:3e:e7:00:2b:
6b:71:32:0f:bf:a1:10:c8:50:eb:9d:10:ba:11:b0:93:c3:31:
17:b6:a2:30:a3:2e:f7:17:81:a6:f3:23:a9:26:8d:a2:3b:ce:
d5:4a:40:ac:3c:4a:9e:06:33:eb:d5:87:46:09:e2:7e:57:23:
7a:01:20:2b:c2:97:8f:24:b6:2f:b7:f0:86:c1:4a:b2:b6:74:
3e:37:dc:bd:6a:41:3c:6c:b8:05:ff:30:ca:cd:e5:b1:86:a1:
55:e3:06:72:de:5a:a2:1e:0d:c0:ab:0e:91:5b:cb:43:4a:0f:
f5:34:5b:99:65:e8:01:18:ad:b9:dc:8c:24:7d:31:b8:ba:b3:
43:1e:56:dc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuTKWgD9FOte3Yj1Ezm7iZiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTAzMDMxMDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjExMmJjYmIzMThhNDg2ZGEwYTNjZDg0ODVlMTcyMjA5ODAyZDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFzfo3s23SdPnYoNC438sZrgnSH7
stPYPWg6cOd2sN2k3KSZyKJ/SNYx3pdUyuZpxJCWYjd9Dbbrz9d3kpvvGRQc7Fpl
hMu6sTqo7hn7/oYJYmvGABcqTKQP8QvDJrsDuCaLIWRGrIU/FEdle3by89r/5Egn
Oc3xBVtNMQPTMGfltPFsYIRSjV2icn5F3t77IqKHb7/G4NHROpic+W2pOoqIqOrV
q18GiiH/TsXC9618cUA0K8eBYfvGjK7jocT2LGZidhbFis7z4BOzGs/Mu0Evl4wv
5t6TpX53NRq3SXUluuibsHXBI/WXf7LQKtWn27DWCLaCedzRmQekWJgqZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGYRK8uzGKSG2go82EheFyIJgC1jMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWmhFcnk3TVlwSWJhQ2p6WVNGNFhJZ21BTFdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIl07g+5KgricL9X9wAD
14emLvC6kN3/PPBcdNr1x7Gwhy42+70M4rEuNW7hXix1lHMFxOOvo9+68NDUwQ6Z
dBBltfiWQgq2rvUXPdNWg96eyv9FRmACIuGRt/TH2qSyANudAW9qiuvsy9oTr3DJ
vh9B/8M1aVU2YImwPucAK2txMg+/oRDIUOudELoRsJPDMRe2ojCjLvcXgabzI6km
jaI7ztVKQKw8Sp4GM+vVh0YJ4n5XI3oBICvCl48kti+38IbBSrK2dD433L1qQTxs
uAX/MMrN5bGGoVXjBnLeWqIeDcCrDpFby0NKD/U0W5ll6AEYrbncjCR9Mbi6s0Me
Vtw=
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:49:19 2025 by rpki-client