Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Zo7b84B68pyehREEt5g4MIzg-6Q.roa
File: Zo7b84B68pyehREEt5g4MIzg-6Q.roa (raw, json)
Hash identifier: 9DZIS/UmvloecrNqaKzul6inPvF5S/gtG0s2QolP5uw=
Subject key identifier: 66:8E:DB:F3:80:7A:F2:9C:9E:85:11:04:B7:98:38:30:8C:E0:FB:A4
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BAF7C8D1484DDF2C4312B036A4ECA504B
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Zo7b84B68pyehREEt5g4MIzg-6Q.roa
Signing time: Wed 08 Nov 2023 15:10:57 +0000
ROA not before: Wed 08 Nov 2023 15:10:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:af:7c:8d:14:84:dd:f2:c4:31:2b:03:6a:4e:ca:50:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 8 15:10:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=668edbf3807af29c9e851104b79838308ce0fba4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:cf:db:49:2a:87:04:c3:11:ca:44:fa:50:bc:
80:e6:72:79:69:5d:f7:0f:f6:f5:36:05:cc:65:8f:
c0:ff:71:d9:81:ff:3b:68:61:95:3a:db:81:b4:cc:
a1:bb:18:d4:3d:fd:63:01:75:49:29:24:27:e9:a7:
9d:d8:41:83:e6:6c:a2:ae:8d:57:b0:21:b9:3f:08:
d9:e2:5e:33:a9:56:51:be:f9:ef:54:ad:3d:e0:0d:
34:41:26:0f:62:97:2c:ce:00:77:14:4b:75:22:4f:
21:71:6b:91:ad:1b:f7:69:e8:7c:40:1f:66:34:18:
1b:a9:10:cb:6c:8b:53:3d:27:ec:c3:e5:a8:e3:cc:
50:ec:aa:46:d7:0d:f2:4c:f9:7d:4b:41:33:07:49:
43:df:69:d4:c1:e8:48:99:12:90:31:08:fe:2b:e2:
04:48:cd:84:34:58:fa:02:29:88:81:63:76:3d:5c:
61:14:fd:c0:52:cc:62:70:f9:b9:41:36:d6:f3:51:
89:4c:28:53:38:d0:ab:6c:c9:83:d5:09:f7:85:79:
79:06:d3:46:75:97:64:51:db:51:ea:0a:90:44:74:
1c:80:e5:9b:36:8e:52:9d:7f:6a:ef:d5:b4:eb:fc:
f7:d4:b1:5b:90:03:34:07:d8:d9:ef:45:c4:ac:93:
c9:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:8E:DB:F3:80:7A:F2:9C:9E:85:11:04:B7:98:38:30:8C:E0:FB:A4
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Zo7b84B68pyehREEt5g4MIzg-6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8f:42:b5:64:f1:fb:98:20:2f:0c:24:d8:c7:cf:9b:a0:b7:3f:
29:ed:e6:08:d1:2d:54:e4:ff:32:7c:38:fe:a1:03:e2:6b:a8:
c1:da:58:97:b2:dd:98:81:4f:3b:be:71:df:33:de:11:13:0e:
35:8d:1a:eb:c1:7b:33:24:cc:39:99:92:bc:06:95:23:bc:b1:
4c:6b:8d:fc:c8:9d:01:b3:7c:96:51:e3:22:7e:3e:62:00:90:
54:19:68:68:e6:6f:0e:4b:34:46:65:b3:ee:7f:fc:19:60:c9:
6a:b4:cb:3a:9b:a3:50:d6:3b:ce:9b:54:14:00:2c:82:c3:d8:
94:51:2c:92:e1:2f:89:51:ac:6e:7a:95:4d:4e:24:33:16:8c:
3f:57:58:ec:23:45:ec:86:bf:52:e9:e3:15:66:ea:e8:f3:8c:
bd:7d:21:e0:fb:3f:e5:fd:95:3a:83:93:4e:5f:23:32:5a:6a:
c8:75:85:dc:f5:95:61:5c:24:64:07:28:4f:7f:f2:11:1c:dd:
80:9d:b9:e3:1c:29:9f:e9:2a:db:d8:85:cd:83:82:3e:7e:73:
19:2e:b1:72:82:59:2f:6f:d2:6f:f0:3d:cd:56:32:3b:44:45:
6b:c1:17:01:9f:ed:3f:35:b5:bd:04:a8:00:56:d6:68:30:2b:
e8:8a:d5:eb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuvfI0UhN3yxDErA2pOylBLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA4MTUxMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjhlZGJmMzgwN2FmMjljOWU4NTExMDRiNzk4MzgzMDhjZTBmYmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjs/bSSqHBMMRykT6ULyA5nJ5aV33
D/b1NgXMZY/A/3HZgf87aGGVOtuBtMyhuxjUPf1jAXVJKSQn6aed2EGD5myiro1X
sCG5PwjZ4l4zqVZRvvnvVK094A00QSYPYpcszgB3FEt1Ik8hcWuRrRv3aeh8QB9m
NBgbqRDLbItTPSfsw+Wo48xQ7KpG1w3yTPl9S0EzB0lD32nUwehImRKQMQj+K+IE
SM2ENFj6AimIgWN2PVxhFP3AUsxicPm5QTbW81GJTChTONCrbMmD1Qn3hXl5BtNG
dZdkUdtR6gqQRHQcgOWbNo5SnX9q79W06/z31LFbkAM0B9jZ70XErJPJYwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGaO2/OAevKcnoURBLeYODCM4PukMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWm83Yjg0QjY4cHllaFJFRXQ1ZzRNSXpnLTZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI9CtWTx+5ggLwwk2MfP
m6C3Pynt5gjRLVTk/zJ8OP6hA+JrqMHaWJey3ZiBTzu+cd8z3hETDjWNGuvBezMk
zDmZkrwGlSO8sUxrjfzInQGzfJZR4yJ+PmIAkFQZaGjmbw5LNEZls+5//BlgyWq0
yzqbo1DWO86bVBQALILD2JRRLJLhL4lRrG56lU1OJDMWjD9XWOwjReyGv1Lp4xVm
6ujzjL19IeD7P+X9lTqDk05fIzJaash1hdz1lWFcJGQHKE9/8hEc3YCdueMcKZ/p
KtvYhc2Dgj5+cxkusXKCWS9v0m/wPc1WMjtERWvBFwGf7T81tb0EqABW1mgwK+iK
1es=
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:46:42 2025 by rpki-client