Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ZpPA-SCuBxALRjMNT54JXqz1yso.roa
File: ZpPA-SCuBxALRjMNT54JXqz1yso.roa (raw, json)
Hash identifier: hyi6MztpUTSS5N+x6jM/cBVYyyorL+KfSMMsdg7P6UA=
Subject key identifier: 66:93:C0:F9:20:AE:07:10:0B:46:33:0D:4F:9E:09:5E:AC:F5:CA:CA
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C82A51549F4FE337FE49A1100C04B6312
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ZpPA-SCuBxALRjMNT54JXqz1yso.roa
Signing time: Tue 19 Dec 2023 15:15:06 +0000
ROA not before: Tue 19 Dec 2023 15:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:82:a5:15:49:f4:fe:33:7f:e4:9a:11:00:c0:4b:63:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 19 15:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6693c0f920ae07100b46330d4f9e095eacf5caca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:f8:0c:40:0e:d1:10:9a:33:ce:c4:fe:16:de:
39:79:f6:db:0f:50:cf:a4:81:2b:68:24:5f:a6:a3:
40:66:96:f3:67:1f:65:3e:8b:bf:6c:97:a9:5f:ad:
a7:3b:99:e0:64:20:88:c3:4c:2d:93:df:7b:17:05:
11:bf:ca:59:ce:f7:ca:c8:7b:ed:77:73:fd:01:84:
c4:82:b9:3e:f5:38:0a:ae:b5:e7:68:f8:6d:0e:e2:
d3:66:21:86:81:8a:19:9e:23:f0:b2:2e:d8:9c:4b:
80:86:41:31:c4:d5:0d:70:5f:8f:2d:7b:11:0f:d1:
2f:f7:93:ef:52:23:dc:2f:14:c3:10:d2:7b:5d:67:
bb:54:1c:23:e1:29:33:71:cb:91:a1:ce:1b:b9:7f:
4f:30:f5:ef:b0:51:68:32:18:ca:7f:d7:85:50:91:
f5:b2:d8:d1:27:6b:e0:e0:cb:79:0e:2b:4f:cc:d8:
31:0c:b5:0b:b6:64:79:18:63:16:a0:f6:7f:0c:99:
28:0a:ac:dd:a1:49:3b:dc:c7:d8:6f:40:b5:9d:ec:
40:cd:31:9c:df:3d:48:b2:84:c9:17:d3:57:f7:b6:
39:04:63:a8:a3:3f:d0:01:e5:b5:6c:56:3f:1f:b1:
33:08:77:ba:c9:4b:d0:f4:f0:81:af:47:3a:cf:b9:
72:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:93:C0:F9:20:AE:07:10:0B:46:33:0D:4F:9E:09:5E:AC:F5:CA:CA
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ZpPA-SCuBxALRjMNT54JXqz1yso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
02:90:f0:bd:ba:ed:97:9d:f1:47:f1:81:aa:74:47:73:e4:b6:
18:5c:a4:8f:8d:e1:7a:e5:08:ed:f8:84:2c:cd:9f:0f:0f:fc:
20:5c:b8:d2:00:57:7b:e3:e4:05:0d:d1:c3:f8:58:fe:ed:e8:
d8:c6:af:ac:05:be:a9:a9:09:54:76:2f:f2:d9:6d:66:77:8a:
34:e0:5b:d2:d4:0e:fd:87:4e:e5:ac:ee:08:7c:b9:e1:0a:8c:
02:a8:ab:d0:60:91:0c:c3:e6:0b:82:75:14:dd:11:1d:9c:a5:
a1:ae:cd:5f:a4:f8:f7:7c:eb:a6:68:b4:1d:34:37:14:f0:fa:
1a:58:ce:b1:f9:8f:fe:67:f7:04:9a:40:a3:88:f1:2e:bd:53:
0a:3c:5a:a8:8c:9e:26:af:be:82:a5:e1:bd:34:ef:a9:56:24:
38:76:4e:39:31:3c:70:89:ea:3c:ff:a1:86:fd:7c:17:02:c1:
c6:6c:90:38:2f:6b:60:88:46:26:4a:e7:47:38:56:86:68:70:
a3:f6:b4:92:8f:5d:15:2d:6d:ea:06:af:3a:3b:cd:d9:06:a4:
74:4a:1f:7f:aa:ff:d3:12:c0:b5:c3:6b:67:e9:23:23:b3:33:
c7:f2:e5:e4:44:bf:41:85:26:2d:0a:68:d3:ff:c0:83:e3:6f:
02:8a:d7:10
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyCpRVJ9P4zf+SaEQDAS2MSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE5MTUxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjkzYzBmOTIwYWUwNzEwMGI0NjMzMGQ0ZjllMDk1ZWFjZjVjYWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvgMQA7REJozzsT+Ft45efbbD1DP
pIEraCRfpqNAZpbzZx9lPou/bJepX62nO5ngZCCIw0wtk997FwURv8pZzvfKyHvt
d3P9AYTEgrk+9TgKrrXnaPhtDuLTZiGGgYoZniPwsi7YnEuAhkExxNUNcF+PLXsR
D9Ev95PvUiPcLxTDENJ7XWe7VBwj4SkzccuRoc4buX9PMPXvsFFoMhjKf9eFUJH1
stjRJ2vg4Mt5DitPzNgxDLULtmR5GGMWoPZ/DJkoCqzdoUk73MfYb0C1nexAzTGc
3z1IsoTJF9NX97Y5BGOooz/QAeW1bFY/H7EzCHe6yUvQ9PCBr0c6z7lyNwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGaTwPkgrgcQC0YzDU+eCV6s9crKMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWnBQQS1TQ3VCeEFMUmpNTlQ1NEpYcXoxeXNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAKQ8L267Zed8Ufxgap0
R3PkthhcpI+N4XrlCO34hCzNnw8P/CBcuNIAV3vj5AUN0cP4WP7t6NjGr6wFvqmp
CVR2L/LZbWZ3ijTgW9LUDv2HTuWs7gh8ueEKjAKoq9BgkQzD5guCdRTdER2cpaGu
zV+k+Pd866ZotB00NxTw+hpYzrH5j/5n9wSaQKOI8S69Uwo8WqiMniavvoKl4b00
76lWJDh2TjkxPHCJ6jz/oYb9fBcCwcZskDgva2CIRiZK50c4VoZocKP2tJKPXRUt
beoGrzo7zdkGpHRKH3+q/9MSwLXDa2fpIyOzM8fy5eREv0GFJi0KaNP/wIPjbwKK
1xA=
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:13:49 2025 by rpki-client