Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ZtlW7Iuah9Wy8tLu1uQFR7Kg6RQ.roa
File: ZtlW7Iuah9Wy8tLu1uQFR7Kg6RQ.roa (raw, json)
Hash identifier: gli8I+TG08tRmgKQmkBt6WHoPWG4X5PG9d70xM8bc/I=
Subject key identifier: 66:D9:56:EC:8B:9A:87:D5:B2:F2:D2:EE:D6:E4:05:47:B2:A0:E9:14
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B53023887A6700F804ADB6F93221CA393
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ZtlW7Iuah9Wy8tLu1uQFR7Kg6RQ.roa
Signing time: Sat 21 Oct 2023 16:12:16 +0000
ROA not before: Sat 21 Oct 2023 16:12:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:53:02:38:87:a6:70:0f:80:4a:db:6f:93:22:1c:a3:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 21 16:12:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66d956ec8b9a87d5b2f2d2eed6e40547b2a0e914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:55:e1:62:e2:91:a7:3d:9d:17:e0:4e:a7:a5:
fe:c7:76:04:80:2b:1d:d1:94:ad:2f:93:54:6c:c8:
5e:8b:ac:b7:ae:a9:63:ca:2b:f8:65:47:fa:5e:0f:
5d:0b:b1:f7:43:4b:5e:37:db:0a:0d:47:0b:71:21:
68:b4:91:b1:11:fb:39:18:15:cf:7a:1f:39:7b:0f:
4d:2b:2e:10:f0:99:b9:cf:8f:c4:6c:80:cd:9e:e2:
57:4f:d2:21:1e:33:4d:d3:c2:12:dd:78:7f:06:59:
6c:e1:31:e3:b0:10:5e:32:69:4c:66:66:4b:f6:82:
ee:5d:b0:1b:14:2a:4e:e7:ba:98:85:2f:78:8f:be:
74:05:91:7d:24:9c:35:4f:bd:aa:ac:5a:97:8a:10:
be:5b:7e:22:9f:cd:72:46:a7:b6:27:3f:5f:f7:c8:
41:2d:10:4e:c2:e3:fc:e1:03:f4:e1:3c:98:33:cb:
2a:a2:54:02:3c:46:b4:73:9d:38:9d:0e:6c:f8:94:
62:28:cd:0a:e4:2e:aa:77:a1:01:d7:a8:80:91:99:
2b:e6:c1:20:30:f5:aa:26:44:9f:da:cb:c1:f8:69:
04:2d:da:2c:c9:33:e3:af:52:56:cc:28:a2:81:99:
41:a2:10:1c:48:f9:7c:9d:b6:73:71:4b:04:5e:6e:
fb:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:D9:56:EC:8B:9A:87:D5:B2:F2:D2:EE:D6:E4:05:47:B2:A0:E9:14
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ZtlW7Iuah9Wy8tLu1uQFR7Kg6RQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
02:ac:80:20:a2:d7:b5:ad:68:1d:72:a3:64:b9:d2:c3:1c:0a:
e5:09:cb:44:38:09:7d:21:9c:b8:31:ba:6d:3a:ae:96:2e:32:
ff:5d:59:6c:45:c8:60:23:5e:03:1f:67:38:64:e9:20:7c:5e:
d2:46:43:76:b5:c0:10:a9:60:e2:a8:ff:dc:48:b1:70:0a:be:
bb:ab:c4:d3:1a:f4:00:59:fe:e8:7e:a8:0a:a1:7f:4a:1e:c7:
c4:9a:c0:58:1f:0e:d1:20:1a:c9:70:50:e1:df:18:4c:a8:c6:
cb:2b:92:32:11:49:f3:a3:cc:12:3a:67:b3:fa:4c:08:4b:ad:
13:2b:8e:d2:53:bc:dc:f6:e3:31:4a:75:19:ea:33:69:18:76:
18:c1:e9:ad:aa:7f:10:00:6a:23:ac:2e:cf:22:92:88:13:3b:
ae:76:5a:e2:68:43:44:ca:20:67:34:83:4a:3e:d1:97:a6:0e:
65:40:46:af:54:f9:50:b9:ff:e2:44:4b:6d:fe:cd:a0:78:45:
7a:bb:7f:3c:ec:4d:b2:fb:d3:2a:02:6d:2a:1b:c0:2a:47:71:
d9:c9:00:b3:b8:ee:24:66:df:56:13:eb:fb:63:ea:38:69:54:
8b:9a:7b:34:a4:b7:51:6e:fe:98:68:88:88:a3:c3:e1:36:0c:
72:1c:ba:53
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtTAjiHpnAPgErbb5MiHKOTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIxMTYxMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmQ5NTZlYzhiOWE4N2Q1YjJmMmQyZWVkNmU0MDU0N2IyYTBlOTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1XhYuKRpz2dF+BOp6X+x3YEgCsd
0ZStL5NUbMhei6y3rqljyiv4ZUf6Xg9dC7H3Q0teN9sKDUcLcSFotJGxEfs5GBXP
eh85ew9NKy4Q8Jm5z4/EbIDNnuJXT9IhHjNN08IS3Xh/Blls4THjsBBeMmlMZmZL
9oLuXbAbFCpO57qYhS94j750BZF9JJw1T72qrFqXihC+W34in81yRqe2Jz9f98hB
LRBOwuP84QP04TyYM8sqolQCPEa0c504nQ5s+JRiKM0K5C6qd6EB16iAkZkr5sEg
MPWqJkSf2svB+GkELdosyTPjr1JWzCiigZlBohAcSPl8nbZzcUsEXm77QwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGbZVuyLmofVsvLS7tbkBUeyoOkUMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWnRsVzdJdWFoOVd5OHRMdTF1UUZSN0tnNlJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAKsgCCi17WtaB1yo2S5
0sMcCuUJy0Q4CX0hnLgxum06rpYuMv9dWWxFyGAjXgMfZzhk6SB8XtJGQ3a1wBCp
YOKo/9xIsXAKvrurxNMa9ABZ/uh+qAqhf0oex8SawFgfDtEgGslwUOHfGEyoxssr
kjIRSfOjzBI6Z7P6TAhLrRMrjtJTvNz24zFKdRnqM2kYdhjB6a2qfxAAaiOsLs8i
kogTO652WuJoQ0TKIGc0g0o+0ZemDmVARq9U+VC5/+JES23+zaB4RXq7fzzsTbL7
0yoCbSobwCpHcdnJALO47iRm31YT6/tj6jhpVIuaezSkt1Fu/phoiIijw+E2DHIc
ulM=
-----END CERTIFICATE-----
Generated at Sat Apr 19 06:07:57 2025 by rpki-client