Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/_Zs3KcpMhvpqZXa4ACroKuunhkA.roa
File: _Zs3KcpMhvpqZXa4ACroKuunhkA.roa (raw, json)
Hash identifier: z6ff70c9H1g6ytV2+/sGKbExXmTikX5l7b+gV/418LA=
Subject key identifier: FD:9B:37:29:CA:4C:86:FA:6A:65:76:B8:00:2A:E8:2A:EB:A7:86:40
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C6D2F0158F4C975C32DF4DEE5806A1AC2
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/_Zs3KcpMhvpqZXa4ACroKuunhkA.roa
Signing time: Fri 15 Dec 2023 11:14:06 +0000
ROA not before: Fri 15 Dec 2023 11:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6d:2f:01:58:f4:c9:75:c3:2d:f4:de:e5:80:6a:1a:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 15 11:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd9b3729ca4c86fa6a6576b8002ae82aeba78640
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:45:bd:c5:3d:08:32:ce:d6:92:45:c9:d0:c9:
d2:7d:85:79:5f:d8:a7:80:96:c6:14:c6:31:b7:30:
39:0d:7f:d3:29:68:a3:cd:f8:86:02:ed:ae:e3:a4:
90:29:5a:55:9a:f8:42:fc:04:17:47:29:91:97:fb:
ec:eb:64:65:13:41:40:03:eb:d1:90:43:b3:fc:04:
fb:12:c7:ca:6f:8c:1b:84:f8:de:ba:67:6c:c0:73:
bd:4b:99:ef:cb:39:7c:a1:5c:b9:f1:63:5c:f2:b0:
f3:85:c5:51:dd:b1:72:80:91:79:7e:a9:08:c7:25:
3d:14:44:9f:b3:99:10:29:d3:cc:4a:84:09:04:70:
95:ff:9a:8a:d9:85:09:fe:de:4a:6e:40:d2:cf:2a:
b6:d4:de:5b:ef:1b:53:b1:d2:3e:7f:6d:a0:25:04:
46:6c:50:5f:8b:f3:26:a7:37:be:d4:1b:a2:3d:e8:
1b:f1:7b:0d:f1:c0:4d:2e:c8:9f:af:bc:0e:93:dc:
4d:a3:05:7f:a8:cb:8d:9d:5c:42:c5:b1:cd:c8:ab:
09:64:1d:22:b8:9a:6a:bd:69:b2:d5:aa:70:af:2e:
f6:c8:f4:a0:59:aa:98:78:29:58:3a:8d:ba:df:9b:
a0:e1:5f:a6:d3:e4:ee:3e:86:d9:4d:d0:c9:e8:58:
7b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:9B:37:29:CA:4C:86:FA:6A:65:76:B8:00:2A:E8:2A:EB:A7:86:40
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/_Zs3KcpMhvpqZXa4ACroKuunhkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
28:d9:06:36:52:0a:0a:d4:ff:16:22:b4:48:f2:46:07:36:db:
09:02:a7:93:f7:7f:f4:d0:99:07:57:db:11:ec:75:bf:3c:84:
13:2c:aa:a2:93:dd:54:0a:c3:a0:d3:18:8d:09:59:a5:fd:a7:
3c:c0:2a:7b:c8:06:37:dc:7d:70:5a:70:65:86:12:1f:15:d1:
b9:24:1c:2e:36:7f:d1:f0:73:a0:fa:d3:07:41:21:44:23:d5:
ba:2a:69:0f:74:f7:7c:eb:1a:3e:a2:8b:a8:09:ec:d7:9e:c4:
76:b1:3d:e9:f9:15:75:e8:8d:ee:4a:61:ad:06:35:9c:0c:a5:
c8:ad:a1:e9:e3:d7:68:3a:a1:b6:69:54:44:31:10:15:dd:0b:
d3:65:9e:34:ae:e5:0d:4f:02:76:f4:a5:68:96:84:66:3a:28:
49:6e:16:0c:2a:db:d2:d1:f0:f0:7a:94:d7:12:35:0b:d4:9e:
9a:69:5c:af:af:7c:07:c4:ae:c7:07:4f:77:af:8c:5d:5e:f1:
ed:26:77:49:b5:ea:b0:99:e8:aa:16:f3:77:68:10:d4:64:98:
f9:1b:04:af:5a:f6:3d:f7:e3:92:e4:6b:42:6c:e4:0f:d4:43:
46:2f:e1:89:ed:a1:d8:d1:44:e3:93:7c:33:83:83:73:15:5d:
e2:a8:05:f1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxtLwFY9Ml1wy303uWAahrCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE1MTExNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDliMzcyOWNhNGM4NmZhNmE2NTc2YjgwMDJhZTgyYWViYTc4NjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0W9xT0IMs7WkkXJ0MnSfYV5X9in
gJbGFMYxtzA5DX/TKWijzfiGAu2u46SQKVpVmvhC/AQXRymRl/vs62RlE0FAA+vR
kEOz/AT7EsfKb4wbhPjeumdswHO9S5nvyzl8oVy58WNc8rDzhcVR3bFygJF5fqkI
xyU9FESfs5kQKdPMSoQJBHCV/5qK2YUJ/t5KbkDSzyq21N5b7xtTsdI+f22gJQRG
bFBfi/Mmpze+1BuiPegb8XsN8cBNLsifr7wOk9xNowV/qMuNnVxCxbHNyKsJZB0i
uJpqvWmy1apwry72yPSgWaqYeClYOo2635ug4V+m0+TuPobZTdDJ6Fh7mQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP2bNynKTIb6amV2uAAq6Crrp4ZAMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvX1pzM0tjcE1odnBxWlhhNEFDcm9LdXVuaGtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACjZBjZSCgrU/xYitEjy
Rgc22wkCp5P3f/TQmQdX2xHsdb88hBMsqqKT3VQKw6DTGI0JWaX9pzzAKnvIBjfc
fXBacGWGEh8V0bkkHC42f9Hwc6D60wdBIUQj1boqaQ9093zrGj6ii6gJ7NeexHax
Pen5FXXoje5KYa0GNZwMpcitoenj12g6obZpVEQxEBXdC9NlnjSu5Q1PAnb0pWiW
hGY6KEluFgwq29LR8PB6lNcSNQvUnpppXK+vfAfErscHT3evjF1e8e0md0m16rCZ
6KoW83doENRkmPkbBK9a9j3345Lka0Js5A/UQ0Yv4YntodjRROOTfDODg3MVXeKo
BfE=
-----END CERTIFICATE-----
Generated at Wed Apr 23 03:51:16 2025 by rpki-client