Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/cmzreaqiKeHPigB-gWC_-r-qP0A.roa
File: cmzreaqiKeHPigB-gWC_-r-qP0A.roa (raw, json)
Hash identifier: WRHxvJgD8moR1G/Lf5SqzSUaVYxWw4ehbtnNsO4Pwbs=
Subject key identifier: 72:6C:EB:79:AA:A2:29:E1:CF:8A:00:7E:81:60:BF:FA:BF:AA:3F:40
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B405D6C77217CEDC03995A6CB4492AD43
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/cmzreaqiKeHPigB-gWC_-r-qP0A.roa
Signing time: Wed 18 Oct 2023 01:19:06 +0000
ROA not before: Wed 18 Oct 2023 01:19:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:40:5d:6c:77:21:7c:ed:c0:39:95:a6:cb:44:92:ad:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 18 01:19:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=726ceb79aaa229e1cf8a007e8160bffabfaa3f40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:1d:2d:88:02:c3:cd:b6:e9:8e:f7:ef:30:92:
c0:fc:ee:f7:38:46:38:dd:10:e2:b8:10:cf:0c:fc:
f1:a3:4a:bd:e8:d7:c5:9f:84:88:46:17:44:d8:34:
f5:6a:68:35:42:08:4a:50:65:a4:30:3d:56:37:cd:
e6:55:40:d3:1a:76:d4:f8:7e:7f:b7:0b:bc:60:40:
db:87:bb:f0:4e:c5:79:6a:66:99:27:02:15:aa:81:
70:c1:00:7e:70:bb:0d:aa:8c:e0:9d:97:b4:0d:dd:
2c:21:e0:14:89:94:a7:a8:b1:e7:f5:fb:8a:d3:25:
48:c6:4a:1d:ba:fa:e9:6f:e1:15:de:14:76:8c:3e:
1c:c3:7e:e4:8b:b5:33:74:af:70:22:7e:88:a0:22:
db:7d:77:ee:6e:b9:a6:0c:40:93:d6:20:7d:c0:af:
c6:24:ab:91:cf:c2:a6:03:5c:0e:09:34:0d:3a:14:
28:93:fb:f9:0c:eb:a7:83:41:7a:ad:ca:c9:9f:bd:
73:57:d8:4d:9e:45:ad:13:2c:82:4b:ed:e1:ec:35:
1a:c1:28:4f:52:3e:07:4f:bd:3c:ea:0c:c4:a6:56:
1e:6f:9d:13:64:8a:f0:f7:37:ff:b3:c3:15:52:a6:
f9:e9:0f:d0:64:2e:6c:a7:69:2c:af:a0:24:87:83:
f7:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:6C:EB:79:AA:A2:29:E1:CF:8A:00:7E:81:60:BF:FA:BF:AA:3F:40
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/cmzreaqiKeHPigB-gWC_-r-qP0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
72:93:08:63:c0:18:6b:8f:b9:d8:04:1a:2f:3a:a4:cd:60:e9:
10:9b:30:e2:73:fb:2a:88:2d:17:45:2d:59:66:49:cd:23:21:
80:b7:2e:2d:10:67:5a:19:e3:a9:dc:6e:0f:72:db:77:57:7c:
f5:3e:fa:1a:b5:8e:1d:e0:5c:11:2b:37:bd:c3:6b:ff:87:c5:
d2:4f:3b:5c:d0:47:08:4b:81:b4:31:ca:d4:19:f4:d1:cd:73:
19:ea:49:b5:69:6c:62:4a:a7:a3:62:69:4a:ea:c5:f0:87:60:
80:cd:88:e4:79:ff:3b:5b:cd:c4:7d:81:53:95:8c:90:b0:d1:
80:07:33:99:49:18:41:5f:9b:30:88:3a:2f:8c:76:d6:b5:71:
26:6e:83:53:ac:f6:b4:a9:43:cc:ec:37:8a:d3:33:89:a0:04:
ef:b0:8e:25:98:ad:4b:1d:aa:48:9c:9b:8d:6e:6d:33:c1:91:
a4:63:ff:89:1b:fb:1e:57:33:5d:2f:31:f7:ca:9f:6f:54:cd:
fd:65:83:9a:94:f0:ae:2b:c7:7c:6e:c5:e0:73:7e:26:c5:2c:
a5:63:bf:72:75:9b:aa:48:99:a1:16:75:3b:73:32:20:72:b2:
4e:28:d6:4a:bc:47:6a:e9:32:97:c9:65:c8:59:83:de:4a:bf:
18:ea:19:97
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtAXWx3IXztwDmVpstEkq1DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE4MDExOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjZjZWI3OWFhYTIyOWUxY2Y4YTAwN2U4MTYwYmZmYWJmYWEzZjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0R0tiALDzbbpjvfvMJLA/O73OEY4
3RDiuBDPDPzxo0q96NfFn4SIRhdE2DT1amg1QghKUGWkMD1WN83mVUDTGnbU+H5/
twu8YEDbh7vwTsV5amaZJwIVqoFwwQB+cLsNqozgnZe0Dd0sIeAUiZSnqLHn9fuK
0yVIxkoduvrpb+EV3hR2jD4cw37ki7UzdK9wIn6IoCLbfXfubrmmDECT1iB9wK/G
JKuRz8KmA1wOCTQNOhQok/v5DOung0F6rcrJn71zV9hNnkWtEyyCS+3h7DUawShP
Uj4HT7086gzEplYeb50TZIrw9zf/s8MVUqb56Q/QZC5sp2ksr6Akh4P3UwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHJs63mqoinhz4oAfoFgv/q/qj9AMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvY216cmVhcWlLZUhQaWdCLWdXQ18tci1xUDBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHKTCGPAGGuPudgEGi86
pM1g6RCbMOJz+yqILRdFLVlmSc0jIYC3Li0QZ1oZ46ncbg9y23dXfPU++hq1jh3g
XBErN73Da/+HxdJPO1zQRwhLgbQxytQZ9NHNcxnqSbVpbGJKp6NiaUrqxfCHYIDN
iOR5/ztbzcR9gVOVjJCw0YAHM5lJGEFfmzCIOi+Mdta1cSZug1Os9rSpQ8zsN4rT
M4mgBO+wjiWYrUsdqkicm41ubTPBkaRj/4kb+x5XM10vMffKn29Uzf1lg5qU8K4r
x3xuxeBzfibFLKVjv3J1m6pImaEWdTtzMiBysk4o1kq8R2rpMpfJZchZg95Kvxjq
GZc=
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:11:41 2025 by rpki-client