Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rZM4KIX4mzLBcXirh7QcSi-STac.roa
File: rZM4KIX4mzLBcXirh7QcSi-STac.roa (raw, json)
Hash identifier: A4C0TFymLfo8QYThc2cxUUoIbZW1vp7VzK8ei7tt2NY=
Subject key identifier: AD:93:38:28:85:F8:9B:32:C1:71:78:AB:87:B4:1C:4A:2F:92:4D:A7
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C6BAF6718742642988A993D58D3E41CAC
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rZM4KIX4mzLBcXirh7QcSi-STac.roa
Signing time: Fri 15 Dec 2023 04:15:06 +0000
ROA not before: Fri 15 Dec 2023 04:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6b:af:67:18:74:26:42:98:8a:99:3d:58:d3:e4:1c:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 15 04:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad93382885f89b32c17178ab87b41c4a2f924da7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:3e:26:bf:4f:7c:57:b6:68:5f:32:84:b2:68:
26:20:c2:90:88:cb:c3:be:83:5c:99:10:eb:d8:33:
f0:eb:c4:33:f4:e0:2a:be:5c:3b:ea:ea:5f:e2:bc:
08:cf:05:f0:f0:a7:b0:b2:45:8d:c5:4d:e6:af:dd:
f3:2b:40:0d:7a:12:e2:8d:17:c0:69:a3:76:c1:c3:
f7:98:8b:8d:c1:32:4f:84:60:ad:91:20:91:98:5a:
06:0f:a8:4f:7c:a8:be:e3:f0:e2:d9:85:89:4e:48:
ef:95:f3:3a:43:98:72:1e:b1:8f:49:d5:63:b5:ad:
4f:93:54:8b:77:ad:5c:71:2b:52:a1:9c:13:c0:8e:
e6:95:07:f3:97:b8:a3:f8:c6:a7:38:d4:ee:a5:c1:
52:56:56:18:4c:78:b8:d7:90:20:6b:cd:af:8d:18:
c3:4d:95:91:27:0a:ce:34:95:d3:87:95:f2:26:c0:
76:db:8a:db:28:97:ff:1c:db:6a:fd:d0:fa:95:82:
71:b0:f7:78:e2:78:55:f1:99:7c:82:0a:fc:49:63:
1c:e8:bf:14:0b:2d:69:01:5a:e5:57:b5:c3:39:03:
56:90:c1:5b:c6:b7:b8:ea:1c:94:63:36:1a:6c:49:
29:96:14:ed:d2:58:81:22:21:23:ae:6b:9f:48:a0:
f4:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:93:38:28:85:F8:9B:32:C1:71:78:AB:87:B4:1C:4A:2F:92:4D:A7
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rZM4KIX4mzLBcXirh7QcSi-STac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
51:b7:f3:85:4f:0e:37:9b:f7:da:d5:73:43:ae:1d:6d:8d:c6:
4b:ec:66:02:fd:10:54:c9:b8:c8:a2:c4:46:83:e5:5d:2b:7e:
ff:b3:a4:33:5b:3a:7a:67:42:fe:8d:ee:62:34:53:15:06:b6:
09:64:4a:ad:71:f4:9f:e8:52:c7:88:82:1f:23:de:2a:d8:c6:
4e:e4:64:d6:a4:7f:e4:70:c8:48:08:7e:a6:89:dd:a5:78:5d:
fc:03:76:fe:bb:cd:a3:55:b1:44:6e:70:b6:9e:8c:02:23:bb:
6b:d2:6c:ad:d7:68:5f:84:b1:28:f1:c0:4d:ae:fb:8e:98:58:
3e:55:ad:2f:b7:12:75:75:31:74:5a:18:72:13:b4:ab:1b:e5:
3b:a5:34:30:8f:76:47:04:a9:3f:09:04:52:76:67:a2:64:8f:
16:67:ac:f5:8e:de:67:c4:b1:5c:a6:53:44:eb:50:40:84:d0:
08:1b:61:9d:49:06:d8:03:3e:bb:55:f5:f5:c6:72:fe:d1:d5:
4f:5c:e3:15:22:f7:14:19:1c:35:a4:ee:94:3a:8e:dc:1e:3d:
ec:f9:6c:0c:18:02:e4:a9:ed:7a:a8:14:02:fe:4c:93:69:31:
ef:be:bd:28:4e:f3:75:ec:e9:70:c5:2a:44:86:3c:33:82:e1:
9a:0c:a6:eb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxrr2cYdCZCmIqZPVjT5BysMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE1MDQxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDkzMzgyODg1Zjg5YjMyYzE3MTc4YWI4N2I0MWM0YTJmOTI0ZGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoz4mv098V7ZoXzKEsmgmIMKQiMvD
voNcmRDr2DPw68Qz9OAqvlw76upf4rwIzwXw8KewskWNxU3mr93zK0ANehLijRfA
aaN2wcP3mIuNwTJPhGCtkSCRmFoGD6hPfKi+4/Di2YWJTkjvlfM6Q5hyHrGPSdVj
ta1Pk1SLd61ccStSoZwTwI7mlQfzl7ij+ManONTupcFSVlYYTHi415Aga82vjRjD
TZWRJwrONJXTh5XyJsB224rbKJf/HNtq/dD6lYJxsPd44nhV8Zl8ggr8SWMc6L8U
Cy1pAVrlV7XDOQNWkMFbxre46hyUYzYabEkplhTt0liBIiEjrmufSKD01wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK2TOCiF+JsywXF4q4e0HEovkk2nMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvclpNNEtJWDRtekxCY1hpcmg3UWNTaS1TVGFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFG384VPDjeb99rVc0Ou
HW2NxkvsZgL9EFTJuMiixEaD5V0rfv+zpDNbOnpnQv6N7mI0UxUGtglkSq1x9J/o
UseIgh8j3irYxk7kZNakf+RwyEgIfqaJ3aV4XfwDdv67zaNVsURucLaejAIju2vS
bK3XaF+EsSjxwE2u+46YWD5VrS+3EnV1MXRaGHITtKsb5TulNDCPdkcEqT8JBFJ2
Z6JkjxZnrPWO3mfEsVymU0TrUECE0AgbYZ1JBtgDPrtV9fXGcv7R1U9c4xUi9xQZ
HDWk7pQ6jtwePez5bAwYAuSp7XqoFAL+TJNpMe++vShO83Xs6XDFKkSGPDOC4ZoM
pus=
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:12:19 2025 by rpki-client