Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/z6zo87OE0vmt3iEdxe2eaeVfs2g.roa
File: z6zo87OE0vmt3iEdxe2eaeVfs2g.roa (raw, json)
Hash identifier: QRmYNz2wz0qpalcupUmX2VbEPiP7TsmJFE2neB91Ud4=
Subject key identifier: CF:AC:E8:F3:B3:84:D2:F9:AD:DE:21:1D:C5:ED:9E:69:E5:5F:B3:68
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ACC795164E17873467E5FC1D7E05C220A
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/z6zo87OE0vmt3iEdxe2eaeVfs2g.roa
Signing time: Mon 25 Sep 2023 13:13:37 +0000
ROA not before: Mon 25 Sep 2023 13:13:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cc:79:51:64:e1:78:73:46:7e:5f:c1:d7:e0:5c:22:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 25 13:13:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cface8f3b384d2f9adde211dc5ed9e69e55fb368
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:3a:09:33:68:5a:b1:98:0f:14:96:53:ec:31:
bd:7a:c4:6e:93:23:e1:57:f0:93:09:39:3b:7d:e8:
af:3c:34:1a:17:b6:9c:1d:ab:b1:06:5d:d6:8e:d6:
42:9a:2e:16:ea:9b:8f:78:dc:53:53:21:34:06:c6:
8a:2d:35:ff:e2:0b:08:49:31:18:19:08:e7:62:6c:
eb:a9:f8:34:cd:d1:9f:a5:ef:d6:a3:7a:9d:cb:0c:
20:bd:85:f6:80:28:51:c1:53:56:44:70:e6:f9:45:
7f:ce:7c:46:15:b1:2b:93:76:c1:98:0e:65:81:ac:
43:74:ee:b9:fe:c6:24:bc:f6:54:e5:6c:7e:be:fd:
45:9f:76:b5:49:64:bd:3c:c8:c3:fb:19:7a:3a:e0:
42:76:fa:bb:a9:19:69:69:41:3f:fd:49:70:12:62:
41:15:86:9c:e7:5b:0c:d3:82:bd:14:0d:b9:b6:01:
76:e5:0e:8a:53:67:8f:05:52:64:80:c1:57:a7:d3:
5a:21:fa:41:9b:b3:05:30:fd:67:83:ba:76:7f:6d:
d2:dd:35:59:7f:3f:69:53:a1:de:3f:9a:55:e7:e7:
3c:7b:fd:3e:6b:bb:ad:83:f7:ae:45:ec:f6:f2:b7:
ff:52:dc:32:7e:5a:bd:ad:31:c0:4e:fc:44:07:94:
0a:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:AC:E8:F3:B3:84:D2:F9:AD:DE:21:1D:C5:ED:9E:69:E5:5F:B3:68
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/z6zo87OE0vmt3iEdxe2eaeVfs2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ad:ca:7f:5d:a5:14:8b:0d:53:a9:95:fe:29:8f:15:ba:e5:f9:
0f:53:52:31:77:32:7a:8c:6f:87:d2:3d:e4:af:c3:7e:b3:10:
af:3e:e8:74:e8:1f:38:0a:64:79:9c:1f:6a:02:07:01:e7:17:
a1:2c:d6:ca:84:0d:69:4a:cc:14:41:e7:12:65:ed:c4:78:94:
3a:65:d7:5b:74:07:c2:e7:ef:ab:38:a4:a2:6d:37:33:19:f7:
85:c3:c5:c3:11:88:3d:c1:c5:f9:31:6f:cd:fb:3c:23:28:ac:
b9:d7:c0:c0:42:c1:df:30:3e:d3:35:1f:5a:00:95:64:0d:8c:
a3:ae:e9:db:a4:c8:fb:39:bd:e9:90:40:94:34:41:ef:34:cb:
cf:6c:b9:c8:74:85:92:58:b6:df:a3:74:b7:7b:69:e6:c4:e7:
6b:77:e2:95:f2:5a:42:07:c2:b2:cb:94:cd:ba:0f:9d:33:0d:
9d:df:36:35:93:dc:86:d6:74:87:67:b8:91:a2:92:fc:ab:f6:
5c:49:ae:0e:de:11:a5:6d:e1:81:93:b8:a4:a7:95:ba:89:7f:
cb:c6:4b:4b:5f:9c:d5:d7:3d:b6:27:16:72:59:7c:3d:3b:45:
c5:66:56:5e:9a:10:eb:93:f4:11:6a:f5:14:33:02:6f:d8:ac:
b2:9d:94:96
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrMeVFk4XhzRn5fwdfgXCIKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI1MTMxMzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmFjZThmM2IzODRkMmY5YWRkZTIxMWRjNWVkOWU2OWU1NWZiMzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqToJM2hasZgPFJZT7DG9esRukyPh
V/CTCTk7feivPDQaF7acHauxBl3WjtZCmi4W6puPeNxTUyE0BsaKLTX/4gsISTEY
GQjnYmzrqfg0zdGfpe/Wo3qdywwgvYX2gChRwVNWRHDm+UV/znxGFbErk3bBmA5l
gaxDdO65/sYkvPZU5Wx+vv1Fn3a1SWS9PMjD+xl6OuBCdvq7qRlpaUE//UlwEmJB
FYac51sM04K9FA25tgF25Q6KU2ePBVJkgMFXp9NaIfpBm7MFMP1ng7p2f23S3TVZ
fz9pU6HeP5pV5+c8e/0+a7utg/euRez28rf/Utwyflq9rTHATvxEB5QK+QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM+s6POzhNL5rd4hHcXtnmnlX7NoMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvejZ6bzg3T0Uwdm10M2lFZHhlMmVhZVZmczJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAK3Kf12lFIsNU6mV/imP
Fbrl+Q9TUjF3MnqMb4fSPeSvw36zEK8+6HToHzgKZHmcH2oCBwHnF6Es1sqEDWlK
zBRB5xJl7cR4lDpl11t0B8Ln76s4pKJtNzMZ94XDxcMRiD3Bxfkxb837PCMorLnX
wMBCwd8wPtM1H1oAlWQNjKOu6dukyPs5vemQQJQ0Qe80y89such0hZJYtt+jdLd7
aebE52t34pXyWkIHwrLLlM26D50zDZ3fNjWT3IbWdIdnuJGikvyr9lxJrg7eEaVt
4YGTuKSnlbqJf8vGS0tfnNXXPbYnFnJZfD07RcVmVl6aEOuT9BFq9RQzAm/YrLKd
lJY=
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:35:25 2025 by rpki-client