Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/zOtcMHH8f049GtWgCaNlQGVUm2c.roa
File: zOtcMHH8f049GtWgCaNlQGVUm2c.roa (raw, json)
Hash identifier: ws2Qayf70veSYdzHAI1UbSljm5Gd/2yGUGEAcykQX30=
Subject key identifier: CC:EB:5C:30:71:FC:7F:4E:3D:1A:D5:A0:09:A3:65:40:65:54:9B:67
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B3FB40EA7D5F630ADF0F7829DC0C1268D
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/zOtcMHH8f049GtWgCaNlQGVUm2c.roa
Signing time: Tue 17 Oct 2023 22:14:06 +0000
ROA not before: Tue 17 Oct 2023 22:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3f:b4:0e:a7:d5:f6:30:ad:f0:f7:82:9d:c0:c1:26:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 17 22:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cceb5c3071fc7f4e3d1ad5a009a3654065549b67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:59:60:ec:aa:94:33:5b:2d:19:64:50:7b:d7:
de:06:21:ef:ba:f4:66:bb:ff:57:78:7b:a9:02:33:
63:a5:3f:47:fa:2b:be:75:1a:8a:d9:40:52:b4:25:
5e:43:4d:3f:7d:71:53:10:7c:e4:7e:56:dd:aa:52:
f2:ce:dc:82:72:7c:89:fc:48:77:a0:cb:e8:76:d2:
e9:2c:c4:04:81:8f:e2:54:23:b1:95:c9:b5:bc:8f:
a5:1a:1c:ee:41:1f:17:b7:c7:0e:92:72:ee:34:94:
fa:e7:87:69:40:6a:16:eb:7c:3b:56:89:ed:11:1e:
3f:55:ec:4a:27:1d:c0:ae:f9:29:d5:e6:20:67:e2:
5a:03:6f:e6:97:2e:23:6d:5e:28:77:32:9d:f7:bf:
b6:a9:01:d3:21:fb:5e:8e:56:a1:0f:1b:59:8b:21:
36:44:aa:ed:09:79:5b:5e:c4:aa:35:af:e2:b6:48:
ed:be:63:2e:45:af:ff:66:26:e1:82:dd:7d:2f:a9:
33:59:b2:e8:fd:86:a7:64:1f:4f:70:f2:17:c4:b6:
a3:2a:1d:ad:ee:a6:33:74:61:41:dd:cd:14:55:79:
5f:95:66:30:39:f6:9f:ef:34:d2:fb:1b:dc:87:8c:
d7:68:27:c4:1b:7c:8d:a7:ca:71:97:d8:ed:51:77:
f9:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:EB:5C:30:71:FC:7F:4E:3D:1A:D5:A0:09:A3:65:40:65:54:9B:67
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/zOtcMHH8f049GtWgCaNlQGVUm2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
18:dc:ab:e0:17:06:64:99:1f:45:3d:88:87:08:19:fc:14:93:
b0:ab:b0:8e:65:54:2b:b2:65:a1:4b:25:7f:9e:ed:09:01:a2:
3e:63:2f:14:a4:84:50:5e:71:32:9a:0b:e7:4e:ca:4a:b9:08:
ed:b1:5f:26:c1:04:93:b6:12:83:85:77:0f:b5:19:70:04:55:
b1:7a:b7:db:94:c3:db:e5:78:4e:2e:9b:6a:6a:79:01:40:71:
a0:0a:d5:a8:50:a6:70:4a:de:75:0a:e6:8b:e0:a9:c6:d7:0f:
74:ba:ea:96:93:f1:67:cf:d2:db:27:40:0a:da:7f:7d:46:6d:
3e:e1:38:e0:62:4b:d1:d5:1d:bb:87:53:43:f2:60:b7:fb:d9:
59:75:dc:ef:d2:bf:1c:cf:7d:c9:3d:a7:92:d1:a8:39:e4:18:
6d:d0:4e:6f:01:26:0d:db:79:6c:ed:ad:00:f7:f8:89:72:91:
ec:6f:43:c0:c8:6d:6e:08:c2:04:b2:e7:9b:90:11:06:87:3c:
0f:65:aa:94:1e:7b:f4:c2:6d:bd:1e:86:e1:eb:85:ce:11:cb:
c9:31:a6:f3:95:00:06:c7:14:bb:ef:75:7b:b7:e7:57:c2:f8:
6a:df:0e:98:bc:eb:4f:1e:59:9d:70:fa:53:44:91:92:6b:a5:
42:20:b1:d4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYs/tA6n1fYwrfD3gp3AwSaNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE3MjIxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2ViNWMzMDcxZmM3ZjRlM2QxYWQ1YTAwOWEzNjU0MDY1NTQ5YjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVlg7KqUM1stGWRQe9feBiHvuvRm
u/9XeHupAjNjpT9H+iu+dRqK2UBStCVeQ00/fXFTEHzkflbdqlLyztyCcnyJ/Eh3
oMvodtLpLMQEgY/iVCOxlcm1vI+lGhzuQR8Xt8cOknLuNJT654dpQGoW63w7Vont
ER4/VexKJx3Arvkp1eYgZ+JaA2/mly4jbV4odzKd97+2qQHTIftejlahDxtZiyE2
RKrtCXlbXsSqNa/itkjtvmMuRa//Zibhgt19L6kzWbLo/YanZB9PcPIXxLajKh2t
7qYzdGFB3c0UVXlflWYwOfaf7zTS+xvch4zXaCfEG3yNp8pxl9jtUXf51wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMzrXDBx/H9OPRrVoAmjZUBlVJtnMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvek90Y01ISDhmMDQ5R3RXZ0NhTmxRR1ZVbTJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABjcq+AXBmSZH0U9iIcI
GfwUk7CrsI5lVCuyZaFLJX+e7QkBoj5jLxSkhFBecTKaC+dOykq5CO2xXybBBJO2
EoOFdw+1GXAEVbF6t9uUw9vleE4um2pqeQFAcaAK1ahQpnBK3nUK5ovgqcbXD3S6
6paT8WfP0tsnQAraf31GbT7hOOBiS9HVHbuHU0PyYLf72Vl13O/SvxzPfck9p5LR
qDnkGG3QTm8BJg3beWztrQD3+IlykexvQ8DIbW4IwgSy55uQEQaHPA9lqpQee/TC
bb0ehuHrhc4Ry8kxpvOVAAbHFLvvdXu351fC+GrfDpi8608eWZ1w+lNEkZJrpUIg
sdQ=
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:44:38 2025 by rpki-client