Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/zXQ0TK_EqSAYg5rsYnacUU7xMgs.roa
File: zXQ0TK_EqSAYg5rsYnacUU7xMgs.roa (raw, json)
Hash identifier: IstmMOlYCZNyuBfHAGrkfqUMhgP2r0iiSMBgA2EB/d0=
Subject key identifier: CD:74:34:4C:AF:C4:A9:20:18:83:9A:EC:62:76:9C:51:4E:F1:32:0B
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B7E941571C3A53A0CE5763A50075AC17E
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/zXQ0TK_EqSAYg5rsYnacUU7xMgs.roa
Signing time: Mon 30 Oct 2023 03:15:15 +0000
ROA not before: Mon 30 Oct 2023 03:15:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:7e:94:15:71:c3:a5:3a:0c:e5:76:3a:50:07:5a:c1:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 30 03:15:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd74344cafc4a92018839aec62769c514ef1320b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c9:8b:3d:97:a6:0e:7f:2e:94:4e:da:80:1f:
0a:ed:e5:65:33:71:19:8b:77:b4:bf:6a:91:98:57:
75:3a:7d:dc:19:c7:d8:3d:78:51:cc:94:c1:0c:bb:
f2:e9:88:a2:16:18:05:4c:ad:eb:79:83:99:f4:c5:
5f:09:81:a4:41:2b:31:a7:cf:a5:a0:77:49:0b:ef:
7d:eb:7b:9f:16:f7:ff:2f:af:e1:dd:8a:67:48:83:
8e:d2:8d:e8:53:15:e2:a8:b3:56:b5:9a:43:f4:47:
84:ed:4e:d4:e2:27:18:51:0e:52:e9:17:d4:88:7b:
ba:cd:7d:2e:53:20:28:98:29:10:22:9b:c8:bb:92:
3d:41:e2:70:6c:b0:ea:cd:23:ca:11:f7:3e:9e:09:
c1:46:e2:1d:a0:79:2a:0a:d2:1e:34:64:92:8d:27:
aa:fb:f5:64:53:7d:b1:90:c4:ce:52:f1:4b:be:39:
49:c0:81:48:1e:c4:f9:4c:13:93:8e:3c:fb:44:60:
8c:47:f4:a1:07:9e:47:06:b2:71:19:48:23:a4:6c:
aa:54:eb:e0:a5:7b:5d:5d:30:e0:11:51:30:90:c0:
05:4c:ed:b4:a4:98:3c:07:89:cf:09:c3:12:bf:98:
84:54:06:62:4f:8f:1f:13:5a:84:f4:39:4c:a8:4d:
c6:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:74:34:4C:AF:C4:A9:20:18:83:9A:EC:62:76:9C:51:4E:F1:32:0B
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/zXQ0TK_EqSAYg5rsYnacUU7xMgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
15:57:b8:07:c3:44:d9:13:0d:ae:e6:f3:03:22:44:6f:0b:6a:
bd:3d:01:87:99:39:53:03:3a:7f:ee:2f:d2:cf:03:67:1d:98:
ee:89:6a:f1:c2:11:1d:81:f4:82:1a:e6:c7:e8:92:6c:5a:f5:
c4:c2:50:28:c2:8d:23:d1:7b:46:14:c1:03:d0:48:d5:66:27:
6c:1a:6c:37:33:b9:7f:99:e2:2d:d9:b9:86:4e:86:ff:66:07:
27:79:b2:dc:c4:ac:47:aa:5d:3e:64:0a:2b:70:60:71:7b:d8:
cd:95:f6:bc:2e:49:cb:a5:53:55:b9:b3:de:3f:c3:56:54:f9:
5e:9f:1b:16:63:cc:5a:63:17:9e:db:c3:c5:4e:8b:c0:6c:ac:
01:d1:cc:57:1c:4b:2e:be:9e:04:c5:2f:dd:ce:25:b9:22:0a:
68:53:4a:d1:3d:d9:cc:4e:e6:ad:13:c5:ac:55:e7:e1:1b:c1:
1c:45:a7:9b:c5:44:41:fb:e9:7a:ab:ce:e0:9c:de:82:44:37:
f0:15:a7:4f:b7:cb:bf:12:bb:73:50:8e:22:07:87:00:c1:5a:
30:7f:be:95:4d:fa:39:ca:5f:0c:f0:dc:a3:10:ea:3b:fc:d2:
76:4a:4a:2b:85:7e:c7:03:3e:e1:38:ee:f1:d6:4f:69:d8:cd:
80:31:bc:57
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYt+lBVxw6U6DOV2OlAHWsF+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDMwMDMxNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDc0MzQ0Y2FmYzRhOTIwMTg4MzlhZWM2Mjc2OWM1MTRlZjEzMjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsmLPZemDn8ulE7agB8K7eVlM3EZ
i3e0v2qRmFd1On3cGcfYPXhRzJTBDLvy6YiiFhgFTK3reYOZ9MVfCYGkQSsxp8+l
oHdJC+9963ufFvf/L6/h3YpnSIOO0o3oUxXiqLNWtZpD9EeE7U7U4icYUQ5S6RfU
iHu6zX0uUyAomCkQIpvIu5I9QeJwbLDqzSPKEfc+ngnBRuIdoHkqCtIeNGSSjSeq
+/VkU32xkMTOUvFLvjlJwIFIHsT5TBOTjjz7RGCMR/ShB55HBrJxGUgjpGyqVOvg
pXtdXTDgEVEwkMAFTO20pJg8B4nPCcMSv5iEVAZiT48fE1qE9DlMqE3GAwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM10NEyvxKkgGIOa7GJ2nFFO8TILMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvelhRMFRLX0VxU0FZZzVyc1luYWNVVTd4TWdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABVXuAfDRNkTDa7m8wMi
RG8Lar09AYeZOVMDOn/uL9LPA2cdmO6JavHCER2B9IIa5sfokmxa9cTCUCjCjSPR
e0YUwQPQSNVmJ2wabDczuX+Z4i3ZuYZOhv9mByd5stzErEeqXT5kCitwYHF72M2V
9rwuSculU1W5s94/w1ZU+V6fGxZjzFpjF57bw8VOi8BsrAHRzFccSy6+ngTFL93O
JbkiCmhTStE92cxO5q0TxaxV5+EbwRxFp5vFREH76XqrzuCc3oJEN/AVp0+3y78S
u3NQjiIHhwDBWjB/vpVN+jnKXwzw3KMQ6jv80nZKSiuFfscDPuE47vHWT2nYzYAx
vFc=
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:37:10 2025 by rpki-client