Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/zYWsDAhgfOpVFjlnUhZAZWm1yKE.roa
File: zYWsDAhgfOpVFjlnUhZAZWm1yKE.roa (raw, json)
Hash identifier: F3yPQugGw+6kku5Y7V+GdV4AclmxLG2ekOLdS6/2XaI=
Subject key identifier: CD:85:AC:0C:08:60:7C:EA:55:16:39:67:52:16:40:65:69:B5:C8:A1
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C39424A4A44773D8D2C42B31DB60877B9
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/zYWsDAhgfOpVFjlnUhZAZWm1yKE.roa
Signing time: Tue 05 Dec 2023 09:14:54 +0000
ROA not before: Tue 05 Dec 2023 09:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:39:42:4a:4a:44:77:3d:8d:2c:42:b3:1d:b6:08:77:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 5 09:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd85ac0c08607cea551639675216406569b5c8a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a3:9a:b0:9a:db:6c:45:f5:aa:40:8d:2c:72:
cd:65:f4:3e:8e:70:e9:88:8b:6b:28:e4:33:0a:5c:
70:22:b5:bd:4f:12:83:65:7e:3a:55:11:35:e0:98:
50:a9:76:94:da:97:64:f8:3f:fd:80:99:2e:d4:ed:
5f:3a:1a:ef:77:28:bd:57:a7:81:34:29:06:00:47:
b4:5c:ef:87:af:56:17:8f:97:35:c3:2f:40:d0:96:
48:5e:de:8b:7d:9b:08:5c:24:a4:ff:e2:ba:b9:64:
d0:8f:64:91:8a:0d:30:8d:23:e0:0c:67:6f:cc:f8:
3c:0c:13:17:29:f4:73:e6:3d:cf:de:ef:29:94:7c:
a8:f2:23:74:34:a1:5d:26:45:95:68:85:b6:32:7a:
f8:9c:7c:42:3f:2e:f1:af:23:58:cc:a4:d0:2d:ed:
04:ab:04:b4:9e:0b:a3:7b:ce:f4:2e:09:cd:f2:43:
5a:13:00:95:8d:32:54:5a:3a:91:c0:c3:b3:1f:35:
a7:46:f9:25:9a:1a:5d:fe:02:8b:a2:8a:23:96:bb:
4d:4b:6c:4e:28:68:c5:75:8d:6c:dc:3c:51:0e:dd:
36:90:3d:39:26:99:dd:cc:1f:b8:77:33:3c:97:0e:
33:9c:ea:7e:6f:3b:72:a1:5f:24:fb:c1:96:ce:a1:
df:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:85:AC:0C:08:60:7C:EA:55:16:39:67:52:16:40:65:69:B5:C8:A1
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/zYWsDAhgfOpVFjlnUhZAZWm1yKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
90:20:9d:41:6e:f7:08:97:43:40:8c:ad:21:8b:b3:00:a1:f3:
83:3e:fc:e7:e9:71:6f:66:24:2c:69:25:f8:e4:f3:35:17:93:
4a:2d:1d:de:c6:72:2a:a4:44:c6:35:2b:f3:c9:0f:15:6a:00:
60:e1:7b:8b:26:86:e6:e6:35:44:b0:79:6b:52:3f:28:9d:ef:
5d:60:6c:79:56:b9:b9:53:f8:ce:7c:87:0a:c3:bf:3f:08:dd:
d9:59:af:97:19:23:b1:5e:f4:3b:5c:f5:68:3c:3c:ac:19:20:
9a:56:16:33:4b:61:1d:cd:87:6f:0c:0f:fa:6a:18:00:a3:ee:
d9:0f:33:6f:87:2f:44:ac:46:3b:55:6a:20:6e:6a:ee:8a:9b:
0e:40:8c:8f:bb:96:74:5e:a3:ae:0f:4c:ab:eb:5c:d7:66:e6:
4f:d3:f9:21:64:51:50:7c:d2:0d:2b:6e:8c:18:cb:6d:7b:9e:
76:6f:fa:2f:9f:73:e8:db:bc:b8:7f:46:a4:3d:d0:04:bc:b5:
10:6e:6f:90:5a:c3:bb:47:84:09:ad:f3:f4:47:06:37:0c:0f:
6f:d2:20:bd:21:78:31:75:58:27:1b:93:43:4c:f6:af:da:95:
41:9e:1e:e5:04:bf:68:6f:9d:ce:13:b3:de:98:07:c7:e6:9e:
62:df:cb:19
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYw5QkpKRHc9jSxCsx22CHe5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA1MDkxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDg1YWMwYzA4NjA3Y2VhNTUxNjM5Njc1MjE2NDA2NTY5YjVjOGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKOasJrbbEX1qkCNLHLNZfQ+jnDp
iItrKOQzClxwIrW9TxKDZX46VRE14JhQqXaU2pdk+D/9gJku1O1fOhrvdyi9V6eB
NCkGAEe0XO+Hr1YXj5c1wy9A0JZIXt6LfZsIXCSk/+K6uWTQj2SRig0wjSPgDGdv
zPg8DBMXKfRz5j3P3u8plHyo8iN0NKFdJkWVaIW2Mnr4nHxCPy7xryNYzKTQLe0E
qwS0nguje870LgnN8kNaEwCVjTJUWjqRwMOzHzWnRvklmhpd/gKLooojlrtNS2xO
KGjFdY1s3DxRDt02kD05JpndzB+4dzM8lw4znOp+bztyoV8k+8GWzqHf/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM2FrAwIYHzqVRY5Z1IWQGVptcihMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvellXc0RBaGdmT3BWRmpsblVoWkFaV20xeUtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJAgnUFu9wiXQ0CMrSGL
swCh84M+/OfpcW9mJCxpJfjk8zUXk0otHd7GciqkRMY1K/PJDxVqAGDhe4smhubm
NUSweWtSPyid711gbHlWublT+M58hwrDvz8I3dlZr5cZI7Fe9Dtc9Wg8PKwZIJpW
FjNLYR3Nh28MD/pqGACj7tkPM2+HL0SsRjtVaiBuau6Kmw5AjI+7lnReo64PTKvr
XNdm5k/T+SFkUVB80g0rbowYy217nnZv+i+fc+jbvLh/RqQ90AS8tRBub5Baw7tH
hAmt8/RHBjcMD2/SIL0heDF1WCcbk0NM9q/alUGeHuUEv2hvnc4Ts96YB8fmnmLf
yxk=
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:05:45 2025 by rpki-client