Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/zYZPkPzH7R3jDxyCHtzN1mQg9Xw.roa
File: zYZPkPzH7R3jDxyCHtzN1mQg9Xw.roa (raw, json)
Hash identifier: bG4aDG5whxA2Pm55xSw4XU3BOdj8396twHtbsEY4nMg=
Subject key identifier: CD:86:4F:90:FC:C7:ED:1D:E3:0F:1C:82:1E:DC:CD:D6:64:20:F5:7C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B74475D727497BE920ED119915BA0DBCA
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/zYZPkPzH7R3jDxyCHtzN1mQg9Xw.roa
Signing time: Sat 28 Oct 2023 03:15:15 +0000
ROA not before: Sat 28 Oct 2023 03:15:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:74:47:5d:72:74:97:be:92:0e:d1:19:91:5b:a0:db:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 28 03:15:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd864f90fcc7ed1de30f1c821edccdd66420f57c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:8b:56:77:cc:5e:2a:77:57:2a:97:de:19:91:
f1:d7:bd:2d:35:41:3d:85:6d:b1:c3:e7:99:a8:fc:
fe:2a:de:29:c0:6d:a6:ec:66:9c:fd:2d:eb:7f:36:
57:17:fe:af:3c:6b:b6:d2:5f:58:fc:65:62:c2:6d:
95:d8:c0:56:b6:ce:86:5c:fb:1c:05:1e:77:34:98:
9e:0e:5d:9a:5a:52:e9:2c:04:ee:ac:1a:c0:93:5d:
c9:99:df:4e:1f:c0:12:26:ae:1e:2b:6d:a8:c6:52:
a3:fe:de:3f:ec:3f:5f:ce:a6:bb:e0:c0:ea:39:d2:
0d:ff:d8:35:74:59:4f:5e:e4:c7:1e:e2:77:17:ae:
61:84:00:e2:fd:5c:0c:9f:08:8e:44:3f:45:6c:2a:
b4:7c:ae:db:80:86:5f:6d:23:5e:cb:62:21:c3:0a:
4d:c3:2d:b5:76:d4:bb:82:26:45:30:05:67:d1:fd:
ac:bc:7f:55:50:52:6f:92:ed:1e:e6:bf:5b:af:03:
e9:7e:4c:ed:6e:88:a1:d7:03:f1:6e:45:a4:1c:a0:
6f:33:6f:54:da:8f:b2:88:ab:92:c5:d8:03:23:e6:
d0:50:34:48:9b:ae:99:fd:f1:c1:80:84:d7:20:17:
79:f9:17:fd:38:67:00:ba:1a:e9:f6:f6:0d:a6:c9:
d3:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:86:4F:90:FC:C7:ED:1D:E3:0F:1C:82:1E:DC:CD:D6:64:20:F5:7C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/zYZPkPzH7R3jDxyCHtzN1mQg9Xw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
06:61:60:9b:e9:da:e5:27:17:58:d0:a7:f3:39:0d:fe:4d:e6:
0a:a9:78:7f:18:13:eb:95:23:4e:84:d5:0b:04:57:df:72:8f:
0f:9d:ab:6c:82:b3:ba:7b:91:34:3d:f2:dc:cd:b0:85:b7:d3:
1f:7b:d6:fc:0e:23:22:33:63:54:f8:04:ff:7d:65:8e:8c:e7:
1b:f4:83:45:22:4d:ce:ba:af:2c:93:c1:83:32:f2:25:4a:7c:
24:29:06:ed:55:b0:76:c5:39:c0:a5:d7:ec:9f:89:2a:8c:b4:
5e:91:5f:0d:7d:0c:4f:4f:11:6c:5a:a4:b1:a9:a4:d1:af:67:
73:b9:83:44:07:1a:d0:16:50:08:ec:db:86:5a:77:8a:aa:6a:
f1:82:7e:c6:e5:fd:37:48:db:dd:53:39:a8:a7:50:a9:00:79:
bc:fe:93:e1:7d:88:56:64:45:77:cb:8a:0f:5a:e7:0b:78:9a:
27:b9:fe:91:4b:ec:9d:d3:34:40:76:eb:31:ff:fa:ad:fd:e8:
ed:b8:ae:e9:3c:13:19:f1:08:b2:a0:5e:e9:21:06:7e:89:10:
4a:96:de:1c:e2:39:2e:88:b8:5b:2d:3f:f4:66:22:49:03:cd:
81:40:ad:0f:ad:6d:6c:e7:7d:d0:f9:71:48:82:1e:5d:04:b9:
f2:2f:97:1a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYt0R11ydJe+kg7RGZFboNvKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI4MDMxNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDg2NGY5MGZjYzdlZDFkZTMwZjFjODIxZWRjY2RkNjY0MjBmNTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYtWd8xeKndXKpfeGZHx170tNUE9
hW2xw+eZqPz+Kt4pwG2m7Gac/S3rfzZXF/6vPGu20l9Y/GViwm2V2MBWts6GXPsc
BR53NJieDl2aWlLpLATurBrAk13Jmd9OH8ASJq4eK22oxlKj/t4/7D9fzqa74MDq
OdIN/9g1dFlPXuTHHuJ3F65hhADi/VwMnwiORD9FbCq0fK7bgIZfbSNey2IhwwpN
wy21dtS7giZFMAVn0f2svH9VUFJvku0e5r9brwPpfkztboih1wPxbkWkHKBvM29U
2o+yiKuSxdgDI+bQUDRIm66Z/fHBgITXIBd5+Rf9OGcAuhrp9vYNpsnTawIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM2GT5D8x+0d4w8cgh7czdZkIPV8MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvellaUGtQekg3UjNqRHh5Q0h0ek4xbVFnOVh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAZhYJvp2uUnF1jQp/M5
Df5N5gqpeH8YE+uVI06E1QsEV99yjw+dq2yCs7p7kTQ98tzNsIW30x971vwOIyIz
Y1T4BP99ZY6M5xv0g0UiTc66ryyTwYMy8iVKfCQpBu1VsHbFOcCl1+yfiSqMtF6R
Xw19DE9PEWxapLGppNGvZ3O5g0QHGtAWUAjs24Zad4qqavGCfsbl/TdI291TOain
UKkAebz+k+F9iFZkRXfLig9a5wt4mie5/pFL7J3TNEB26zH/+q396O24ruk8Exnx
CLKgXukhBn6JEEqW3hziOS6IuFstP/RmIkkDzYFArQ+tbWznfdD5cUiCHl0EufIv
lxo=
-----END CERTIFICATE-----
Generated at Tue Apr 22 12:03:32 2025 by rpki-client