Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/zaOfAgfCZHXKF9bDPT1mcEl1fWg.roa
File: zaOfAgfCZHXKF9bDPT1mcEl1fWg.roa (raw, json)
Hash identifier: h934HVzfaiVIZkuGW70ifVkTPpi3X/OqX2XidGNNu5M=
Subject key identifier: CD:A3:9F:02:07:C2:64:75:CA:17:D6:C3:3D:3D:66:70:49:75:7D:68
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C5A4ED9B6804F9261300360A289E313D6
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/zaOfAgfCZHXKF9bDPT1mcEl1fWg.roa
Signing time: Mon 11 Dec 2023 19:16:06 +0000
ROA not before: Mon 11 Dec 2023 19:16:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5a:4e:d9:b6:80:4f:92:61:30:03:60:a2:89:e3:13:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 11 19:16:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cda39f0207c26475ca17d6c33d3d667049757d68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6d:2a:b2:f3:59:47:81:36:28:7b:c6:b9:a6:
87:d0:a9:e0:7e:cf:83:e7:4d:71:0e:89:22:36:1c:
cb:0e:6f:0c:72:48:9a:4f:5e:fc:7a:dc:a0:da:78:
ab:09:25:81:bb:df:78:60:6d:11:98:e0:5a:6d:d9:
3e:77:bf:4b:46:b0:fb:9a:a7:7a:0f:4e:b0:a8:0d:
64:87:ee:78:43:10:60:1c:94:cf:f1:ed:af:b6:64:
b1:ca:24:16:20:bf:d6:f8:08:dc:1c:a0:0f:88:3c:
a4:fc:ac:11:4f:06:56:e4:6b:a9:83:19:3b:56:06:
d1:81:f1:82:a8:4a:a2:60:73:de:2e:77:f5:ef:d3:
6b:a3:bd:ac:87:ea:26:e7:c4:1d:08:4a:a4:5b:ba:
46:91:28:16:58:1b:9f:47:12:65:f6:66:5d:ba:6a:
b1:09:6a:b8:f1:36:eb:2a:74:10:59:bb:c2:63:0b:
0b:a9:fc:0d:04:a7:58:c2:7f:e6:ff:72:8b:11:00:
50:a3:32:a3:59:3a:6d:7d:1c:50:87:24:66:23:f3:
f4:66:8b:c6:ca:b4:1f:ad:a1:86:ff:d7:23:f1:39:
2b:70:a1:b8:ac:b0:c7:d0:91:fe:1a:2e:dc:0e:81:
dc:19:31:dc:61:21:ad:58:87:3d:8f:cf:ac:df:54:
c9:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:A3:9F:02:07:C2:64:75:CA:17:D6:C3:3D:3D:66:70:49:75:7D:68
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/zaOfAgfCZHXKF9bDPT1mcEl1fWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
bc:a4:51:17:8c:9b:9b:ba:12:8b:2c:a1:89:7f:6f:fb:6c:45:
72:bf:44:10:ba:c6:73:cd:f4:6b:fb:84:3a:8e:93:29:bf:5c:
70:7e:08:46:61:da:6e:65:6d:37:d4:b6:02:dc:27:79:23:a0:
9b:81:db:15:d7:f1:eb:a5:fe:85:df:b0:b5:b4:b5:7e:a5:dc:
7a:12:40:9c:c7:fe:0b:b3:1f:e8:5c:f6:ec:58:1b:d1:34:5c:
75:60:9b:4c:fa:94:77:36:19:6c:f6:26:b5:7d:ff:6e:a1:07:
1e:0e:13:d4:b4:a1:10:a2:3b:dd:3f:b6:24:54:31:3c:b6:a5:
8d:9b:64:38:c7:81:18:d6:a0:ad:e2:c2:bf:b3:6a:e6:ef:0e:
e6:4d:92:8c:12:a6:36:07:3d:26:aa:92:99:a8:84:21:b3:a2:
59:5d:6d:2f:6f:81:c3:83:de:ac:5e:f8:f4:95:f8:61:99:43:
9e:3b:28:c9:34:6f:ef:0c:4b:74:a4:af:38:03:c3:5f:30:4c:
3c:d2:94:df:5d:9c:48:fa:86:f6:15:4f:ff:3f:99:80:49:3b:
68:b5:57:dc:f1:d0:cd:60:4c:4a:7f:b9:d9:40:07:ca:c5:9c:
33:09:27:fd:f0:eb:a9:7b:6e:41:4f:b8:e1:ac:e2:17:86:43:
aa:b3:f9:81
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxaTtm2gE+SYTADYKKJ4xPWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjExMTkxNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGEzOWYwMjA3YzI2NDc1Y2ExN2Q2YzMzZDNkNjY3MDQ5NzU3ZDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsG0qsvNZR4E2KHvGuaaH0Kngfs+D
501xDokiNhzLDm8MckiaT178etyg2nirCSWBu994YG0RmOBabdk+d79LRrD7mqd6
D06wqA1kh+54QxBgHJTP8e2vtmSxyiQWIL/W+AjcHKAPiDyk/KwRTwZW5Gupgxk7
VgbRgfGCqEqiYHPeLnf179Nro72sh+om58QdCEqkW7pGkSgWWBufRxJl9mZdumqx
CWq48TbrKnQQWbvCYwsLqfwNBKdYwn/m/3KLEQBQozKjWTptfRxQhyRmI/P0ZovG
yrQfraGG/9cj8TkrcKG4rLDH0JH+Gi7cDoHcGTHcYSGtWIc9j8+s31TJAwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM2jnwIHwmR1yhfWwz09ZnBJdX1oMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvemFPZkFnZkNaSFhLRjliRFBUMW1jRWwxZldnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALykUReMm5u6EossoYl/
b/tsRXK/RBC6xnPN9Gv7hDqOkym/XHB+CEZh2m5lbTfUtgLcJ3kjoJuB2xXX8eul
/oXfsLW0tX6l3HoSQJzH/guzH+hc9uxYG9E0XHVgm0z6lHc2GWz2JrV9/26hBx4O
E9S0oRCiO90/tiRUMTy2pY2bZDjHgRjWoK3iwr+zaubvDuZNkowSpjYHPSaqkpmo
hCGzolldbS9vgcOD3qxe+PSV+GGZQ547KMk0b+8MS3SkrzgDw18wTDzSlN9dnEj6
hvYVT/8/mYBJO2i1V9zx0M1gTEp/udlAB8rFnDMJJ/3w66l7bkFPuOGs4heGQ6qz
+YE=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:06:45 2025 by rpki-client