Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/zeAvQSQ9vUcwADIhYoZvRLjh-KU.roa
File: zeAvQSQ9vUcwADIhYoZvRLjh-KU.roa (raw, json)
Hash identifier: zjixsoNzQ0dsQkpTaSgBBs0XQUb53N2qOPCZwAvYl28=
Subject key identifier: CD:E0:2F:41:24:3D:BD:47:30:00:32:21:62:86:6F:44:B8:E1:F8:A5
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B496288266567D881E537000E61C5CC29
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/zeAvQSQ9vUcwADIhYoZvRLjh-KU.roa
Signing time: Thu 19 Oct 2023 19:21:16 +0000
ROA not before: Thu 19 Oct 2023 19:21:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:49:62:88:26:65:67:d8:81:e5:37:00:0e:61:c5:cc:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 19 19:21:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cde02f41243dbd473000322162866f44b8e1f8a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:1b:75:22:d0:bc:a3:ff:eb:e1:70:48:96:6c:
23:96:d9:7b:2d:4b:de:9e:8c:55:46:a6:83:d2:3c:
1f:49:57:a7:e8:92:37:8c:7d:2a:04:89:c7:45:80:
f8:13:37:25:e5:96:a7:7f:c0:06:0c:d1:0a:86:d6:
d0:03:6e:9e:d4:44:5c:95:de:7c:1c:b9:f9:14:0b:
69:75:9b:b0:c3:05:a9:c0:55:50:d6:d1:90:07:af:
e3:07:4e:87:88:61:06:d0:8a:07:bc:89:23:6b:2e:
0e:5d:ff:4c:c7:2a:fa:97:93:97:98:bf:56:49:3a:
bf:0f:ec:5a:c4:f5:66:34:a9:34:20:80:d9:d2:ef:
91:5d:91:ee:74:8c:d4:eb:27:86:99:e5:8e:e9:5b:
c8:b3:1c:63:bf:f2:01:6e:8d:9a:69:16:4e:ba:3b:
ba:ea:2c:0d:bd:89:48:55:71:6b:02:11:46:cc:ba:
f7:87:cf:e5:c2:54:da:d0:cb:e8:e7:c0:eb:90:4f:
04:df:c7:2c:24:79:dd:df:47:dd:31:55:82:81:c8:
a0:52:d0:bf:c1:c3:e1:52:c7:ed:9d:b0:1e:89:da:
d6:3c:31:ed:6e:cb:a8:05:9e:88:43:72:c8:27:80:
ff:34:5e:d4:c1:93:18:78:42:00:7c:7f:59:ac:58:
ba:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:E0:2F:41:24:3D:BD:47:30:00:32:21:62:86:6F:44:B8:E1:F8:A5
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/zeAvQSQ9vUcwADIhYoZvRLjh-KU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
04:f3:dc:c1:70:d7:bd:83:3d:8f:6b:31:d7:e0:1c:e7:8f:ae:
7d:ba:48:97:1e:64:11:03:a1:eb:63:2b:ee:09:75:80:ab:01:
5a:b5:c6:93:0d:ec:6a:d5:15:8c:1e:c5:bb:30:ff:f6:a0:b5:
f0:f9:21:bd:ed:ef:0a:0d:ae:c1:37:34:59:e3:f3:97:c4:9d:
79:ca:d7:db:55:4a:1e:75:e2:be:c5:4f:44:12:1f:0d:de:30:
71:3f:c8:4b:ff:c5:48:74:f6:c8:b4:b4:dc:01:34:5d:63:4d:
6c:d8:84:26:5c:3c:56:2f:d2:29:98:46:96:22:7a:7b:f7:9d:
b1:d4:1e:cf:1c:96:43:d0:34:eb:f0:b5:04:d5:eb:7d:bf:ad:
97:2a:aa:d8:b0:ed:f8:71:a0:8b:30:c2:ca:70:47:83:5a:27:
39:30:64:27:f9:62:b6:dc:eb:5b:f1:94:75:21:cc:a5:7a:2e:
80:b4:96:63:59:ce:b9:6a:cf:81:e6:b3:71:89:30:ff:6a:f2:
15:97:51:15:ff:29:0b:83:c9:cd:65:b3:0f:f4:a5:0f:65:40:
ec:b6:09:2c:e8:f5:80:aa:4f:ff:56:af:a2:a9:14:bf:80:30:
df:8f:40:37:51:88:96:ec:0e:68:c7:50:9f:37:67:98:0e:f7:
48:64:1d:6f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtJYogmZWfYgeU3AA5hxcwpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE5MTkyMTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGUwMmY0MTI0M2RiZDQ3MzAwMDMyMjE2Mjg2NmY0NGI4ZTFmOGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApht1ItC8o//r4XBIlmwjltl7LUve
noxVRqaD0jwfSVen6JI3jH0qBInHRYD4Ezcl5Zanf8AGDNEKhtbQA26e1ERcld58
HLn5FAtpdZuwwwWpwFVQ1tGQB6/jB06HiGEG0IoHvIkjay4OXf9Mxyr6l5OXmL9W
STq/D+xaxPVmNKk0IIDZ0u+RXZHudIzU6yeGmeWO6VvIsxxjv/IBbo2aaRZOuju6
6iwNvYlIVXFrAhFGzLr3h8/lwlTa0Mvo58DrkE8E38csJHnd30fdMVWCgcigUtC/
wcPhUsftnbAeidrWPDHtbsuoBZ6IQ3LIJ4D/NF7UwZMYeEIAfH9ZrFi6LQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM3gL0EkPb1HMAAyIWKGb0S44filMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvemVBdlFTUTl2VWN3QURJaFlvWnZSTGpoLUtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAATz3MFw172DPY9rMdfg
HOePrn26SJceZBEDoetjK+4JdYCrAVq1xpMN7GrVFYwexbsw//agtfD5Ib3t7woN
rsE3NFnj85fEnXnK19tVSh514r7FT0QSHw3eMHE/yEv/xUh09si0tNwBNF1jTWzY
hCZcPFYv0imYRpYienv3nbHUHs8clkPQNOvwtQTV632/rZcqqtiw7fhxoIswwspw
R4NaJzkwZCf5Yrbc61vxlHUhzKV6LoC0lmNZzrlqz4Hms3GJMP9q8hWXURX/KQuD
yc1lsw/0pQ9lQOy2CSzo9YCqT/9Wr6KpFL+AMN+PQDdRiJbsDmjHUJ83Z5gO90hk
HW8=
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:21:33 2025 by rpki-client