Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/znmdx3cd5SQOlmfX6PonlLtLNdM.roa
File: znmdx3cd5SQOlmfX6PonlLtLNdM.roa (raw, json)
Hash identifier: PnFZMFdXb5aY0IEruG4WIK9vug/3HCa7SCkvtadJnRM=
Subject key identifier: CE:79:9D:C7:77:1D:E5:24:0E:96:67:D7:E8:FA:27:94:BB:4B:35:D3
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ABD732F92C45B5C8E8E52547AF33E9CC1
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/znmdx3cd5SQOlmfX6PonlLtLNdM.roa
Signing time: Fri 22 Sep 2023 15:12:37 +0000
ROA not before: Fri 22 Sep 2023 15:12:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bd:73:2f:92:c4:5b:5c:8e:8e:52:54:7a:f3:3e:9c:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 22 15:12:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce799dc7771de5240e9667d7e8fa2794bb4b35d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:07:14:0f:6e:54:de:ae:f1:77:08:24:74:5b:
ca:d7:6f:61:48:71:8b:3d:5d:12:0a:c8:c1:98:6f:
de:9b:aa:2a:62:ab:0c:49:e7:6a:04:11:1f:2a:ea:
c0:c7:e7:08:78:5d:bf:e0:eb:9e:f7:4f:e7:2a:84:
d5:98:2a:c0:5e:3c:e0:d5:37:93:1d:77:d0:21:c1:
17:1d:20:cd:12:86:8b:f7:d7:81:10:62:f5:53:0a:
bf:f8:fb:be:d6:a8:c6:40:91:1c:d5:72:0b:d6:cb:
f4:0d:3c:25:2a:e5:7f:a6:7a:ff:49:da:03:0a:9c:
8a:cb:77:96:cf:09:d3:56:f4:24:27:ef:2f:b4:4f:
89:db:0b:4f:de:ed:c9:61:58:6e:9f:2b:61:ca:d5:
03:14:0e:32:90:36:8a:dd:22:b4:a9:8d:44:72:fc:
96:62:11:0b:e0:8b:f1:9b:bd:b4:31:f2:6a:25:43:
bd:07:c1:0e:ee:00:6a:8a:21:2d:35:49:2a:79:97:
d6:49:30:a1:28:e5:1c:98:50:8e:58:3c:78:bc:48:
66:4c:2a:ae:4b:ac:ce:3a:db:40:68:a1:be:25:72:
43:39:08:d9:9b:d2:c6:2b:de:a6:5f:bb:8a:3c:50:
f4:5d:c2:50:65:63:3c:e6:07:51:ad:8a:db:21:5b:
38:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:79:9D:C7:77:1D:E5:24:0E:96:67:D7:E8:FA:27:94:BB:4B:35:D3
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/znmdx3cd5SQOlmfX6PonlLtLNdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2e:54:0b:9c:f6:3b:56:30:dd:e8:d5:54:ef:f1:12:d9:45:ab:
55:6b:d9:26:7e:3c:c2:c7:ac:ca:30:b6:31:17:d2:3a:2f:97:
4d:2b:89:a6:e9:38:8c:13:99:90:4f:88:7b:9a:9b:56:43:13:
8e:d7:19:4c:8e:bb:9e:41:0a:76:3d:b7:fd:a9:1d:62:4c:da:
15:9e:6c:3b:c5:5b:1d:c2:d0:ad:56:e1:38:aa:bb:9c:99:58:
a9:4e:1f:2f:69:29:41:86:8c:35:e2:f4:c7:d0:8c:e3:94:a0:
e6:1e:ca:ed:66:5e:e7:48:43:27:77:f4:d2:92:a7:ee:c6:35:
10:9d:aa:70:fa:4c:8b:d3:fc:f3:2a:19:5c:82:5e:cf:61:23:
ad:ba:76:ce:79:6a:01:3f:f7:25:14:8c:99:f2:79:ea:cf:bb:
37:9c:70:5b:de:86:e3:b8:cb:07:e8:58:59:b8:14:52:1f:a1:
75:09:a4:6f:9d:33:16:67:6e:a3:90:1c:c8:ba:0f:da:a7:01:
55:61:ac:fa:80:99:5e:22:6d:0e:e8:0b:52:75:1c:09:d0:8f:
77:eb:67:33:0b:ac:c3:8f:c1:28:8c:02:14:1e:6a:fb:b3:47:
7f:1f:67:dc:60:04:57:5a:a0:55:c1:0b:7d:63:7b:3e:bf:53:
f2:95:2c:8f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYq9cy+SxFtcjo5SVHrzPpzBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIyMTUxMjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTc5OWRjNzc3MWRlNTI0MGU5NjY3ZDdlOGZhMjc5NGJiNGIzNWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQcUD25U3q7xdwgkdFvK129hSHGL
PV0SCsjBmG/em6oqYqsMSedqBBEfKurAx+cIeF2/4Oue90/nKoTVmCrAXjzg1TeT
HXfQIcEXHSDNEoaL99eBEGL1Uwq/+Pu+1qjGQJEc1XIL1sv0DTwlKuV/pnr/SdoD
CpyKy3eWzwnTVvQkJ+8vtE+J2wtP3u3JYVhunythytUDFA4ykDaK3SK0qY1EcvyW
YhEL4Ivxm720MfJqJUO9B8EO7gBqiiEtNUkqeZfWSTChKOUcmFCOWDx4vEhmTCqu
S6zOOttAaKG+JXJDOQjZm9LGK96mX7uKPFD0XcJQZWM85gdRrYrbIVs4YQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM55ncd3HeUkDpZn1+j6J5S7SzXTMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvem5tZHgzY2Q1U1FPbG1mWDZQb25sTHRMTmRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC5UC5z2O1Yw3ejVVO/x
EtlFq1Vr2SZ+PMLHrMowtjEX0jovl00riabpOIwTmZBPiHuam1ZDE47XGUyOu55B
CnY9t/2pHWJM2hWebDvFWx3C0K1W4Tiqu5yZWKlOHy9pKUGGjDXi9MfQjOOUoOYe
yu1mXudIQyd39NKSp+7GNRCdqnD6TIvT/PMqGVyCXs9hI626ds55agE/9yUUjJny
eerPuzeccFvehuO4ywfoWFm4FFIfoXUJpG+dMxZnbqOQHMi6D9qnAVVhrPqAmV4i
bQ7oC1J1HAnQj3frZzMLrMOPwSiMAhQeavuzR38fZ9xgBFdaoFXBC31jez6/U/KV
LI8=
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:40:47 2025 by rpki-client