Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/zrjaXMmEdHynNgeeBTSMeBkPu4M.roa
File: zrjaXMmEdHynNgeeBTSMeBkPu4M.roa (raw, json)
Hash identifier: j7Nx6NXHV5mj0gCOQ3/iZ0N1McKKZv8UGBLS4dnQtFA=
Subject key identifier: CE:B8:DA:5C:C9:84:74:7C:A7:36:07:9E:05:34:8C:78:19:0F:BB:83
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B6F535C75759151B987FDBB9D921B28AD
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/zrjaXMmEdHynNgeeBTSMeBkPu4M.roa
Signing time: Fri 27 Oct 2023 04:10:15 +0000
ROA not before: Fri 27 Oct 2023 04:10:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6f:53:5c:75:75:91:51:b9:87:fd:bb:9d:92:1b:28:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 27 04:10:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ceb8da5cc984747ca736079e05348c78190fbb83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:c5:cf:80:42:0c:50:26:66:b5:c7:5d:93:03:
01:83:20:38:fe:af:68:21:90:d5:4a:b7:1d:f6:12:
fd:5c:44:aa:ae:96:8c:78:bb:05:e7:76:e2:b1:81:
26:37:6e:0c:b2:07:d8:4d:a6:d8:12:54:3d:32:c1:
f9:ea:34:79:8b:81:b0:ce:0a:05:6d:dc:34:42:61:
14:da:10:c1:5a:7e:53:74:67:10:ca:87:05:df:79:
4c:e9:0e:51:69:3d:f5:53:85:30:04:de:0e:19:64:
11:a0:55:96:b5:f2:61:e7:1c:35:97:bb:08:54:b0:
af:cd:9a:7b:ef:a6:96:84:bc:46:8f:1a:56:9f:27:
f0:54:03:e7:f0:1c:33:80:84:28:6d:e6:57:ee:7d:
c0:c7:25:4c:17:f5:15:b8:62:41:f0:ed:c2:17:54:
ad:b3:3c:74:28:05:2f:f3:05:f2:89:5b:14:32:92:
d9:c2:33:6c:fb:44:08:5a:2b:31:26:8c:e0:92:78:
a0:1a:c3:0c:28:07:ea:6d:43:bb:2d:b5:4d:c8:e7:
90:68:66:d0:d1:b3:da:db:e0:75:85:1c:a1:32:e7:
ba:8b:6b:d8:01:1f:24:3b:ea:ba:0f:bb:42:3a:b0:
9a:bf:ff:21:d5:a7:61:d8:30:ce:01:63:b1:fe:55:
43:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:B8:DA:5C:C9:84:74:7C:A7:36:07:9E:05:34:8C:78:19:0F:BB:83
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/zrjaXMmEdHynNgeeBTSMeBkPu4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2d:c5:d5:94:ce:cd:9d:3d:fd:3a:13:b0:88:c4:f6:10:c4:64:
ee:8d:6d:41:cb:f2:c8:2d:f3:58:3b:eb:1e:5e:05:73:e1:db:
51:ba:22:43:0d:ee:f8:f0:19:94:4a:e2:a8:e0:80:80:61:19:
d1:06:f3:83:32:06:64:a2:f6:d4:91:b0:83:8e:92:62:f3:c7:
98:5e:7a:b2:24:4f:79:0b:76:96:9a:4e:77:bd:7b:4d:df:79:
0f:67:a1:6a:08:41:c7:0c:60:8d:85:07:00:13:9d:82:14:a8:
02:e7:73:79:77:f2:a2:92:84:67:79:9a:46:c8:16:9f:fc:fc:
eb:82:08:8a:80:fc:c4:24:77:44:aa:be:3e:23:8a:74:3b:05:
5e:c4:7b:aa:82:05:65:90:36:b4:b2:9a:ce:9f:95:33:a5:d2:
da:f5:87:7c:af:a0:83:22:e6:12:87:f6:fb:fe:41:94:07:a2:
bc:37:85:6a:6a:99:59:94:44:4d:ff:68:c9:f5:a3:10:d4:59:
b9:71:f4:68:e7:55:43:8a:ed:ca:d3:40:c8:38:78:2e:f5:b1:
3a:2d:10:ca:3f:f0:1d:4f:d3:3a:a3:11:75:15:a4:1b:08:42:
eb:00:50:7f:ec:16:ed:07:b0:99:d1:ae:48:34:96:93:d0:5d:
5d:e8:2e:69
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtvU1x1dZFRuYf9u52SGyitMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI3MDQxMDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWI4ZGE1Y2M5ODQ3NDdjYTczNjA3OWUwNTM0OGM3ODE5MGZiYjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMXPgEIMUCZmtcddkwMBgyA4/q9o
IZDVSrcd9hL9XESqrpaMeLsF53bisYEmN24MsgfYTabYElQ9MsH56jR5i4GwzgoF
bdw0QmEU2hDBWn5TdGcQyocF33lM6Q5RaT31U4UwBN4OGWQRoFWWtfJh5xw1l7sI
VLCvzZp776aWhLxGjxpWnyfwVAPn8BwzgIQobeZX7n3AxyVMF/UVuGJB8O3CF1St
szx0KAUv8wXyiVsUMpLZwjNs+0QIWisxJozgknigGsMMKAfqbUO7LbVNyOeQaGbQ
0bPa2+B1hRyhMue6i2vYAR8kO+q6D7tCOrCav/8h1adh2DDOAWOx/lVD0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM642lzJhHR8pzYHngU0jHgZD7uDMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvenJqYVhNbUVkSHluTmdlZUJUU01lQmtQdTRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC3F1ZTOzZ09/ToTsIjE
9hDEZO6NbUHL8sgt81g76x5eBXPh21G6IkMN7vjwGZRK4qjggIBhGdEG84MyBmSi
9tSRsIOOkmLzx5heerIkT3kLdpaaTne9e03feQ9noWoIQccMYI2FBwATnYIUqALn
c3l38qKShGd5mkbIFp/8/OuCCIqA/MQkd0Sqvj4jinQ7BV7Ee6qCBWWQNrSyms6f
lTOl0tr1h3yvoIMi5hKH9vv+QZQHorw3hWpqmVmURE3/aMn1oxDUWblx9GjnVUOK
7crTQMg4eC71sTotEMo/8B1P0zqjEXUVpBsIQusAUH/sFu0HsJnRrkg0lpPQXV3o
Lmk=
-----END CERTIFICATE-----
Generated at Sun Apr 20 05:11:05 2025 by rpki-client