Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2zj7tmwz5g3GTLal1znrJHF1gXw.roa
File: 2zj7tmwz5g3GTLal1znrJHF1gXw.roa (raw, json)
Hash identifier: +AGJLcUTmMDdp+0zOxH9Il2yI7cCMIsrx+IzbUl2Cw4=
Subject key identifier: DB:38:FB:B6:6C:33:E6:0D:C6:4C:B6:A5:D7:39:EB:24:71:75:81:7C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BFBDA2DE24FDE33AAAC457B9257C904EE
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2zj7tmwz5g3GTLal1znrJHF1gXw.roa
Signing time: Thu 23 Nov 2023 11:04:21 +0000
ROA not before: Thu 23 Nov 2023 11:04:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18b:fbda:3ab/128 maxlen: 128
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fb:da:2d:e2:4f:de:33:aa:ac:45:7b:92:57:c9:04:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 23 11:04:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db38fbb66c33e60dc64cb6a5d739eb247175817c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f2:4e:f1:78:6a:a7:09:61:da:45:4f:2c:af:
94:a8:69:bd:2d:23:33:b7:b9:e1:ef:f8:fb:06:4c:
fa:e7:8e:7a:0d:46:ab:92:32:68:39:4c:c2:26:14:
a3:17:eb:35:2d:39:a6:52:c4:87:1b:64:5c:72:51:
c2:f7:1f:ea:52:49:da:18:02:ae:82:90:a8:14:e6:
4e:50:8f:ee:03:e2:f7:c9:3b:1f:89:cd:7a:41:03:
2c:76:0f:52:2d:ae:75:ab:9e:0b:be:ca:e7:fb:be:
6e:2f:4a:d0:58:f5:78:5f:5c:ce:5c:d2:00:b8:84:
1e:e8:75:72:ee:98:e9:b6:26:76:fd:b3:8f:33:f0:
c0:dd:b6:c1:08:cd:37:59:5e:ff:52:a0:53:dc:83:
01:bf:47:3d:79:8f:ba:99:65:ec:c1:72:c0:b8:d6:
2f:95:09:03:f0:aa:25:95:3d:27:9a:ed:e8:4c:c1:
28:42:a2:88:8e:7d:75:45:1f:9b:46:67:d4:32:0a:
04:82:09:b7:e6:38:9c:ff:4c:43:e1:35:34:c9:2f:
19:ef:2e:99:e0:34:64:db:d4:1d:ab:35:cc:c5:2d:
5a:3a:1e:e9:35:e8:bb:3e:e0:99:27:72:96:2c:1b:
b9:fa:fa:a6:eb:96:f2:be:61:a5:6f:8f:f2:b5:05:
42:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:38:FB:B6:6C:33:E6:0D:C6:4C:B6:A5:D7:39:EB:24:71:75:81:7C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2zj7tmwz5g3GTLal1znrJHF1gXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ba:f6:79:b1:77:a0:b2:c8:06:e8:67:bf:9b:c9:31:81:64:41:
cf:83:f8:c7:5c:d2:43:19:b4:46:70:b7:5a:92:09:58:fa:c7:
c3:12:b9:1f:e9:4a:d6:bf:37:d0:4c:56:51:ea:95:d0:50:b7:
50:86:db:95:7a:19:c1:c0:8a:ac:5e:74:59:54:3a:db:2a:98:
5a:a0:ac:3b:eb:68:eb:b5:4e:cf:9a:22:82:c7:05:3d:40:a3:
83:16:61:2d:3b:1e:1b:5b:4c:96:94:8c:22:19:62:08:ca:7c:
c8:7e:de:2a:17:6e:50:a7:3c:67:d4:fd:90:26:93:96:65:b4:
30:f4:e4:13:9b:10:27:35:9f:99:fa:d2:8c:d4:a3:4e:7e:ca:
8a:51:18:1f:47:d6:f6:29:93:6e:f5:9c:a2:17:2e:65:d7:e8:
a2:a4:96:91:88:c5:a7:db:44:f0:00:ba:c8:a5:75:cd:65:82:
36:42:ff:b3:29:61:5d:4f:d7:ab:ca:d1:f9:f8:c0:30:07:16:
ad:a4:c0:9b:67:58:b5:aa:37:85:e8:ec:7b:a0:52:db:a5:a7:
40:d0:5e:26:2a:65:f6:80:4b:09:bb:81:9c:bd:eb:e8:4a:be:
73:a0:43:0b:52:9a:25:82:c7:3d:1d:4d:24:65:32:0d:6d:4a:
54:0a:88:7d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYv72i3iT94zqqxFe5JXyQTuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTIzMTEwNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjM4ZmJiNjZjMzNlNjBkYzY0Y2I2YTVkNzM5ZWIyNDcxNzU4MTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfJO8Xhqpwlh2kVPLK+UqGm9LSMz
t7nh7/j7Bkz65456DUarkjJoOUzCJhSjF+s1LTmmUsSHG2RcclHC9x/qUknaGAKu
gpCoFOZOUI/uA+L3yTsfic16QQMsdg9SLa51q54Lvsrn+75uL0rQWPV4X1zOXNIA
uIQe6HVy7pjptiZ2/bOPM/DA3bbBCM03WV7/UqBT3IMBv0c9eY+6mWXswXLAuNYv
lQkD8KollT0nmu3oTMEoQqKIjn11RR+bRmfUMgoEggm35jic/0xD4TU0yS8Z7y6Z
4DRk29QdqzXMxS1aOh7pNei7PuCZJ3KWLBu5+vqm65byvmGlb4/ytQVCgQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNs4+7ZsM+YNxky2pdc56yRxdYF8MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMnpqN3Rtd3o1ZzNHVExhbDF6bnJKSEYxZ1h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALr2ebF3oLLIBuhnv5vJ
MYFkQc+D+Mdc0kMZtEZwt1qSCVj6x8MSuR/pSta/N9BMVlHqldBQt1CG25V6GcHA
iqxedFlUOtsqmFqgrDvraOu1Ts+aIoLHBT1Ao4MWYS07HhtbTJaUjCIZYgjKfMh+
3ioXblCnPGfU/ZAmk5ZltDD05BObECc1n5n60ozUo05+yopRGB9H1vYpk271nKIX
LmXX6KKklpGIxafbRPAAusildc1lgjZC/7MpYV1P16vK0fn4wDAHFq2kwJtnWLWq
N4Xo7HugUtulp0DQXiYqZfaASwm7gZy96+hKvnOgQwtSmiWCxz0dTSRlMg1tSlQK
iH0=
-----END CERTIFICATE-----
Generated at Wed May 14 07:08:11 2025 by rpki-client