Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Z2o2LDINjLuOKrZjwBo2gZLb8Ww.roa
File: Z2o2LDINjLuOKrZjwBo2gZLb8Ww.roa (raw, json)
Hash identifier: uHR+E8JaVGoKc2pPXB5HtI3npIA40v2u4c2JY4zpXrM=
Subject key identifier: 67:6A:36:2C:32:0D:8C:BB:8E:2A:B6:63:C0:1A:36:81:92:DB:F1:6C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C182D271360391EC78555E615FE49C0BC
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Z2o2LDINjLuOKrZjwBo2gZLb8Ww.roa
Signing time: Tue 28 Nov 2023 23:04:21 +0000
ROA not before: Tue 28 Nov 2023 23:04:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64:ffff:0:18c:182c:ff90/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:18:2d:27:13:60:39:1e:c7:85:55:e6:15:fe:49:c0:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 28 23:04:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=676a362c320d8cbb8e2ab663c01a368192dbf16c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:52:28:13:23:59:f1:c5:01:32:47:b4:35:77:
9e:ab:98:ac:47:2d:39:6e:d5:8d:8c:b0:22:7f:68:
1f:de:60:ce:67:e9:27:a3:32:91:35:7d:a6:a7:2c:
b8:a3:9a:f6:90:3f:ba:03:cd:59:75:9e:3f:77:be:
13:be:29:6b:49:cb:54:77:7d:9c:09:46:b0:48:ec:
78:ae:41:17:0e:2d:a0:46:4d:2f:07:ec:28:36:bb:
87:30:6c:9a:52:02:b6:1c:aa:43:35:db:eb:cf:a2:
28:63:4f:16:e9:e2:a7:3b:8b:55:c1:e5:0b:b6:a8:
37:e0:f0:15:a4:e6:90:4c:aa:bb:79:dc:d0:8e:af:
cc:0a:09:e0:75:a3:6e:06:82:22:21:48:b9:af:11:
87:29:00:f8:6f:17:c4:7a:bf:5b:30:3c:bb:13:00:
a1:34:0d:52:86:d6:b5:08:96:7a:bf:4f:09:99:6d:
2b:6b:55:e8:05:54:e0:07:97:a3:d9:8d:ea:5f:a0:
a5:e6:c3:21:4e:aa:e4:3a:38:c5:2b:39:46:51:eb:
71:c0:b0:36:3e:2d:cf:f8:a9:d3:73:b6:1a:8b:6e:
f2:48:59:a9:bd:42:3a:1a:60:3e:b1:78:d1:ec:e0:
15:ce:14:5a:4d:fd:3c:f2:65:38:24:b3:0e:19:71:
40:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:6A:36:2C:32:0D:8C:BB:8E:2A:B6:63:C0:1A:36:81:92:DB:F1:6C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Z2o2LDINjLuOKrZjwBo2gZLb8Ww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
d4:cf:f2:ad:69:05:a7:0d:55:d9:1d:2e:f4:d6:66:2f:98:81:
86:68:41:1e:fc:ec:13:04:1c:7e:13:12:be:ee:d2:3e:1c:00:
1b:ff:60:f0:2f:07:32:ef:d8:96:5a:48:1c:2c:08:38:a4:bd:
27:97:73:b0:f8:51:0d:8c:10:b3:e7:bc:5a:4c:45:d0:6d:8e:
6a:66:df:28:87:5d:43:bd:ce:3f:76:5f:47:4e:db:9d:a7:2d:
39:9c:c7:25:ee:c7:0a:34:bb:46:01:68:29:b6:fe:11:50:9b:
07:e0:98:9f:04:43:67:1c:b6:3c:e3:66:35:47:8d:06:c9:a9:
82:ed:ad:ef:24:55:66:8a:23:33:a9:67:bf:75:99:71:69:f3:
df:fd:d0:8c:58:17:f9:54:f0:b2:54:61:77:2b:10:4c:4d:1d:
85:4d:8d:17:94:7e:ba:d3:f7:15:9d:66:19:d1:4f:9c:ed:9a:
62:c9:01:0f:37:14:ed:56:07:42:24:a9:2c:e4:2f:bb:86:02:
1a:67:cc:19:da:53:58:55:eb:d4:93:55:4d:38:aa:8f:9a:2b:
83:11:c8:b7:10:11:31:ec:cd:ac:37:80:f1:82:90:fd:93:70:
83:f0:c2:b2:6c:d6:01:09:b3:a5:78:b2:25:db:64:c2:3b:40:
f7:dd:30:39
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwYLScTYDkex4VV5hX+ScC8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI4MjMwNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzZhMzYyYzMyMGQ4Y2JiOGUyYWI2NjNjMDFhMzY4MTkyZGJmMTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxlIoEyNZ8cUBMke0NXeeq5isRy05
btWNjLAif2gf3mDOZ+knozKRNX2mpyy4o5r2kD+6A81ZdZ4/d74TvilrSctUd32c
CUawSOx4rkEXDi2gRk0vB+woNruHMGyaUgK2HKpDNdvrz6IoY08W6eKnO4tVweUL
tqg34PAVpOaQTKq7edzQjq/MCgngdaNuBoIiIUi5rxGHKQD4bxfEer9bMDy7EwCh
NA1Shta1CJZ6v08JmW0ra1XoBVTgB5ej2Y3qX6Cl5sMhTqrkOjjFKzlGUetxwLA2
Pi3P+KnTc7Yai27ySFmpvUI6GmA+sXjR7OAVzhRaTf088mU4JLMOGXFAuQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGdqNiwyDYy7jiq2Y8AaNoGS2/FsMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWjJvMkxESU5qTHVPS3JaandCbzJnWkxiOFd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBANTP8q1pBacNVdkdLvTW
Zi+YgYZoQR787BMEHH4TEr7u0j4cABv/YPAvBzLv2JZaSBwsCDikvSeXc7D4UQ2M
ELPnvFpMRdBtjmpm3yiHXUO9zj92X0dO252nLTmcxyXuxwo0u0YBaCm2/hFQmwfg
mJ8EQ2cctjzjZjVHjQbJqYLtre8kVWaKIzOpZ791mXFp89/90IxYF/lU8LJUYXcr
EExNHYVNjReUfrrT9xWdZhnRT5ztmmLJAQ83FO1WB0IkqSzkL7uGAhpnzBnaU1hV
69STVU04qo+aK4MRyLcQETHszaw3gPGCkP2TcIPwwrJs1gEJs6V4siXbZMI7QPfd
MDk=
-----END CERTIFICATE-----
Generated at Sat May 10 11:30:15 2025 by rpki-client