Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ZJuM07A_aAMktw5m-sXuanIPiDk.roa
File: ZJuM07A_aAMktw5m-sXuanIPiDk.roa (raw, json)
Hash identifier: uivNOuCagiDFAOPCCFS5BtpAp2lOuY69bV+r6op3HXY=
Subject key identifier: 64:9B:8C:D3:B0:3F:68:03:24:B7:0E:66:FA:C5:EE:6A:72:0F:88:39
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AAE6E2B530B6FAD0E9806654E57344CEB
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ZJuM07A_aAMktw5m-sXuanIPiDk.roa
Signing time: Tue 19 Sep 2023 17:12:50 +0000
ROA not before: Tue 19 Sep 2023 17:12:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ae:6e:2b:53:0b:6f:ad:0e:98:06:65:4e:57:34:4c:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 19 17:12:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=649b8cd3b03f680324b70e66fac5ee6a720f8839
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ab:69:7b:bc:c1:c4:a0:18:13:78:dd:a9:98:
bf:43:a3:b0:af:b2:37:00:e2:be:59:23:71:f2:e1:
e0:70:8b:b8:83:ca:29:a6:c6:a4:ab:32:0f:01:72:
ca:c9:ba:89:a9:1c:c1:78:29:4e:24:0b:3b:0d:38:
be:37:9d:da:7b:fb:c0:fd:c4:e5:38:de:fd:2b:03:
72:35:17:2c:f2:7e:18:30:ff:88:08:17:b9:9c:a8:
33:6a:52:4f:a4:bc:5a:7b:7d:dc:03:94:2b:d4:8f:
8c:ab:5e:49:db:84:5d:44:53:fd:b0:a4:32:17:33:
5a:9f:83:8e:b4:3d:10:17:58:c3:69:6e:d9:8f:40:
2e:ee:0f:40:b9:d2:97:83:25:3f:5e:f1:4a:86:96:
72:7a:fe:6f:d1:89:19:99:7a:7b:62:92:47:09:88:
79:f2:c8:40:29:d2:cd:4c:62:57:e9:68:04:9d:3e:
97:dd:0c:06:fd:73:bb:d4:46:61:66:1b:4b:40:ea:
2c:20:c6:0a:bc:ca:dd:44:66:10:b7:85:7f:e3:d0:
82:79:66:b6:78:4d:ea:0c:2b:83:8c:4a:c5:76:60:
37:3e:38:2c:eb:61:38:09:47:fc:a9:8d:52:63:be:
6c:73:b7:02:f0:d7:6a:2e:1b:8c:ce:71:bd:e5:66:
95:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:9B:8C:D3:B0:3F:68:03:24:B7:0E:66:FA:C5:EE:6A:72:0F:88:39
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ZJuM07A_aAMktw5m-sXuanIPiDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c4:17:5d:7e:2e:a1:5b:8a:a1:97:5e:e4:21:fe:9e:b8:37:1f:
40:9e:a5:be:1a:0c:2d:91:be:70:60:b1:a7:8f:a4:09:de:ca:
21:f4:f6:dc:d3:da:62:0e:f5:ad:98:51:f1:7c:4a:f1:e6:b1:
e0:3d:cf:72:20:df:7b:a7:00:cd:2a:2f:4a:ac:3e:2c:1c:20:
01:16:d9:73:69:64:70:da:72:9d:ce:a2:18:9c:d9:2a:f1:ab:
d2:3c:63:d1:05:0c:7c:1e:d2:14:d9:7b:fe:fe:c7:3a:68:26:
5e:ef:c6:1f:16:b4:70:f5:ea:da:d9:21:f8:ff:00:15:89:89:
46:76:af:b3:bd:cd:f4:94:d9:17:b1:14:8d:ec:28:6a:29:24:
4b:c9:81:a6:2f:b1:2d:ad:f9:a1:29:e8:71:6d:6e:d7:5d:69:
6b:4b:56:3b:d6:5e:3a:65:3f:08:bf:d2:3f:b2:0a:8f:87:df:
c8:a0:1d:0b:59:f0:9d:25:55:1d:97:2c:29:e3:a2:d0:68:a1:
d1:a1:bf:c7:b2:7a:2c:b4:59:c8:9e:45:3d:1c:d9:cb:08:93:
c2:d2:51:a2:9f:8e:28:cb:9d:1a:13:21:6c:99:05:08:69:32:
76:df:fc:0b:a2:ab:73:9f:24:6d:5c:57:8e:a8:11:fa:93:8f:
d1:82:18:fd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqubitTC2+tDpgGZU5XNEzrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTE5MTcxMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDliOGNkM2IwM2Y2ODAzMjRiNzBlNjZmYWM1ZWU2YTcyMGY4ODM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqtpe7zBxKAYE3jdqZi/Q6Owr7I3
AOK+WSNx8uHgcIu4g8oppsakqzIPAXLKybqJqRzBeClOJAs7DTi+N53ae/vA/cTl
ON79KwNyNRcs8n4YMP+ICBe5nKgzalJPpLxae33cA5Qr1I+Mq15J24RdRFP9sKQy
FzNan4OOtD0QF1jDaW7Zj0Au7g9AudKXgyU/XvFKhpZyev5v0YkZmXp7YpJHCYh5
8shAKdLNTGJX6WgEnT6X3QwG/XO71EZhZhtLQOosIMYKvMrdRGYQt4V/49CCeWa2
eE3qDCuDjErFdmA3Pjgs62E4CUf8qY1SY75sc7cC8NdqLhuMznG95WaVnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGSbjNOwP2gDJLcOZvrF7mpyD4g5MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWkp1TTA3QV9hQU1rdHc1bS1zWHVhbklQaURrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMQXXX4uoVuKoZde5CH+
nrg3H0Cepb4aDC2RvnBgsaePpAneyiH09tzT2mIO9a2YUfF8SvHmseA9z3Ig33un
AM0qL0qsPiwcIAEW2XNpZHDacp3Oohic2Srxq9I8Y9EFDHwe0hTZe/7+xzpoJl7v
xh8WtHD16trZIfj/ABWJiUZ2r7O9zfSU2RexFI3sKGopJEvJgaYvsS2t+aEp6HFt
btddaWtLVjvWXjplPwi/0j+yCo+H38igHQtZ8J0lVR2XLCnjotBoodGhv8eyeiy0
WcieRT0c2csIk8LSUaKfjijLnRoTIWyZBQhpMnbf/Auiq3OfJG1cV46oEfqTj9GC
GP0=
-----END CERTIFICATE-----
Generated at Sat May 10 13:36:56 2025 by rpki-client