Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ZNLcO_83ylFln5vnSqnT2IxnGkE.roa
File: ZNLcO_83ylFln5vnSqnT2IxnGkE.roa (raw, json)
Hash identifier: VIDBQ6UMbRkVRr+JYz484jZkjntDW82PgHGeumlViak=
Subject key identifier: 64:D2:DC:3B:FF:37:CA:51:65:9F:9B:E7:4A:A9:D3:D8:8C:67:1A:41
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B0E51318D0A06E0302F5F703C022C31B6
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ZNLcO_83ylFln5vnSqnT2IxnGkE.roa
Signing time: Sun 08 Oct 2023 08:04:43 +0000
ROA not before: Sun 08 Oct 2023 08:04:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:e50:c8b3/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:0e:51:31:8d:0a:06:e0:30:2f:5f:70:3c:02:2c:31:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 8 08:04:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64d2dc3bff37ca51659f9be74aa9d3d88c671a41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c4:0d:38:c7:13:33:3b:ff:f5:af:83:21:01:
50:e8:12:b3:26:6b:cc:b6:3c:34:ca:62:79:1f:48:
db:70:29:8d:f7:cb:33:b1:28:06:a6:b1:19:eb:64:
2d:e9:43:06:4d:ed:05:c5:ce:85:e1:a2:f9:5b:1a:
85:d1:4a:b0:98:2c:cd:61:dc:9e:81:27:4c:df:36:
4b:74:52:27:6e:de:63:ec:eb:7e:e8:61:57:af:11:
30:31:a5:78:30:e6:21:16:ab:24:1e:20:4c:47:cc:
2d:bd:bc:22:e7:50:6c:97:c0:ce:ff:74:3f:2b:b4:
23:2a:af:dc:08:cf:69:3d:ee:98:94:a1:8a:82:bf:
63:af:b4:93:05:0f:74:6b:2b:96:e3:bc:7b:ce:23:
66:a6:b1:a3:f3:3c:41:84:ae:56:6b:1b:b3:ff:ae:
d9:18:21:f9:bc:1d:15:19:43:14:e8:c8:3a:3c:4e:
29:05:9f:6f:2f:c5:73:8e:5d:c5:c3:d6:88:15:f6:
dd:8e:99:02:fd:03:5f:58:69:75:48:ef:fd:46:a5:
0e:81:78:38:36:4a:1f:c0:7f:c9:48:7c:fc:92:2d:
6b:5b:6c:8f:e5:3b:60:66:37:51:1e:19:d0:c3:81:
05:ad:90:3a:a5:3f:49:e8:db:71:73:04:08:64:fa:
c6:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:D2:DC:3B:FF:37:CA:51:65:9F:9B:E7:4A:A9:D3:D8:8C:67:1A:41
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ZNLcO_83ylFln5vnSqnT2IxnGkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c3:86:c4:91:93:3b:b0:aa:de:68:60:55:93:c6:08:0d:d0:a0:
27:32:6a:d2:cb:12:2d:69:51:7b:d0:6e:99:62:00:85:86:47:
e5:50:79:92:57:ce:d6:01:7a:0f:41:46:e7:a5:cf:f3:57:6f:
5c:b0:99:7b:08:4c:63:b2:49:38:36:8d:44:73:a1:9b:92:6c:
e0:ab:f1:2a:46:06:50:74:77:67:c1:6f:18:95:5e:f6:52:8a:
98:b3:8a:fb:d3:88:f7:5f:4f:ea:d9:a3:7f:28:a8:e8:23:10:
3e:ce:4e:63:d4:3c:32:b5:06:f7:81:e2:22:e5:57:9c:20:ff:
42:d2:b5:7c:cc:29:f3:5d:a5:be:b4:15:61:95:f4:f1:e7:fb:
c9:a7:47:d8:85:c3:04:dc:4e:32:8a:62:0d:8b:3d:4f:a0:b2:
c7:4f:93:bc:fa:d2:75:e0:42:25:c3:a9:a0:bb:51:ea:23:d2:
31:c5:57:5d:c1:e4:46:dd:6a:a4:96:87:27:ff:5d:53:09:bc:
b8:d1:f7:d5:6e:8e:99:0e:5e:b5:f5:0c:9f:d3:34:85:03:25:
e6:08:6a:9a:01:96:aa:34:d6:51:37:4f:00:2a:73:bc:46:32:
e9:c3:63:24:a9:d0:69:30:ac:a2:82:fa:dd:65:48:45:c4:f1:
8f:5b:1b:b4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsOUTGNCgbgMC9fcDwCLDG2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA4MDgwNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGQyZGMzYmZmMzdjYTUxNjU5ZjliZTc0YWE5ZDNkODhjNjcxYTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwcQNOMcTMzv/9a+DIQFQ6BKzJmvM
tjw0ymJ5H0jbcCmN98szsSgGprEZ62Qt6UMGTe0Fxc6F4aL5WxqF0UqwmCzNYdye
gSdM3zZLdFInbt5j7Ot+6GFXrxEwMaV4MOYhFqskHiBMR8wtvbwi51Bsl8DO/3Q/
K7QjKq/cCM9pPe6YlKGKgr9jr7STBQ90ayuW47x7ziNmprGj8zxBhK5Waxuz/67Z
GCH5vB0VGUMU6Mg6PE4pBZ9vL8Vzjl3Fw9aIFfbdjpkC/QNfWGl1SO/9RqUOgXg4
NkofwH/JSHz8ki1rW2yP5TtgZjdRHhnQw4EFrZA6pT9J6NtxcwQIZPrGawIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGTS3Dv/N8pRZZ+b50qp09iMZxpBMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWk5MY09fODN5bEZsbjV2blNxblQySXhuR2tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMOGxJGTO7Cq3mhgVZPG
CA3QoCcyatLLEi1pUXvQbpliAIWGR+VQeZJXztYBeg9BRuelz/NXb1ywmXsITGOy
STg2jURzoZuSbOCr8SpGBlB0d2fBbxiVXvZSipizivvTiPdfT+rZo38oqOgjED7O
TmPUPDK1BveB4iLlV5wg/0LStXzMKfNdpb60FWGV9PHn+8mnR9iFwwTcTjKKYg2L
PU+gssdPk7z60nXgQiXDqaC7Ueoj0jHFV13B5EbdaqSWhyf/XVMJvLjR99VujpkO
XrX1DJ/TNIUDJeYIapoBlqo01lE3TwAqc7xGMunDYySp0GkwrKKC+t1lSEXE8Y9b
G7Q=
-----END CERTIFICATE-----
Generated at Fri May 16 14:53:05 2025 by rpki-client