Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ZPOROrgafVgVhHuzxyZAEH9Ousw.roa
File: ZPOROrgafVgVhHuzxyZAEH9Ousw.roa (raw, json)
Hash identifier: 1TowwNO7UG9CE+P84pG73CU42uQA1pp4beyeLMtW9Yg=
Subject key identifier: 64:F3:91:3A:B8:1A:7D:58:15:84:7B:B3:C7:26:40:10:7F:4E:BA:CC
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B15E0CBDF1502DCC484454900612F7B7F
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ZPOROrgafVgVhHuzxyZAEH9Ousw.roa
Signing time: Mon 09 Oct 2023 19:18:55 +0000
ROA not before: Mon 09 Oct 2023 19:18:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:15:e0:cb:df:15:02:dc:c4:84:45:49:00:61:2f:7b:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 9 19:18:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64f3913ab81a7d5815847bb3c72640107f4ebacc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:bb:cb:3b:ce:70:27:54:e9:58:64:bd:de:69:
df:c3:ab:f9:5f:d8:7e:0b:da:e7:a5:93:f3:0d:31:
c1:bc:30:1e:f5:22:91:7c:19:8c:85:e4:28:8d:cc:
a7:89:0d:76:6a:a2:ce:a8:18:4f:d3:39:ec:bb:a6:
9f:2a:82:52:0c:56:03:55:e8:e7:ce:60:28:2f:15:
ad:12:87:c1:f7:55:a9:1a:fd:22:f3:ed:c6:12:a2:
73:72:f5:c3:b7:c5:dc:35:34:83:90:8f:60:2c:1f:
6b:a1:85:5e:75:5f:cb:bf:d7:55:0d:13:91:36:5a:
d3:23:5c:16:24:81:a6:43:48:08:bc:5b:a7:b9:91:
61:a7:72:58:38:48:b0:05:b9:c4:c5:8c:92:0b:b3:
d9:46:18:99:10:97:83:ee:c8:58:74:8d:fb:fb:84:
51:70:f7:2f:11:7b:9e:4e:d9:21:53:a0:d3:00:57:
19:a8:b3:38:ce:e4:61:62:0b:89:f1:72:f6:43:2b:
a0:99:54:be:d2:9a:22:7e:05:e3:1b:bc:2f:1d:11:
c0:35:f6:ac:7c:49:f2:6b:86:8d:32:76:d7:ff:a0:
ac:3d:d4:91:f5:3a:2b:83:f0:cb:b4:86:a6:d5:e0:
f6:cf:5f:39:bc:12:13:d0:f9:f6:8c:b4:7f:f3:68:
70:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:F3:91:3A:B8:1A:7D:58:15:84:7B:B3:C7:26:40:10:7F:4E:BA:CC
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ZPOROrgafVgVhHuzxyZAEH9Ousw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1d:ca:25:a6:50:29:f3:54:3d:40:e7:fe:06:d3:83:9c:33:76:
0d:03:cf:a7:c9:08:8e:39:aa:32:49:2e:05:11:6e:98:7f:6c:
67:aa:48:37:98:7e:69:0d:31:b4:50:c8:58:37:42:a9:ed:61:
40:b8:e9:10:50:7a:9d:a1:bf:d0:39:f5:15:f3:ea:ae:2c:40:
b8:25:7b:97:7e:18:63:7e:49:93:3d:5c:15:ec:3c:da:40:74:
e2:d9:81:8a:31:18:cd:38:f1:0e:5b:46:ae:2a:93:f4:f1:12:
f7:93:fc:b6:1c:17:e9:ac:69:34:58:8f:3a:4f:8f:3b:11:fe:
0c:93:79:a6:31:06:b1:6b:c5:ab:0a:0d:24:09:ba:db:31:06:
6e:54:a9:e6:5d:95:4e:e0:c8:70:50:cd:a8:68:4f:fb:fc:88:
b7:90:c2:4e:e5:86:9c:fc:d8:7e:cd:4c:a4:be:41:96:b0:f9:
81:d8:9c:01:48:36:1d:65:ea:3d:f5:7b:21:95:9f:76:d0:78:
0f:96:17:fd:34:16:84:cc:e6:d0:51:8f:58:5b:11:03:21:69:
0c:a2:19:ed:58:9b:0c:2c:b8:cf:ec:79:88:f2:53:12:48:97:
20:76:94:1a:14:7d:74:8f:ef:a4:b1:2f:ac:24:81:fa:2b:49:
ed:0f:6d:47
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsV4MvfFQLcxIRFSQBhL3t/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA5MTkxODU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGYzOTEzYWI4MWE3ZDU4MTU4NDdiYjNjNzI2NDAxMDdmNGViYWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7vLO85wJ1TpWGS93mnfw6v5X9h+
C9rnpZPzDTHBvDAe9SKRfBmMheQojcyniQ12aqLOqBhP0znsu6afKoJSDFYDVejn
zmAoLxWtEofB91WpGv0i8+3GEqJzcvXDt8XcNTSDkI9gLB9roYVedV/Lv9dVDROR
NlrTI1wWJIGmQ0gIvFunuZFhp3JYOEiwBbnExYySC7PZRhiZEJeD7shYdI37+4RR
cPcvEXueTtkhU6DTAFcZqLM4zuRhYguJ8XL2QyugmVS+0poifgXjG7wvHRHANfas
fEnya4aNMnbX/6CsPdSR9Torg/DLtIam1eD2z185vBIT0Pn2jLR/82hwKwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGTzkTq4Gn1YFYR7s8cmQBB/TrrMMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWlBPUk9yZ2FmVmdWaEh1enh5WkFFSDlPdXN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB3KJaZQKfNUPUDn/gbT
g5wzdg0Dz6fJCI45qjJJLgURbph/bGeqSDeYfmkNMbRQyFg3QqntYUC46RBQep2h
v9A59RXz6q4sQLgle5d+GGN+SZM9XBXsPNpAdOLZgYoxGM048Q5bRq4qk/TxEveT
/LYcF+msaTRYjzpPjzsR/gyTeaYxBrFrxasKDSQJutsxBm5UqeZdlU7gyHBQzaho
T/v8iLeQwk7lhpz82H7NTKS+QZaw+YHYnAFINh1l6j31eyGVn3bQeA+WF/00FoTM
5tBRj1hbEQMhaQyiGe1YmwwsuM/seYjyUxJIlyB2lBoUfXSP76SxL6wkgforSe0P
bUc=
-----END CERTIFICATE-----
Generated at Mon May 12 19:54:24 2025 by rpki-client