Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ZU0gawOi70mYeckEesycGHLUAKs.roa
File: ZU0gawOi70mYeckEesycGHLUAKs.roa (raw, json)
Hash identifier: sCLPTHQ2YLpOVUVwio0Z+JvwZG09g6o2nut3h8boxQQ=
Subject key identifier: 65:4D:20:6B:03:A2:EF:49:98:79:C9:04:7A:CC:9C:18:72:D4:00:AB
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ABF2350F06653579BEF61FBE756884956
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ZU0gawOi70mYeckEesycGHLUAKs.roa
Signing time: Fri 22 Sep 2023 23:04:37 +0000
ROA not before: Fri 22 Sep 2023 23:04:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:bf23:2bcf/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bf:23:50:f0:66:53:57:9b:ef:61:fb:e7:56:88:49:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 22 23:04:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=654d206b03a2ef499879c9047acc9c1872d400ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:da:95:fd:bb:f8:0b:1f:f5:2a:9a:2b:b2:ae:
f4:56:ff:9d:39:a8:f9:f6:b5:97:20:32:f8:c7:21:
e9:56:23:1d:63:bb:ee:54:b8:39:6e:f9:d4:cd:e7:
5d:1e:74:e2:f9:df:70:97:cd:7e:4e:fc:23:b6:45:
66:0d:23:09:86:49:06:58:f5:b1:41:3e:04:02:54:
cf:82:aa:8f:b0:13:72:2d:c9:c9:9b:95:51:13:ae:
1a:ae:18:57:87:68:ac:1b:4d:c9:3e:ba:da:53:db:
d6:9c:d0:97:47:58:dc:74:8b:05:3d:f8:2a:26:92:
91:3d:34:45:ab:5f:b4:28:c6:53:f3:1d:a6:d9:11:
74:45:61:d8:49:ab:15:95:18:08:db:d4:90:b3:71:
2b:db:51:b0:23:53:7c:9d:a2:4d:b3:b8:01:50:83:
5b:db:39:dc:f1:42:30:f4:67:9c:39:b0:66:e8:5c:
68:78:8f:26:18:f7:26:09:d6:32:a6:2f:e3:08:17:
bb:0c:94:2f:af:72:5f:fc:f6:17:08:18:e3:54:d5:
5a:38:08:e6:29:eb:03:99:50:b9:30:6c:dc:8e:b6:
66:51:74:a7:6f:fd:58:ee:ea:20:a7:74:52:4b:64:
62:47:75:b2:99:53:1a:cc:04:09:56:7c:e6:26:1f:
6e:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:4D:20:6B:03:A2:EF:49:98:79:C9:04:7A:CC:9C:18:72:D4:00:AB
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ZU0gawOi70mYeckEesycGHLUAKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a2:50:d9:d7:b3:dd:10:73:d5:a5:e1:78:90:ba:ba:cc:a8:06:
9e:c0:93:a1:92:95:35:a7:b0:f2:ae:00:88:c8:65:4e:bc:7a:
28:21:dc:56:eb:62:21:2d:7e:a4:1c:c7:8b:83:10:e9:79:32:
ba:59:f4:27:d2:df:40:88:5f:ee:12:45:b4:17:a5:ec:f5:af:
c2:29:e4:54:51:e5:28:99:a7:dc:d6:95:8c:3b:95:63:f0:b0:
ed:dc:62:34:1a:0e:24:96:cf:78:82:32:55:12:d5:21:82:ed:
77:37:e8:12:9d:79:59:43:1a:5d:46:eb:1d:49:f4:7f:51:0d:
bd:76:33:5c:81:01:99:bf:cb:22:ff:db:fc:a5:88:60:ba:22:
e3:d9:2f:3a:c8:14:42:23:fa:90:19:0c:3a:2c:59:19:2c:ea:
4a:19:29:a7:d5:63:f8:65:0d:0c:ec:b6:25:c9:f0:4e:15:03:
cf:93:6e:76:8d:0e:80:bd:18:db:da:06:93:2a:59:f8:02:ae:
4c:28:8b:f3:96:ca:f4:a8:c6:5a:b4:71:e3:5c:e0:0e:38:3e:
48:19:79:ec:93:e7:7f:b0:ae:62:54:c1:ee:9c:07:06:86:b6:
97:57:03:02:52:34:51:10:1f:f4:88:83:f5:95:5e:72:c3:8a:
f7:f5:bd:09
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYq/I1DwZlNXm+9h++dWiElWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIyMjMwNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTRkMjA2YjAzYTJlZjQ5OTg3OWM5MDQ3YWNjOWMxODcyZDQwMGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNqV/bv4Cx/1Kporsq70Vv+dOaj5
9rWXIDL4xyHpViMdY7vuVLg5bvnUzeddHnTi+d9wl81+TvwjtkVmDSMJhkkGWPWx
QT4EAlTPgqqPsBNyLcnJm5VRE64arhhXh2isG03JPrraU9vWnNCXR1jcdIsFPfgq
JpKRPTRFq1+0KMZT8x2m2RF0RWHYSasVlRgI29SQs3Er21GwI1N8naJNs7gBUINb
2znc8UIw9GecObBm6FxoeI8mGPcmCdYypi/jCBe7DJQvr3Jf/PYXCBjjVNVaOAjm
KesDmVC5MGzcjrZmUXSnb/1Y7uogp3RSS2RiR3WymVMazAQJVnzmJh9uNwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGVNIGsDou9JmHnJBHrMnBhy1ACrMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWlUwZ2F3T2k3MG1ZZWNrRWVzeWNHSExVQUtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKJQ2dez3RBz1aXheJC6
usyoBp7Ak6GSlTWnsPKuAIjIZU68eigh3FbrYiEtfqQcx4uDEOl5MrpZ9CfS30CI
X+4SRbQXpez1r8Ip5FRR5SiZp9zWlYw7lWPwsO3cYjQaDiSWz3iCMlUS1SGC7Xc3
6BKdeVlDGl1G6x1J9H9RDb12M1yBAZm/yyL/2/yliGC6IuPZLzrIFEIj+pAZDDos
WRks6koZKafVY/hlDQzstiXJ8E4VA8+TbnaNDoC9GNvaBpMqWfgCrkwoi/OWyvSo
xlq0ceNc4A44PkgZeeyT53+wrmJUwe6cBwaGtpdXAwJSNFEQH/SIg/WVXnLDivf1
vQk=
-----END CERTIFICATE-----
Generated at Tue May 13 16:01:16 2025 by rpki-client