Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Zaxlc8HEtDaXUIgICv7qBG1y0Ww.roa
File: Zaxlc8HEtDaXUIgICv7qBG1y0Ww.roa (raw, json)
Hash identifier: 23usJVUPwhx5YjwSnaAYGguhPbmNeNjF8yGdiL1JHWE=
Subject key identifier: 65:AC:65:73:C1:C4:B4:36:97:50:88:08:0A:FE:EA:04:6D:72:D1:6C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ABC994A2EB882CABDBEACFD694DF5CDBD
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Zaxlc8HEtDaXUIgICv7qBG1y0Ww.roa
Signing time: Fri 22 Sep 2023 11:14:37 +0000
ROA not before: Fri 22 Sep 2023 11:14:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bc:99:4a:2e:b8:82:ca:bd:be:ac:fd:69:4d:f5:cd:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 22 11:14:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65ac6573c1c4b436975088080afeea046d72d16c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:26:e1:af:32:33:21:5a:14:c3:ac:f9:9c:ec:
02:8f:60:7c:62:f8:7b:5a:b6:5e:74:71:e8:9c:c8:
ef:eb:5f:d2:36:4f:9e:47:bb:5a:90:52:44:af:6d:
84:17:5f:dc:7a:0b:de:4e:1d:1c:fe:6a:57:f7:a7:
41:0f:0c:cd:e6:29:40:b5:b7:68:ce:e6:d9:13:76:
b8:f5:c4:f5:a2:18:97:f5:9d:b0:ca:14:3b:5c:a5:
d5:80:a9:95:a4:91:2f:a2:48:5d:0d:9f:6d:85:28:
d4:73:fa:6f:90:3e:01:05:65:bc:b4:31:d8:b9:9f:
57:6d:36:b8:93:bb:93:44:ae:fb:86:09:37:18:6f:
45:7c:c4:f7:d4:44:5e:e1:a2:a3:e2:cd:01:54:4b:
17:4d:5a:31:4b:cb:8c:2d:dd:c7:2b:f3:ed:db:26:
fc:2e:be:28:7b:77:c2:91:f7:8d:b0:20:dd:55:a9:
5d:df:b9:cf:e0:f1:f3:13:2e:80:da:21:b3:a6:b8:
3d:fd:9e:f8:4d:7f:03:ca:19:13:c9:1b:9c:ec:09:
f6:85:53:5c:e3:68:77:6b:86:95:de:8c:fb:ba:ea:
6f:71:f4:c1:34:d6:18:07:19:5f:89:ca:79:ae:1f:
e0:d4:13:d4:27:48:06:fe:5e:5a:af:e5:54:8b:f7:
4f:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:AC:65:73:C1:C4:B4:36:97:50:88:08:0A:FE:EA:04:6D:72:D1:6C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Zaxlc8HEtDaXUIgICv7qBG1y0Ww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
63:73:90:ee:73:8e:48:48:64:6a:33:7a:b1:76:55:58:eb:82:
d1:18:cc:c0:91:21:7f:2b:e4:4f:0c:de:7f:0d:3c:c4:0e:0b:
47:92:8b:c5:2a:6f:d3:dc:7a:dc:53:05:0c:ec:67:29:df:c0:
a1:5f:59:ff:16:9e:de:c7:72:c1:55:88:2e:5a:11:87:ce:0a:
36:64:7c:a7:f8:02:1e:41:31:70:c0:73:1a:1f:70:b9:f0:d6:
8c:06:97:67:de:19:cd:ee:c1:c9:5d:0a:31:34:07:28:f4:36:
c5:48:bf:24:2a:b3:03:e0:62:22:0a:f3:99:e5:3d:02:8c:da:
82:4f:17:7d:6c:09:ce:89:48:47:2d:bf:0d:12:e8:0c:e0:fe:
70:d8:53:b7:48:6f:93:ac:2e:a6:4a:eb:7e:91:88:41:8d:ca:
cb:56:35:27:cf:bb:4d:dd:a9:77:e4:94:97:ab:96:b5:e1:ee:
e2:25:7d:c0:51:af:fb:58:34:4e:fb:7f:e3:06:7a:76:77:af:
c7:c1:91:7b:d9:87:9a:b2:59:10:42:5d:2b:90:11:30:c2:bc:
26:3f:31:c7:59:9e:c0:bc:bf:00:96:b1:45:63:9c:29:e9:db:
e6:96:2c:22:22:aa:b2:e5:cd:20:68:a1:74:39:43:1d:e5:95:
97:c0:65:12
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYq8mUouuILKvb6s/WlN9c29MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIyMTExNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWFjNjU3M2MxYzRiNDM2OTc1MDg4MDgwYWZlZWEwNDZkNzJkMTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSbhrzIzIVoUw6z5nOwCj2B8Yvh7
WrZedHHonMjv61/SNk+eR7takFJEr22EF1/cegveTh0c/mpX96dBDwzN5ilAtbdo
zubZE3a49cT1ohiX9Z2wyhQ7XKXVgKmVpJEvokhdDZ9thSjUc/pvkD4BBWW8tDHY
uZ9XbTa4k7uTRK77hgk3GG9FfMT31ERe4aKj4s0BVEsXTVoxS8uMLd3HK/Pt2yb8
Lr4oe3fCkfeNsCDdVald37nP4PHzEy6A2iGzprg9/Z74TX8DyhkTyRuc7An2hVNc
42h3a4aV3oz7uupvcfTBNNYYBxlficp5rh/g1BPUJ0gG/l5ar+VUi/dPrQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGWsZXPBxLQ2l1CICAr+6gRtctFsMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWmF4bGM4SEV0RGFYVUlnSUN2N3FCRzF5MFd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGNzkO5zjkhIZGozerF2
VVjrgtEYzMCRIX8r5E8M3n8NPMQOC0eSi8Uqb9PcetxTBQzsZynfwKFfWf8Wnt7H
csFViC5aEYfOCjZkfKf4Ah5BMXDAcxofcLnw1owGl2feGc3uwcldCjE0Byj0NsVI
vyQqswPgYiIK85nlPQKM2oJPF31sCc6JSEctvw0S6Azg/nDYU7dIb5OsLqZK636R
iEGNystWNSfPu03dqXfklJerlrXh7uIlfcBRr/tYNE77f+MGenZ3r8fBkXvZh5qy
WRBCXSuQETDCvCY/McdZnsC8vwCWsUVjnCnp2+aWLCIiqrLlzSBooXQ5Qx3llZfA
ZRI=
-----END CERTIFICATE-----
Generated at Mon May 12 13:06:45 2025 by rpki-client