Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ZnghcRjdOMlud8KA6pveEeb91mQ.roa
File: ZnghcRjdOMlud8KA6pveEeb91mQ.roa (raw, json)
Hash identifier: e5LqLSmkYNE78DrSJyF8h5G8hUSZhqY/6d7SxqucMKM=
Subject key identifier: 66:78:21:71:18:DD:38:C9:6E:77:C2:80:EA:9B:DE:11:E6:FD:D6:64
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C6980ED0C787D4B8550B5805443820487
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ZnghcRjdOMlud8KA6pveEeb91mQ.roa
Signing time: Thu 14 Dec 2023 18:05:06 +0000
ROA not before: Thu 14 Dec 2023 18:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:6980:1e46/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:69:80:ed:0c:78:7d:4b:85:50:b5:80:54:43:82:04:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 14 18:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6678217118dd38c96e77c280ea9bde11e6fdd664
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:27:12:53:f6:11:8d:0f:35:0f:c6:3f:7f:14:
53:ba:74:13:54:43:64:86:32:ac:e1:0e:d3:4e:62:
de:62:d8:90:55:47:a8:e6:7d:2e:df:53:15:c5:d1:
6a:71:52:0f:b9:86:72:e6:02:3b:07:83:97:be:5c:
ca:2a:37:95:6c:c5:48:5b:03:30:02:cb:f3:41:9a:
b1:68:b2:df:a2:d9:0d:e7:f9:e1:89:e6:7d:7b:98:
9a:e3:b1:5d:42:76:8d:f0:e7:a2:a6:ba:b8:ba:ad:
e6:01:ac:73:8e:10:e2:b8:c3:94:61:f8:dd:a4:49:
13:07:e4:7c:0a:b6:d9:2c:c2:20:e4:54:d6:aa:22:
58:d2:8d:0c:d4:f6:9e:63:fa:9b:49:00:88:8c:59:
90:94:4d:f7:39:20:df:c2:9b:b0:23:f0:d5:b1:40:
5e:ba:6d:53:7f:bc:a9:37:55:1d:28:cb:31:d7:58:
ec:84:79:36:1c:f5:b2:ef:ea:35:75:12:77:d8:4c:
7a:cd:33:d2:78:25:61:41:da:e9:99:b4:bd:ed:cd:
2d:97:da:6c:88:e1:2c:67:5e:7d:db:94:73:94:13:
43:a8:79:2c:30:64:80:4d:66:f7:ef:c9:53:3d:0d:
51:7f:a3:b6:1b:f3:43:b3:78:e4:ee:2a:00:eb:e0:
ed:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:78:21:71:18:DD:38:C9:6E:77:C2:80:EA:9B:DE:11:E6:FD:D6:64
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ZnghcRjdOMlud8KA6pveEeb91mQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c7:f5:15:81:b1:f5:c7:7c:93:e7:a2:4b:8e:69:24:9f:a9:8e:
25:a6:6c:b6:28:26:be:cd:5c:58:fc:2b:41:6f:b5:f8:b9:d1:
91:b4:f1:04:4e:27:16:a6:cc:b9:4e:5c:09:a6:d7:ca:43:ea:
fb:47:e9:09:00:9c:69:91:c6:76:4b:46:79:28:da:a1:37:fa:
af:49:a1:f9:c9:65:aa:94:be:22:82:96:2b:fd:6f:7b:14:89:
89:83:f6:b1:1a:d1:fe:28:c9:3b:ad:6a:70:a8:fd:f8:9b:7e:
8f:2c:a3:84:2f:4f:8e:2e:33:d0:45:1a:92:3d:c9:4b:a8:4d:
eb:ce:a2:35:4d:64:03:de:53:61:01:63:0d:ed:a0:31:80:05:
05:26:7a:68:63:af:c8:1d:4a:20:ec:e4:dc:f0:83:f4:04:79:
06:71:9d:da:81:e3:24:dd:a7:ff:79:2a:be:d2:2e:3c:f6:0e:
9f:77:51:cf:13:74:cd:29:b4:6a:78:f1:d2:50:f2:2d:29:77:
9f:4f:a6:fe:0f:34:e9:85:93:06:96:94:f0:e6:13:0e:a7:d1:
83:34:d1:da:60:3f:2c:d7:7a:9d:88:29:9a:13:e0:31:47:60:
94:fa:27:e9:02:f0:66:02:19:58:df:2f:44:59:c7:da:42:ce:
d1:02:7d:18
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxpgO0MeH1LhVC1gFRDggSHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE0MTgwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Njc4MjE3MTE4ZGQzOGM5NmU3N2MyODBlYTliZGUxMWU2ZmRkNjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCcSU/YRjQ81D8Y/fxRTunQTVENk
hjKs4Q7TTmLeYtiQVUeo5n0u31MVxdFqcVIPuYZy5gI7B4OXvlzKKjeVbMVIWwMw
AsvzQZqxaLLfotkN5/nhieZ9e5ia47FdQnaN8Oeiprq4uq3mAaxzjhDiuMOUYfjd
pEkTB+R8CrbZLMIg5FTWqiJY0o0M1PaeY/qbSQCIjFmQlE33OSDfwpuwI/DVsUBe
um1Tf7ypN1UdKMsx11jshHk2HPWy7+o1dRJ32Ex6zTPSeCVhQdrpmbS97c0tl9ps
iOEsZ15925RzlBNDqHksMGSATWb378lTPQ1Rf6O2G/NDs3jk7ioA6+DtTwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGZ4IXEY3TjJbnfCgOqb3hHm/dZkMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWm5naGNSamRPTWx1ZDhLQTZwdmVFZWI5MW1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMf1FYGx9cd8k+eiS45p
JJ+pjiWmbLYoJr7NXFj8K0Fvtfi50ZG08QROJxamzLlOXAmm18pD6vtH6QkAnGmR
xnZLRnko2qE3+q9JofnJZaqUviKCliv9b3sUiYmD9rEa0f4oyTutanCo/fibfo8s
o4QvT44uM9BFGpI9yUuoTevOojVNZAPeU2EBYw3toDGABQUmemhjr8gdSiDs5Nzw
g/QEeQZxndqB4yTdp/95Kr7SLjz2Dp93Uc8TdM0ptGp48dJQ8i0pd59Ppv4PNOmF
kwaWlPDmEw6n0YM00dpgPyzXep2IKZoT4DFHYJT6J+kC8GYCGVjfL0RZx9pCztEC
fRg=
-----END CERTIFICATE-----
Generated at Tue May 13 11:11:34 2025 by rpki-client