Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Zr97p1ey3cgBhNFuOJUB7apahfA.roa
File: Zr97p1ey3cgBhNFuOJUB7apahfA.roa (raw, json)
Hash identifier: qRoMGl2Rk5drO0xrSq/MLSDxWPVtfPciCsOBviewzTc=
Subject key identifier: 66:BF:7B:A7:57:B2:DD:C8:01:84:D1:6E:38:95:01:ED:AA:5A:85:F0
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C8312082118B50997723DA289CBAE88B8
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Zr97p1ey3cgBhNFuOJUB7apahfA.roa
Signing time: Tue 19 Dec 2023 17:14:06 +0000
ROA not before: Tue 19 Dec 2023 17:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:83:12:08:21:18:b5:09:97:72:3d:a2:89:cb:ae:88:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 19 17:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66bf7ba757b2ddc80184d16e389501edaa5a85f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e7:44:93:bf:28:5a:0d:56:1a:62:31:65:17:
fc:78:80:bd:65:26:76:eb:aa:f0:d6:5a:1e:79:c6:
1a:c9:62:67:67:4a:1e:c0:17:14:4b:53:72:96:45:
64:1d:1b:cd:47:2a:2f:bf:7e:7d:80:69:36:ae:21:
ca:82:ce:bd:95:84:e3:98:d4:93:4b:50:70:be:bd:
d7:c2:53:76:cc:cb:30:57:10:20:22:c1:52:8b:64:
36:70:5d:80:82:43:40:ef:a9:04:b9:35:c9:0a:32:
93:3d:60:51:f4:45:74:55:bc:9c:d4:42:ec:3d:2e:
cd:8f:e7:f0:ae:77:75:d7:15:84:52:0a:33:88:fa:
54:c5:75:d9:75:d0:1a:67:10:8a:6c:e9:50:9a:05:
c3:5d:35:42:ed:91:8a:2f:d5:4e:b3:dc:a7:62:f0:
49:20:ee:34:10:d3:9c:cf:40:83:26:b5:45:37:e4:
fe:d1:4a:84:ea:d9:a7:9f:ec:46:ac:bc:3e:b7:d0:
1c:31:e3:2c:6c:e3:8b:ad:79:a9:ae:59:92:bc:91:
6e:d7:a1:b6:a6:63:47:57:9e:f2:21:df:da:94:d3:
d8:cc:ba:d8:d1:e4:ff:83:9f:6c:50:bb:d4:1e:31:
a6:9a:7c:0e:f9:1d:0c:08:b7:42:02:1f:49:0b:de:
b6:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:BF:7B:A7:57:B2:DD:C8:01:84:D1:6E:38:95:01:ED:AA:5A:85:F0
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Zr97p1ey3cgBhNFuOJUB7apahfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
14:85:3d:4c:90:3e:6d:1a:f6:78:0f:ae:ae:2a:90:23:2e:92:
43:dc:8c:98:6b:86:72:51:14:37:ab:eb:74:53:6f:7f:e2:05:
15:91:72:f2:08:49:e6:ad:5e:d8:e3:33:7a:ed:75:cf:aa:a4:
66:28:9b:b7:ae:51:fe:16:a7:d4:5b:c0:a9:e6:1a:8a:f9:86:
15:74:3f:aa:24:83:f3:10:47:40:d4:89:3b:21:e7:58:eb:a0:
00:37:e1:cc:26:e9:c8:45:bb:35:90:cd:bb:47:2c:51:97:2d:
4d:91:50:6d:c1:a7:6d:aa:00:a4:8d:1e:e1:27:e3:4f:82:22:
8c:fa:53:9a:4f:1f:ae:bd:fa:59:bc:20:69:76:10:cf:c1:52:
2d:ac:6e:39:af:3b:ac:9c:14:07:05:89:11:7a:5a:6f:06:a7:
2a:a7:aa:17:81:21:6b:f4:ed:2a:35:ee:be:4a:7d:a5:57:2e:
23:1c:0c:6d:a2:4c:8b:a1:fb:d2:ce:a3:24:1e:f2:8f:64:56:
a1:62:53:62:6c:a1:c8:73:e6:ad:82:8c:12:38:9c:e7:a7:9d:
be:44:06:9b:c1:5e:8e:4f:9d:2e:da:96:e6:cb:55:53:a9:f7:
d3:68:49:1f:b4:1c:41:68:73:36:33:93:1e:10:4e:e8:d8:ff:
f8:5a:f1:eb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyDEgghGLUJl3I9oonLroi4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE5MTcxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmJmN2JhNzU3YjJkZGM4MDE4NGQxNmUzODk1MDFlZGFhNWE4NWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuedEk78oWg1WGmIxZRf8eIC9ZSZ2
66rw1loeecYayWJnZ0oewBcUS1NylkVkHRvNRyovv359gGk2riHKgs69lYTjmNST
S1Bwvr3XwlN2zMswVxAgIsFSi2Q2cF2AgkNA76kEuTXJCjKTPWBR9EV0Vbyc1ELs
PS7Nj+fwrnd11xWEUgoziPpUxXXZddAaZxCKbOlQmgXDXTVC7ZGKL9VOs9ynYvBJ
IO40ENOcz0CDJrVFN+T+0UqE6tmnn+xGrLw+t9AcMeMsbOOLrXmprlmSvJFu16G2
pmNHV57yId/alNPYzLrY0eT/g59sULvUHjGmmnwO+R0MCLdCAh9JC962VQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGa/e6dXst3IAYTRbjiVAe2qWoXwMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWnI5N3AxZXkzY2dCaE5GdU9KVUI3YXBhaGZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABSFPUyQPm0a9ngPrq4q
kCMukkPcjJhrhnJRFDer63RTb3/iBRWRcvIISeatXtjjM3rtdc+qpGYom7euUf4W
p9RbwKnmGor5hhV0P6okg/MQR0DUiTsh51jroAA34cwm6chFuzWQzbtHLFGXLU2R
UG3Bp22qAKSNHuEn40+CIoz6U5pPH669+lm8IGl2EM/BUi2sbjmvO6ycFAcFiRF6
Wm8GpyqnqheBIWv07So17r5KfaVXLiMcDG2iTIuh+9LOoyQe8o9kVqFiU2Jsochz
5q2CjBI4nOennb5EBpvBXo5PnS7alubLVVOp99NoSR+0HEFoczYzkx4QTujY//ha
8es=
-----END CERTIFICATE-----
Generated at Sun May 11 16:42:09 2025 by rpki-client