Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/lzCvhXnaGE_kyjau1g9iEIKi6zs.roa
File: lzCvhXnaGE_kyjau1g9iEIKi6zs.roa (raw, json)
Hash identifier: Mx83SgODpPj7bgZEipLRiyd5QrLQm/TDDbQYp8+3+VU=
Subject key identifier: 97:30:AF:85:79:DA:18:4F:E4:CA:36:AE:D6:0F:62:10:82:A2:EB:3B
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AB404F087D54A424DA07F55DCD68BAE67
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/lzCvhXnaGE_kyjau1g9iEIKi6zs.roa
Signing time: Wed 20 Sep 2023 19:15:37 +0000
ROA not before: Wed 20 Sep 2023 19:15:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b4:04:f0:87:d5:4a:42:4d:a0:7f:55:dc:d6:8b:ae:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 20 19:15:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9730af8579da184fe4ca36aed60f621082a2eb3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:2f:98:53:81:30:50:50:48:f4:b5:21:6f:8b:
43:23:91:f7:cc:3f:34:34:04:2a:3f:b9:19:59:38:
92:0f:02:96:c5:e2:84:20:f4:1d:17:2b:fc:9e:3c:
08:88:c1:1e:f3:93:f1:4a:0c:e0:f8:b6:82:f4:57:
31:b6:9a:b6:e8:e1:bf:07:26:9a:d3:50:00:8c:d9:
be:a9:dd:c1:9a:c5:f6:69:41:35:d0:06:ec:21:b5:
1e:90:05:7e:aa:d9:ea:5e:bd:47:29:51:ca:11:09:
25:0f:69:1c:86:a0:0b:ba:8e:5a:34:95:29:48:74:
ab:50:c4:40:e4:fa:6f:ff:15:b6:2b:9d:6f:ca:6c:
55:94:64:f1:4b:d8:80:22:7d:47:e2:6d:33:55:53:
01:3a:74:0b:c4:13:b9:33:e3:b3:79:1c:18:68:ac:
d1:8b:1e:ae:23:86:b1:2e:76:29:c8:fe:36:55:f1:
b4:17:58:5b:c3:d9:e1:52:5d:96:6d:bd:4d:43:fb:
5d:ae:d8:26:64:63:50:e7:ff:8b:25:2e:c4:5d:1d:
54:d8:0c:13:a1:05:1f:7e:f4:80:d6:06:58:54:33:
9f:e9:3e:0b:45:0a:57:65:75:62:34:60:55:18:21:
58:a1:57:8e:f7:72:35:78:f5:2e:5c:7c:c7:e9:1e:
77:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:30:AF:85:79:DA:18:4F:E4:CA:36:AE:D6:0F:62:10:82:A2:EB:3B
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/lzCvhXnaGE_kyjau1g9iEIKi6zs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b8:f3:77:e4:46:a6:ed:1c:50:d7:0b:6f:07:4f:32:a4:3a:79:
43:b1:51:72:01:9c:e4:fd:45:38:4c:e4:2f:1f:5f:c5:22:9a:
4b:d4:72:5a:dd:3e:13:28:16:6c:bf:fa:5a:83:d3:83:b2:7d:
77:61:15:35:c1:81:ee:60:a0:8c:57:c6:1c:52:8c:4d:05:31:
c4:c4:7b:39:d9:f7:f9:b6:78:67:38:a2:c3:97:57:9d:ab:9f:
e6:8a:1f:e9:c2:01:db:b2:b4:ed:8b:04:8f:9b:cd:f2:95:fa:
fe:e0:09:1d:e8:f5:7f:87:93:51:d8:03:eb:a3:5b:84:c6:1b:
10:5d:57:97:77:c6:49:47:4f:a3:ea:f7:c5:51:91:b2:c1:8a:
d9:49:a2:99:c6:cd:f2:e4:75:07:fd:13:ed:38:d0:73:a3:1c:
70:f6:7d:98:e8:35:f7:e2:65:b7:f0:1d:a6:45:50:a0:1b:61:
3d:a8:84:cf:1d:57:c3:12:28:c9:df:73:00:e1:0f:e6:59:aa:
c0:94:c3:00:5c:0d:66:be:27:46:1a:62:31:11:de:c4:25:48:
16:86:da:c5:c8:3a:85:a6:bc:ae:49:ea:6b:08:d6:a8:0e:26:
d7:7a:f4:1b:fe:ab:4e:ea:e1:f8:6c:ff:bb:e3:d7:f5:f1:8b:
0f:52:f9:1c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYq0BPCH1UpCTaB/VdzWi65nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIwMTkxNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzMwYWY4NTc5ZGExODRmZTRjYTM2YWVkNjBmNjIxMDgyYTJlYjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhS+YU4EwUFBI9LUhb4tDI5H3zD80
NAQqP7kZWTiSDwKWxeKEIPQdFyv8njwIiMEe85PxSgzg+LaC9Fcxtpq26OG/Byaa
01AAjNm+qd3BmsX2aUE10AbsIbUekAV+qtnqXr1HKVHKEQklD2kchqALuo5aNJUp
SHSrUMRA5Ppv/xW2K51vymxVlGTxS9iAIn1H4m0zVVMBOnQLxBO5M+OzeRwYaKzR
ix6uI4axLnYpyP42VfG0F1hbw9nhUl2Wbb1NQ/tdrtgmZGNQ5/+LJS7EXR1U2AwT
oQUffvSA1gZYVDOf6T4LRQpXZXViNGBVGCFYoVeO93I1ePUuXHzH6R53PwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJcwr4V52hhP5Mo2rtYPYhCCous7MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbHpDdmhYbmFHRV9reWphdTFnOWlFSUtpNnpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALjzd+RGpu0cUNcLbwdP
MqQ6eUOxUXIBnOT9RThM5C8fX8UimkvUclrdPhMoFmy/+lqD04OyfXdhFTXBge5g
oIxXxhxSjE0FMcTEeznZ9/m2eGc4osOXV52rn+aKH+nCAduytO2LBI+bzfKV+v7g
CR3o9X+Hk1HYA+ujW4TGGxBdV5d3xklHT6Pq98VRkbLBitlJopnGzfLkdQf9E+04
0HOjHHD2fZjoNffiZbfwHaZFUKAbYT2ohM8dV8MSKMnfcwDhD+ZZqsCUwwBcDWa+
J0YaYjER3sQlSBaG2sXIOoWmvK5J6msI1qgOJtd69Bv+q07q4fhs/7vj1/Xxiw9S
+Rw=
-----END CERTIFICATE-----
Generated at Mon May 12 18:43:40 2025 by rpki-client