Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/zQPDhuCwlJ3Dqwp0T5AFYVArqh0.roa
File: zQPDhuCwlJ3Dqwp0T5AFYVArqh0.roa (raw, json)
Hash identifier: gLB2eLa4fKySbYxmTvV9XoaTXr16xslk0fLas0GHuYM=
Subject key identifier: CD:03:C3:86:E0:B0:94:9D:C3:AB:0A:74:4F:90:05:61:50:2B:AA:1D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AB9CFFB2B7FC7B03658C923FF1A5788FF
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/zQPDhuCwlJ3Dqwp0T5AFYVArqh0.roa
Signing time: Thu 21 Sep 2023 22:15:29 +0000
ROA not before: Thu 21 Sep 2023 22:15:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b9:cf:fb:2b:7f:c7:b0:36:58:c9:23:ff:1a:57:88:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 21 22:15:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd03c386e0b0949dc3ab0a744f900561502baa1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:5f:67:29:65:e0:2d:d5:e5:c5:53:1d:30:57:
5c:03:1c:47:04:77:a7:60:4a:70:84:4c:ef:a3:da:
34:a2:cb:78:9a:6c:f9:64:95:92:ab:54:00:90:95:
87:86:f7:22:94:7b:bc:45:f7:42:c7:95:f2:9f:11:
8f:17:37:b3:7a:c4:f1:36:9f:d9:d7:80:e4:67:9b:
25:66:7a:9d:70:c3:e6:c0:bb:fb:3f:ef:bf:55:36:
85:c7:57:4a:59:12:d4:54:7f:28:f4:47:c3:c5:3a:
8b:3d:76:bb:c0:1b:31:c6:bb:ae:d4:c1:d3:bd:62:
a8:fe:ae:4c:fc:c2:53:ea:63:49:f0:53:3b:31:9b:
72:97:4e:08:0c:b6:b5:a8:f4:a4:af:20:cc:2f:f7:
10:6f:d8:1e:e6:ee:0e:c7:88:f0:c1:b5:05:06:0d:
ea:95:e5:96:59:ac:dc:76:e3:5d:12:03:ab:c8:f6:
16:e1:40:c2:39:9c:c8:6a:c4:26:5d:73:58:3f:8a:
d2:1e:e4:ba:81:6f:c8:b1:52:2f:18:0c:6b:47:83:
46:d9:ef:e6:ff:2d:76:d0:3f:96:a2:66:8d:b6:c2:
9c:52:01:17:61:a0:f6:f7:10:75:e8:1a:a6:cf:ff:
f9:a2:8d:fa:a2:ed:79:e7:f2:c2:e0:97:74:c8:f6:
71:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:03:C3:86:E0:B0:94:9D:C3:AB:0A:74:4F:90:05:61:50:2B:AA:1D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/zQPDhuCwlJ3Dqwp0T5AFYVArqh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
bf:a5:62:87:01:96:cb:2c:34:6c:96:e3:01:5c:08:6d:ee:20:
e6:ed:08:53:33:16:78:17:3d:da:aa:35:52:19:2e:88:48:65:
3e:1f:64:82:4e:fd:10:aa:f4:10:9b:8e:ec:23:da:3d:e3:70:
b2:07:f5:d7:50:3f:ff:bd:01:1e:fa:3f:fe:76:dd:59:de:fd:
fa:f5:4e:55:8d:de:be:51:64:eb:10:43:04:f8:30:7c:99:ab:
32:08:59:d3:bc:7f:49:cc:f9:29:05:8f:5d:5b:a4:51:15:ec:
6a:a9:33:14:ca:f3:0b:fc:09:37:65:22:62:77:cc:7c:e7:bf:
d6:ab:e9:9b:9c:d8:33:7d:bb:0e:f6:8d:d6:f1:c1:11:78:52:
77:e0:f1:7c:fc:88:9e:7b:19:75:6e:26:f0:97:c4:01:96:f1:
fe:5f:44:88:10:2c:c9:95:73:5f:41:3c:7f:74:10:9e:61:3f:
e3:eb:70:6a:1c:ac:83:38:81:d6:93:09:4c:46:a7:ac:64:b9:
18:09:0f:d2:19:bb:92:ce:c9:20:39:48:76:09:10:6e:99:c5:
ee:cf:77:82:5d:c3:45:cd:a1:a7:8f:aa:ce:c1:6f:d5:f6:87:
7d:36:a0:01:98:8e:4b:dc:bb:1c:67:c7:70:7f:fd:73:cb:17:
c8:48:b7:8b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYq5z/srf8ewNljJI/8aV4j/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIxMjIxNTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDAzYzM4NmUwYjA5NDlkYzNhYjBhNzQ0ZjkwMDU2MTUwMmJhYTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv19nKWXgLdXlxVMdMFdcAxxHBHen
YEpwhEzvo9o0ost4mmz5ZJWSq1QAkJWHhvcilHu8RfdCx5XynxGPFzezesTxNp/Z
14DkZ5slZnqdcMPmwLv7P++/VTaFx1dKWRLUVH8o9EfDxTqLPXa7wBsxxruu1MHT
vWKo/q5M/MJT6mNJ8FM7MZtyl04IDLa1qPSkryDML/cQb9ge5u4Ox4jwwbUFBg3q
leWWWazcduNdEgOryPYW4UDCOZzIasQmXXNYP4rSHuS6gW/IsVIvGAxrR4NG2e/m
/y120D+WomaNtsKcUgEXYaD29xB16Bqmz//5oo36ou155/LC4Jd0yPZxHQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM0Dw4bgsJSdw6sKdE+QBWFQK6odMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvelFQRGh1Q3dsSjNEcXdwMFQ1QUZZVkFycWgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAL+lYocBlsssNGyW4wFc
CG3uIObtCFMzFngXPdqqNVIZLohIZT4fZIJO/RCq9BCbjuwj2j3jcLIH9ddQP/+9
AR76P/523Vne/fr1TlWN3r5RZOsQQwT4MHyZqzIIWdO8f0nM+SkFj11bpFEV7Gqp
MxTK8wv8CTdlImJ3zHznv9ar6Zuc2DN9uw72jdbxwRF4Unfg8Xz8iJ57GXVuJvCX
xAGW8f5fRIgQLMmVc19BPH90EJ5hP+PrcGocrIM4gdaTCUxGp6xkuRgJD9IZu5LO
ySA5SHYJEG6Zxe7Pd4Jdw0XNoaePqs7Bb9X2h302oAGYjkvcuxxnx3B//XPLF8hI
t4s=
-----END CERTIFICATE-----
Generated at Sun May 11 10:14:06 2025 by rpki-client