Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/zYaX6Ch51vU-uQibcylSqdJuQXI.roa
File: zYaX6Ch51vU-uQibcylSqdJuQXI.roa (raw, json)
Hash identifier: hyL1cyKGl4I7v9xZwp1KyBjtrt+Po/PwpZi1+4TSNK0=
Subject key identifier: CD:86:97:E8:28:79:D6:F5:3E:B9:08:9B:73:29:52:A9:D2:6E:41:72
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C7DB692B3DADAFC3CE6B6ED1248880EDC
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/zYaX6Ch51vU-uQibcylSqdJuQXI.roa
Signing time: Mon 18 Dec 2023 16:16:06 +0000
ROA not before: Mon 18 Dec 2023 16:16:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7d:b6:92:b3:da:da:fc:3c:e6:b6:ed:12:48:88:0e:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 18 16:16:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd8697e82879d6f53eb9089b732952a9d26e4172
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:6e:19:3f:a9:7b:2f:68:f4:90:e0:b5:53:44:
71:c5:ec:c7:1b:01:45:a4:0f:f2:d8:c1:ad:74:1d:
e8:44:0b:c3:af:1e:55:c4:58:1e:50:e2:d0:32:8d:
3a:45:cb:3e:c1:90:99:23:3d:05:15:5d:b7:2d:15:
69:26:af:b3:ae:64:4a:ad:d5:87:4e:44:28:1b:ef:
42:bd:86:b6:70:e0:99:80:68:29:f9:d8:1e:81:21:
48:fa:40:cc:e2:66:ef:b8:88:a7:19:12:2c:f7:1f:
ef:ec:94:98:18:ee:de:fc:b2:10:34:6d:6d:43:99:
fd:0d:05:d2:01:4e:a5:6a:63:56:d5:68:1f:20:19:
21:bf:90:75:9f:d2:99:66:23:ad:fd:01:89:80:84:
82:c4:14:ce:32:c9:7f:cb:99:38:fb:88:ef:4e:07:
10:19:cb:37:56:ea:e2:af:e9:2f:88:23:a6:ca:b7:
66:93:c3:a2:ee:d9:b7:e9:98:4f:f4:66:f4:16:12:
63:d5:c2:ab:d2:3f:85:58:cf:b7:44:68:75:47:42:
50:68:c6:9b:9e:79:fb:4f:2c:b2:6e:e9:f1:40:01:
1e:af:bd:1e:bb:21:17:95:1c:e3:27:e2:99:1e:44:
8e:22:7a:cd:1a:b3:40:43:0a:66:78:e5:c2:f7:77:
38:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:86:97:E8:28:79:D6:F5:3E:B9:08:9B:73:29:52:A9:D2:6E:41:72
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/zYaX6Ch51vU-uQibcylSqdJuQXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6b:12:1c:ab:04:ce:55:82:d6:5c:aa:72:ba:88:db:4c:db:61:
ff:cc:d6:7b:71:c2:f3:81:0b:3f:cb:78:c2:c4:ce:b1:69:d0:
70:9a:79:e2:a5:ec:0c:2e:e8:e4:06:6c:4b:27:a5:31:29:f7:
00:7a:87:3d:9d:b1:83:99:a8:c0:1c:4c:99:57:f9:3c:9d:39:
67:bf:f8:da:e7:75:d1:8c:dd:f2:25:7b:f2:aa:b9:8b:da:f2:
9b:fa:42:0c:b2:40:c4:45:a6:f1:8e:be:0e:2b:43:65:7e:8b:
b2:ef:cc:48:85:1b:40:b3:2c:7b:7a:6a:5c:b8:7f:aa:a8:89:
cc:c8:63:78:3e:84:23:a1:fa:64:5d:bc:44:7f:82:ae:31:34:
3a:d9:bd:f3:fb:19:be:ea:c2:f5:c5:10:86:39:86:9e:d1:df:
65:c2:b3:e4:90:b0:66:7e:fb:15:7f:bd:09:29:c7:30:6e:20:
88:63:b8:99:87:23:43:e2:23:0e:62:a1:66:4e:de:e6:e9:36:
11:20:dd:c3:c8:69:0f:c7:79:d9:be:fc:0d:98:5f:03:62:e1:
66:31:ac:1d:92:ba:14:0b:68:c7:b3:c0:fa:bc:11:c7:19:7d:
0f:89:12:73:0e:95:00:a9:22:9d:79:9a:e5:fc:96:61:7b:a2:
b1:b3:f9:1a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYx9tpKz2tr8POa27RJIiA7cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE4MTYxNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDg2OTdlODI4NzlkNmY1M2ViOTA4OWI3MzI5NTJhOWQyNmU0MTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh24ZP6l7L2j0kOC1U0RxxezHGwFF
pA/y2MGtdB3oRAvDrx5VxFgeUOLQMo06Rcs+wZCZIz0FFV23LRVpJq+zrmRKrdWH
TkQoG+9CvYa2cOCZgGgp+dgegSFI+kDM4mbvuIinGRIs9x/v7JSYGO7e/LIQNG1t
Q5n9DQXSAU6lamNW1WgfIBkhv5B1n9KZZiOt/QGJgISCxBTOMsl/y5k4+4jvTgcQ
Gcs3Vurir+kviCOmyrdmk8Oi7tm36ZhP9Gb0FhJj1cKr0j+FWM+3RGh1R0JQaMab
nnn7TyyybunxQAEer70euyEXlRzjJ+KZHkSOInrNGrNAQwpmeOXC93c4kwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM2Gl+goedb1PrkIm3MpUqnSbkFyMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvellhWDZDaDUxdlUtdVFpYmN5bFNxZEp1UVhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGsSHKsEzlWC1lyqcrqI
20zbYf/M1ntxwvOBCz/LeMLEzrFp0HCaeeKl7Awu6OQGbEsnpTEp9wB6hz2dsYOZ
qMAcTJlX+TydOWe/+NrnddGM3fIle/KquYva8pv6QgyyQMRFpvGOvg4rQ2V+i7Lv
zEiFG0CzLHt6aly4f6qoiczIY3g+hCOh+mRdvER/gq4xNDrZvfP7Gb7qwvXFEIY5
hp7R32XCs+SQsGZ++xV/vQkpxzBuIIhjuJmHI0PiIw5ioWZO3ubpNhEg3cPIaQ/H
edm+/A2YXwNi4WYxrB2SuhQLaMezwPq8EccZfQ+JEnMOlQCpIp15muX8lmF7orGz
+Ro=
-----END CERTIFICATE-----
Generated at Sun May 11 19:55:27 2025 by rpki-client