Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/zuwiMmWBh0GDW2T3QbrrujiHtzg.roa
File: zuwiMmWBh0GDW2T3QbrrujiHtzg.roa (raw, json)
Hash identifier: eQZdj4gYf8z1Kop07sY5jASKkIdWaw5FW8amnUdHrGU=
Subject key identifier: CE:EC:22:32:65:81:87:41:83:5B:64:F7:41:BA:EB:BA:38:87:B7:38
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B47DB756F54937DBE18A9D107E5633EC4
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/zuwiMmWBh0GDW2T3QbrrujiHtzg.roa
Signing time: Thu 19 Oct 2023 12:14:06 +0000
ROA not before: Thu 19 Oct 2023 12:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:47:db:75:6f:54:93:7d:be:18:a9:d1:07:e5:63:3e:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 19 12:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ceec223265818741835b64f741baebba3887b738
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:9c:42:f4:7b:13:13:7b:e2:8e:ac:02:63:a2:
bb:d4:5c:b9:75:dd:7e:e1:23:34:f3:80:ce:09:79:
ff:0b:5f:41:54:d9:69:7b:ac:26:72:14:65:bf:9a:
19:53:13:71:9a:e9:4b:44:eb:6c:0b:52:8d:ec:e4:
d2:24:79:49:11:61:be:eb:98:bc:c9:68:42:f5:75:
b1:c7:d0:fc:91:2e:46:d6:24:ca:31:7c:7e:e3:fc:
a1:6d:81:c2:35:25:73:76:b6:10:13:c4:54:74:ce:
3d:9f:40:fe:6d:5c:6c:9a:3d:41:3c:25:90:79:b1:
3f:ea:85:55:02:1d:85:45:52:6c:bc:36:21:dc:e8:
1d:95:5c:fb:c3:7b:2b:b1:09:a4:9c:00:2d:de:8b:
ae:3c:c7:fe:ef:d2:4f:12:a1:a3:cb:16:93:46:66:
93:16:af:e6:9a:ab:ad:a1:a1:74:3a:e5:08:31:d8:
32:90:bd:dc:d9:f0:c1:b4:c6:15:51:fb:ec:ea:89:
d3:38:00:cd:db:33:85:9c:05:b3:5b:df:52:40:aa:
3e:b2:86:dc:24:eb:99:14:b7:66:b0:6b:0c:77:d5:
5f:ac:ec:f4:29:a0:18:dd:b5:32:9d:f6:d4:ad:13:
d8:50:82:bc:50:b9:10:70:a3:85:38:bc:30:03:c6:
37:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:EC:22:32:65:81:87:41:83:5B:64:F7:41:BA:EB:BA:38:87:B7:38
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/zuwiMmWBh0GDW2T3QbrrujiHtzg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
26:98:13:e0:5f:07:e3:32:48:f3:ce:a7:65:52:01:30:7c:26:
99:76:31:6a:f8:4b:71:ae:92:1a:52:e5:1d:a8:b5:d6:5e:ae:
18:bb:eb:d0:03:e3:fc:c9:05:6a:cf:29:e5:2d:b2:8f:46:e0:
e0:54:65:cb:b7:f8:a7:4e:36:a1:24:38:4f:fd:7d:51:0a:80:
81:6f:3d:1c:8c:b8:39:05:44:52:6a:99:7e:62:7e:29:30:23:
f7:5c:8b:60:f7:13:d4:90:15:ea:a8:81:a8:fc:cf:68:35:e2:
79:1f:4c:f4:e4:ce:87:46:8d:cb:a7:db:28:fe:04:8f:ee:ff:
36:74:4f:c8:ee:33:c0:dd:ef:fd:7b:ea:7f:83:27:28:49:5d:
56:cb:d6:0b:14:23:6c:43:6f:b6:e1:97:d3:01:cd:da:84:0d:
ef:ac:6e:5a:08:2d:df:d0:26:53:8b:d4:22:b8:ab:62:31:c8:
49:c8:5a:01:cd:79:18:da:9c:7d:f9:dd:a4:3b:9a:bb:5c:56:
e7:5b:bc:5f:0d:6d:67:0b:fb:ae:6a:f7:4d:6f:65:1f:57:33:
95:8d:10:69:40:1e:04:61:65:66:f3:51:c2:39:8a:7c:d8:7b:
ed:7b:3b:98:94:82:ff:5c:09:04:41:a0:7d:29:90:d0:54:e3:
ca:f7:c7:07
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtH23VvVJN9vhip0QflYz7EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE5MTIxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWVjMjIzMjY1ODE4NzQxODM1YjY0Zjc0MWJhZWJiYTM4ODdiNzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15xC9HsTE3vijqwCY6K71Fy5dd1+
4SM084DOCXn/C19BVNlpe6wmchRlv5oZUxNxmulLROtsC1KN7OTSJHlJEWG+65i8
yWhC9XWxx9D8kS5G1iTKMXx+4/yhbYHCNSVzdrYQE8RUdM49n0D+bVxsmj1BPCWQ
ebE/6oVVAh2FRVJsvDYh3OgdlVz7w3srsQmknAAt3ouuPMf+79JPEqGjyxaTRmaT
Fq/mmqutoaF0OuUIMdgykL3c2fDBtMYVUfvs6onTOADN2zOFnAWzW99SQKo+sobc
JOuZFLdmsGsMd9VfrOz0KaAY3bUynfbUrRPYUIK8ULkQcKOFOLwwA8Y3yQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM7sIjJlgYdBg1tk90G667o4h7c4MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvenV3aU1tV0JoMEdEVzJUM1FicnJ1amlIdHpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACaYE+BfB+MySPPOp2VS
ATB8Jpl2MWr4S3GukhpS5R2otdZerhi769AD4/zJBWrPKeUtso9G4OBUZcu3+KdO
NqEkOE/9fVEKgIFvPRyMuDkFRFJqmX5ifikwI/dci2D3E9SQFeqogaj8z2g14nkf
TPTkzodGjcun2yj+BI/u/zZ0T8juM8Dd7/176n+DJyhJXVbL1gsUI2xDb7bhl9MB
zdqEDe+sbloILd/QJlOL1CK4q2IxyEnIWgHNeRjanH353aQ7mrtcVudbvF8NbWcL
+65q901vZR9XM5WNEGlAHgRhZWbzUcI5inzYe+17O5iUgv9cCQRBoH0pkNBU48r3
xwc=
-----END CERTIFICATE-----
Generated at Mon May 12 19:42:15 2025 by rpki-client