Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ZUAqbYx-oXn3x9rFZbNC9UxcsUI.roa
File: ZUAqbYx-oXn3x9rFZbNC9UxcsUI.roa (raw, json)
Hash identifier: qjzMLH+gBwS1xEjaYLVFOYhFnDd7cclURzZGAJwU/nw=
Subject key identifier: 65:40:2A:6D:8C:7E:A1:79:F7:C7:DA:C5:65:B3:42:F5:4C:5C:B1:42
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018518EA6DB79DDCB8BDA6E182549584A03C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ZUAqbYx-oXn3x9rFZbNC9UxcsUI.roa
Signing time: Fri 16 Dec 2022 03:11:34 +0000
ROA not before: Fri 16 Dec 2022 03:11:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:18:ea:6d:b7:9d:dc:b8:bd:a6:e1:82:54:95:84:a0:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 16 03:11:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=65402a6d8c7ea179f7c7dac565b342f54c5cb142
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:a6:ad:24:88:36:77:2c:97:50:ca:e3:0e:b0:
12:44:32:10:43:93:e5:7e:41:3f:bf:b7:57:44:49:
f7:21:02:e2:4f:3e:4b:90:ba:d3:61:96:1c:c8:d9:
b0:83:2d:ac:81:3e:33:62:24:ba:19:a4:f9:a2:2a:
8b:d5:84:06:1b:0e:d5:cc:82:f4:94:4b:5e:0e:c3:
e4:5e:6a:9f:e7:0c:c9:93:8b:b8:45:a4:1b:30:04:
02:7e:bd:a9:a6:ad:ed:50:22:17:6a:47:e2:39:b2:
13:c5:9f:1b:65:c4:c3:36:c0:12:8e:70:fb:1b:b8:
14:98:6b:42:cc:a8:da:54:4d:ce:8f:2a:36:66:ee:
50:2d:36:88:3a:c2:3f:39:d4:c5:a6:6b:3e:50:5b:
e9:30:71:40:85:89:48:8f:0b:fd:ac:2c:92:6b:5e:
75:cc:a9:84:ab:2f:c8:01:e1:1c:ab:43:63:71:ff:
47:24:cb:2e:50:50:6f:2f:a6:7c:5d:3a:6c:1f:51:
9e:a4:5b:3e:c6:53:b9:ed:b8:d3:d7:7d:6c:f2:b4:
75:bb:b6:f6:5b:27:4b:d4:cf:99:f7:28:3b:d3:6a:
95:ed:1b:f7:36:4b:7e:87:d5:b4:d2:13:69:8c:fe:
d5:d9:20:af:3f:9b:89:8c:16:ff:0e:a1:fd:5f:cf:
97:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:40:2A:6D:8C:7E:A1:79:F7:C7:DA:C5:65:B3:42:F5:4C:5C:B1:42
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ZUAqbYx-oXn3x9rFZbNC9UxcsUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1d:0e:8b:1c:a3:1b:57:89:4f:e8:05:4a:e4:9f:bf:81:82:b4:
60:4c:d4:fe:68:f1:9d:7e:7b:1a:e5:6e:14:58:dd:e8:41:79:
63:08:21:6c:db:a4:82:5a:8d:25:37:43:03:0f:33:73:a0:97:
f5:51:c6:e8:59:2a:80:12:bb:d7:12:b9:95:36:1a:f3:b0:57:
51:36:11:77:2a:de:61:96:7d:60:08:02:25:05:35:9b:45:a8:
84:b1:5a:97:d5:86:81:fa:d6:46:e3:a8:7e:7b:67:d7:86:0f:
94:3a:96:8b:2b:b9:b8:12:6d:f7:3b:ef:59:cf:a0:40:47:fa:
9c:74:b0:65:c4:a6:ff:e4:62:69:4d:89:6a:b2:c3:0d:37:0e:
7f:17:83:e3:fb:6f:61:68:22:e4:b0:02:59:bd:cb:99:ee:93:
6d:b2:92:7b:0e:89:ef:da:63:19:fc:51:19:8d:e2:51:a7:bd:
6a:c6:9e:51:65:66:ee:40:c2:7b:31:3a:8d:f8:4c:d4:5b:bf:
67:53:42:75:62:12:79:f4:6a:59:2a:f2:85:ec:29:d9:2a:26:
38:7c:2d:93:4e:cc:04:74:57:12:b4:34:9c:20:12:98:38:06:
84:50:14:9a:a1:31:69:d4:d8:47:45:40:19:d9:dc:fe:7a:15:
33:a2:23:d8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUY6m23ndy4vabhglSVhKA8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjE2MDMxMTM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTQwMmE2ZDhjN2VhMTc5ZjdjN2RhYzU2NWIzNDJmNTRjNWNiMTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnaatJIg2dyyXUMrjDrASRDIQQ5Pl
fkE/v7dXREn3IQLiTz5LkLrTYZYcyNmwgy2sgT4zYiS6GaT5oiqL1YQGGw7VzIL0
lEteDsPkXmqf5wzJk4u4RaQbMAQCfr2ppq3tUCIXakfiObITxZ8bZcTDNsASjnD7
G7gUmGtCzKjaVE3Ojyo2Zu5QLTaIOsI/OdTFpms+UFvpMHFAhYlIjwv9rCySa151
zKmEqy/IAeEcq0Njcf9HJMsuUFBvL6Z8XTpsH1GepFs+xlO57bjT131s8rR1u7b2
WydL1M+Z9yg702qV7Rv3Nkt+h9W00hNpjP7V2SCvP5uJjBb/DqH9X8+XMwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGVAKm2MfqF598faxWWzQvVMXLFCMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWlVBcWJZeC1vWG4zeDlyRlpiTkM5VXhjc1VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB0OixyjG1eJT+gFSuSf
v4GCtGBM1P5o8Z1+exrlbhRY3ehBeWMIIWzbpIJajSU3QwMPM3Ogl/VRxuhZKoAS
u9cSuZU2GvOwV1E2EXcq3mGWfWAIAiUFNZtFqISxWpfVhoH61kbjqH57Z9eGD5Q6
losrubgSbfc771nPoEBH+px0sGXEpv/kYmlNiWqyww03Dn8Xg+P7b2FoIuSwAlm9
y5nuk22yknsOie/aYxn8URmN4lGnvWrGnlFlZu5AwnsxOo34TNRbv2dTQnViEnn0
alkq8oXsKdkqJjh8LZNOzAR0VxK0NJwgEpg4BoRQFJqhMWnU2EdFQBnZ3P56FTOi
I9g=
-----END CERTIFICATE-----
Generated at Thu May 1 05:58:51 2025 by rpki-client