Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/CZ8W9R5nfC-g8qEZyTOtSJEkSUU.roa
File: CZ8W9R5nfC-g8qEZyTOtSJEkSUU.roa (raw, json)
Hash identifier: ywX6WtBOvxzuJG0Nz98+14N/+1tTYLocI/hDGCx8+io=
Subject key identifier: 09:9F:16:F5:1E:67:7C:2F:A0:F2:A1:19:C9:33:AD:48:91:24:49:45
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BA0E4D5E7376EAFB29BB97DEDCFD4251C
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/CZ8W9R5nfC-g8qEZyTOtSJEkSUU.roa
Signing time: Sun 05 Nov 2023 19:10:33 +0000
ROA not before: Sun 05 Nov 2023 19:10:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:a0df:45e5/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a0:e4:d5:e7:37:6e:af:b2:9b:b9:7d:ed:cf:d4:25:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 5 19:10:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=099f16f51e677c2fa0f2a119c933ad4891244945
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:64:55:53:cf:8c:30:81:2b:89:1b:e5:41:2f:
d6:ac:64:8a:ff:53:02:ea:9a:c7:b5:b8:4e:11:92:
26:a3:63:67:0c:45:91:44:1c:a5:6b:6f:48:64:58:
db:4c:78:e3:1b:2c:eb:ea:84:f1:f9:04:2f:d3:28:
04:fc:27:27:39:88:4e:a8:e5:4e:5c:cf:c4:d5:26:
09:80:fb:1b:38:4e:cc:db:3a:f8:63:37:c6:ce:29:
68:37:58:92:c3:88:40:8e:40:a3:d6:d1:e4:d1:3b:
9a:8a:34:10:5f:77:1c:6f:4f:e1:4a:c8:bc:24:42:
bb:b3:5e:81:09:7c:3f:e2:86:f1:17:b1:50:be:4d:
00:e7:f7:f9:b9:6d:20:b0:36:18:61:80:7b:73:9e:
ed:7c:5d:aa:c9:d0:61:4f:45:2d:04:05:69:c6:38:
07:83:d4:51:13:23:57:af:80:fc:6b:0b:5c:6c:7e:
b3:e9:ca:c7:73:a5:ba:4f:35:fa:0d:47:72:e1:5c:
ec:38:c5:c3:3b:86:e2:e7:5d:65:66:2b:ea:c1:b2:
23:ff:dc:2c:36:3c:9e:7c:30:57:09:78:b5:5d:11:
e9:79:7f:b9:53:c8:2a:33:ae:66:1c:47:c7:64:f5:
4a:35:53:9f:ad:fb:3f:cc:d0:2a:be:a3:91:31:13:
5c:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:9F:16:F5:1E:67:7C:2F:A0:F2:A1:19:C9:33:AD:48:91:24:49:45
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/CZ8W9R5nfC-g8qEZyTOtSJEkSUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
46:48:f2:6b:39:8b:d4:f5:7c:4c:56:eb:35:4e:f7:6f:ed:1a:
d5:c7:e7:59:bf:f5:39:0f:16:da:63:5c:be:4b:5b:96:cf:a6:
ab:f5:3f:de:d6:5a:9a:09:e2:6b:98:27:29:04:25:d6:dc:b5:
67:a3:b8:3a:4e:53:93:d3:da:df:39:b1:36:53:56:f6:9e:54:
7a:c7:02:05:5b:12:fe:75:1d:85:b5:ff:c3:dd:f6:83:44:a2:
73:70:73:fe:48:4a:10:07:31:a9:91:c6:cd:b8:16:cd:cd:fa:
a0:58:7a:40:b6:5c:49:9a:d2:05:60:c8:60:44:49:23:ff:4e:
8c:53:bb:55:08:9b:34:d6:db:61:27:cd:77:80:8b:25:05:0f:
8a:ed:cc:57:71:63:00:da:9f:c9:09:db:ed:95:d2:a9:f7:2b:
28:9f:63:fc:31:ae:f7:9a:ed:b4:0a:7b:30:ec:f5:85:df:be:
4b:aa:98:32:49:a0:e7:29:65:9c:1b:f5:0e:ca:ac:60:58:c7:
0e:ca:65:8a:09:6b:71:b6:a0:f3:d4:fe:81:c4:d6:e9:96:5d:
19:33:a0:3a:a3:ad:00:61:53:83:8c:93:ff:02:9d:3d:f5:7c:
ff:47:1c:09:f6:19:9e:cc:03:c7:34:d6:e8:2a:d3:e4:ce:cc:
8b:80:0b:b3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYug5NXnN26vspu5fe3P1CUcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA1MTkxMDMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTlmMTZmNTFlNjc3YzJmYTBmMmExMTljOTMzYWQ0ODkxMjQ0OTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4mRVU8+MMIEriRvlQS/WrGSK/1MC
6prHtbhOEZImo2NnDEWRRByla29IZFjbTHjjGyzr6oTx+QQv0ygE/CcnOYhOqOVO
XM/E1SYJgPsbOE7M2zr4YzfGziloN1iSw4hAjkCj1tHk0TuaijQQX3ccb0/hSsi8
JEK7s16BCXw/4obxF7FQvk0A5/f5uW0gsDYYYYB7c57tfF2qydBhT0UtBAVpxjgH
g9RREyNXr4D8awtcbH6z6crHc6W6TzX6DUdy4VzsOMXDO4bi511lZivqwbIj/9ws
NjyefDBXCXi1XRHpeX+5U8gqM65mHEfHZPVKNVOfrfs/zNAqvqORMRNclQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAmfFvUeZ3wvoPKhGckzrUiRJElFMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQ1o4VzlSNW5mQy1nOHFFWnlUT3RTSkVrU1VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEZI8ms5i9T1fExW6zVO
92/tGtXH51m/9TkPFtpjXL5LW5bPpqv1P97WWpoJ4muYJykEJdbctWejuDpOU5PT
2t85sTZTVvaeVHrHAgVbEv51HYW1/8Pd9oNEonNwc/5IShAHMamRxs24Fs3N+qBY
ekC2XEma0gVgyGBESSP/ToxTu1UImzTW22EnzXeAiyUFD4rtzFdxYwDan8kJ2+2V
0qn3KyifY/wxrvea7bQKezDs9YXfvkuqmDJJoOcpZZwb9Q7KrGBYxw7KZYoJa3G2
oPPU/oHE1umWXRkzoDqjrQBhU4OMk/8CnT31fP9HHAn2GZ7MA8c01ugq0+TOzIuA
C7M=
-----END CERTIFICATE-----
Generated at Tue Jun 17 11:12:13 2025 by rpki-client