Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/lz1JNRQdc0SoWVlRTLJL0nrF-5k.roa
File: lz1JNRQdc0SoWVlRTLJL0nrF-5k.roa (raw, json)
Hash identifier: 9ZolXIaQJm/hncttjQEN8ssV8iPt7niBnBb/ldQJTNA=
Subject key identifier: 97:3D:49:35:14:1D:73:44:A8:59:59:51:4C:B2:4B:D2:7A:C5:FB:99
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B9437F13C6ED56FE9FDF52DD1FFF06720
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/lz1JNRQdc0SoWVlRTLJL0nrF-5k.roa
Signing time: Fri 03 Nov 2023 08:06:16 +0000
ROA not before: Fri 03 Nov 2023 08:06:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:9437:1773/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:94:37:f1:3c:6e:d5:6f:e9:fd:f5:2d:d1:ff:f0:67:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 3 08:06:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=973d4935141d7344a85959514cb24bd27ac5fb99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:8d:0a:dd:f8:02:8f:0b:c8:f4:b9:56:71:79:
35:78:2e:bc:74:d9:44:0f:d9:60:7e:dd:a1:10:02:
48:11:41:bd:81:35:7b:0f:67:95:d2:34:eb:b8:4a:
4a:49:f3:ac:06:c8:84:7c:01:0c:a6:6e:82:c4:26:
3c:37:23:56:4c:ad:19:66:ec:02:20:30:34:96:1e:
a2:6d:74:16:45:ed:4e:89:39:72:0c:6d:35:7c:c5:
da:e8:9d:35:6f:99:71:23:b5:a5:c1:1d:29:ce:97:
fe:cd:ee:72:00:b6:69:41:f1:49:be:4a:a5:ba:1d:
27:6a:dd:4e:57:1a:36:1d:ea:04:55:a2:da:4a:7d:
de:3d:76:85:22:16:fb:c4:c7:6f:fe:91:4f:66:0e:
f3:2f:73:4b:d7:d4:4c:a6:6d:34:ea:80:17:86:16:
4b:ff:1e:c6:d5:48:3f:e0:df:91:7d:74:16:1b:7c:
ec:11:90:48:df:f0:fc:dc:d7:47:4d:13:6d:03:90:
a1:92:e5:a1:82:51:3e:be:71:06:3c:0e:43:7a:b5:
01:9c:23:db:3d:98:63:da:e2:08:49:ea:07:c0:fe:
6e:2c:c3:0d:29:cd:c6:47:00:25:4e:fd:22:e8:b4:
6e:fb:61:62:83:99:d0:ad:cc:54:f3:c6:32:5d:b9:
ec:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:3D:49:35:14:1D:73:44:A8:59:59:51:4C:B2:4B:D2:7A:C5:FB:99
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/lz1JNRQdc0SoWVlRTLJL0nrF-5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
75:e3:99:86:1a:b5:c3:ea:bc:dd:5b:da:a0:e4:18:47:8f:85:
80:9e:d2:eb:73:44:cb:fa:fc:30:fd:8c:8f:ec:22:f6:de:b2:
c4:5e:2b:f1:c1:45:00:cc:3e:fb:5b:66:15:8b:0f:4b:be:9b:
d0:37:0f:02:88:ea:55:6e:89:65:e7:90:07:4c:ec:11:49:69:
f8:12:1d:f3:01:c5:0b:52:2f:24:21:b2:cb:46:4c:e7:85:d8:
3e:9c:6a:de:f7:4a:f9:26:3f:16:29:2c:b0:8a:28:df:cb:11:
6a:ff:bd:8d:7b:eb:99:c6:49:96:6a:07:50:bd:5b:d2:5a:d0:
8d:bc:35:0d:4a:6b:1e:20:76:8c:89:42:07:e9:5b:92:e0:74:
d5:f9:02:69:4f:7c:35:a7:f0:8d:3f:e7:93:64:5e:5f:ab:d1:
6e:48:24:85:58:8e:5f:1b:67:c6:44:05:fe:75:be:2f:6c:91:
2d:e4:ba:f2:40:8c:57:5e:d1:ba:b9:8f:93:43:d6:2d:ff:8d:
18:29:b1:17:5f:d8:d4:8b:45:39:38:44:f1:c8:47:77:c7:07:
00:e3:ce:9e:eb:02:45:50:96:aa:61:81:6a:0b:4b:a8:f7:fc:
36:95:17:ca:a7:1c:77:5a:a1:15:8e:2c:c3:e9:26:90:d1:2b:
0b:b9:ea:2f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuUN/E8btVv6f31LdH/8GcgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTAzMDgwNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzNkNDkzNTE0MWQ3MzQ0YTg1OTU5NTE0Y2IyNGJkMjdhYzVmYjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuY0K3fgCjwvI9LlWcXk1eC68dNlE
D9lgft2hEAJIEUG9gTV7D2eV0jTruEpKSfOsBsiEfAEMpm6CxCY8NyNWTK0ZZuwC
IDA0lh6ibXQWRe1OiTlyDG01fMXa6J01b5lxI7WlwR0pzpf+ze5yALZpQfFJvkql
uh0nat1OVxo2HeoEVaLaSn3ePXaFIhb7xMdv/pFPZg7zL3NL19RMpm006oAXhhZL
/x7G1Ug/4N+RfXQWG3zsEZBI3/D83NdHTRNtA5ChkuWhglE+vnEGPA5DerUBnCPb
PZhj2uIISeoHwP5uLMMNKc3GRwAlTv0i6LRu+2Fig5nQrcxU88YyXbnszQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJc9STUUHXNEqFlZUUyyS9J6xfuZMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbHoxSk5SUWRjMFNvV1ZsUlRMSkwwbnJGLTVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHXjmYYatcPqvN1b2qDk
GEePhYCe0utzRMv6/DD9jI/sIvbessReK/HBRQDMPvtbZhWLD0u+m9A3DwKI6lVu
iWXnkAdM7BFJafgSHfMBxQtSLyQhsstGTOeF2D6cat73SvkmPxYpLLCKKN/LEWr/
vY1765nGSZZqB1C9W9Ja0I28NQ1Kax4gdoyJQgfpW5LgdNX5AmlPfDWn8I0/55Nk
Xl+r0W5IJIVYjl8bZ8ZEBf51vi9skS3kuvJAjFde0bq5j5ND1i3/jRgpsRdf2NSL
RTk4RPHIR3fHBwDjzp7rAkVQlqphgWoLS6j3/DaVF8qnHHdaoRWOLMPpJpDRKwu5
6i8=
-----END CERTIFICATE-----
Generated at Mon Jun 16 19:29:26 2025 by rpki-client