Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/vzKkSAqTK-iJ8UMG8J6hWDLUkgw.roa
File: vzKkSAqTK-iJ8UMG8J6hWDLUkgw.roa (raw, json)
Hash identifier: afw6+o5q94j9s/Ctv7MQWHSG1L8duSxj4euZlL9Myes=
Subject key identifier: BF:32:A4:48:0A:93:2B:E8:89:F1:43:06:F0:9E:A1:58:32:D4:92:0C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B1BD6FB83DDF8E32246ED72F9EC2E1339
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/vzKkSAqTK-iJ8UMG8J6hWDLUkgw.roa
Signing time: Tue 10 Oct 2023 23:05:55 +0000
ROA not before: Tue 10 Oct 2023 23:05:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18b:1bd6:4916/128 maxlen: 128
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1b:d6:fb:83:dd:f8:e3:22:46:ed:72:f9:ec:2e:13:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 10 23:05:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf32a4480a932be889f14306f09ea15832d4920c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:8b:d4:d9:a8:af:7c:09:51:af:d3:60:f5:82:
d2:f9:57:2b:79:b8:d4:24:1d:56:99:8b:d7:10:eb:
43:5f:27:99:d1:65:e4:9c:fd:d8:fb:f0:80:55:d8:
9b:43:61:75:ae:61:ca:ef:e0:41:97:fb:d3:06:b1:
44:1f:ff:31:38:1a:50:d1:a7:86:97:c8:23:bd:ee:
de:5a:85:26:12:17:78:6f:13:3e:3d:ad:61:59:de:
a3:57:57:8c:04:dd:82:50:2d:ba:2b:bc:ef:f2:f9:
a7:cf:78:bf:d7:0c:8f:ce:fd:d4:dc:c9:08:e4:65:
93:15:79:7c:77:c5:4c:17:f3:d1:09:75:5f:5d:8d:
6e:58:6e:d4:98:a4:85:24:64:f2:95:a0:47:42:31:
a4:dc:dc:f5:45:6a:44:e3:87:0e:71:a4:73:64:fe:
ca:4b:c3:6f:d3:4e:5c:c5:a7:12:ff:56:34:af:ce:
fb:96:7d:1b:59:2a:54:b6:1e:fa:2d:2c:a4:ce:45:
50:95:96:a7:a6:72:73:b4:11:09:b6:03:9b:14:5f:
84:7f:bc:c1:51:f1:74:38:90:f2:0d:ba:0f:ea:4d:
73:53:ad:a2:11:16:b7:f4:69:55:bb:fe:3c:0d:7e:
70:bc:7c:d1:85:26:a1:b8:de:01:c9:1e:0b:b2:72:
fb:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:32:A4:48:0A:93:2B:E8:89:F1:43:06:F0:9E:A1:58:32:D4:92:0C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/vzKkSAqTK-iJ8UMG8J6hWDLUkgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7e:4b:49:2d:e3:14:bb:87:cf:2e:cf:4d:7d:29:08:08:67:21:
dd:ca:74:24:39:f9:85:3a:97:8e:be:ed:0c:88:5e:1d:d8:88:
6a:bb:36:2b:85:5c:f2:f6:5f:6e:b9:b9:44:60:cd:9c:65:24:
47:5b:4b:e2:4c:e3:f5:b0:29:72:4f:47:a9:e8:01:89:aa:33:
fc:56:3b:b8:cc:5e:c3:91:87:4d:c4:ef:7d:1f:ac:22:06:b8:
bf:cb:85:f5:a6:20:33:c2:5e:d4:bc:a1:8f:ee:d8:0c:60:e2:
ea:f5:80:5b:f3:63:6e:a5:70:06:c4:15:e2:6e:37:93:5d:46:
28:0f:2f:11:c6:bf:e6:7a:4e:86:66:27:f1:5c:b1:c1:a0:5a:
6e:9c:36:a6:cc:9b:0d:84:30:b5:ce:7c:8b:20:04:8b:ad:fc:
9d:3c:ca:b8:59:d6:4e:aa:95:e6:1c:16:91:5a:ff:24:a8:55:
53:35:35:3d:12:ca:c0:b0:2c:60:8e:fe:3f:18:3c:7a:30:5a:
87:9c:3f:8e:d0:b4:2b:60:0f:67:51:20:fd:1c:24:80:8e:55:
42:1b:92:1d:21:ad:50:2d:e1:51:ef:5b:68:1c:1a:db:9a:bd:
5f:f7:4a:bc:9d:e2:df:df:73:5b:0e:58:22:ee:a3:bc:49:e9:
de:4f:8e:01
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsb1vuD3fjjIkbtcvnsLhM5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDEwMjMwNTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjMyYTQ0ODBhOTMyYmU4ODlmMTQzMDZmMDllYTE1ODMyZDQ5MjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYvU2aivfAlRr9Ng9YLS+VcrebjU
JB1WmYvXEOtDXyeZ0WXknP3Y+/CAVdibQ2F1rmHK7+BBl/vTBrFEH/8xOBpQ0aeG
l8gjve7eWoUmEhd4bxM+Pa1hWd6jV1eMBN2CUC26K7zv8vmnz3i/1wyPzv3U3MkI
5GWTFXl8d8VMF/PRCXVfXY1uWG7UmKSFJGTylaBHQjGk3Nz1RWpE44cOcaRzZP7K
S8Nv005cxacS/1Y0r877ln0bWSpUth76LSykzkVQlZanpnJztBEJtgObFF+Ef7zB
UfF0OJDyDboP6k1zU62iERa39GlVu/48DX5wvHzRhSahuN4ByR4LsnL7nQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL8ypEgKkyvoifFDBvCeoVgy1JIMMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdnpLa1NBcVRLLWlKOFVNRzhKNmhXRExVa2d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH5LSS3jFLuHzy7PTX0p
CAhnId3KdCQ5+YU6l46+7QyIXh3YiGq7NiuFXPL2X265uURgzZxlJEdbS+JM4/Ww
KXJPR6noAYmqM/xWO7jMXsORh03E730frCIGuL/LhfWmIDPCXtS8oY/u2Axg4ur1
gFvzY26lcAbEFeJuN5NdRigPLxHGv+Z6ToZmJ/FcscGgWm6cNqbMmw2EMLXOfIsg
BIut/J08yrhZ1k6qleYcFpFa/ySoVVM1NT0SysCwLGCO/j8YPHowWoecP47QtCtg
D2dRIP0cJICOVUIbkh0hrVAt4VHvW2gcGtuavV/3Sryd4t/fc1sOWCLuo7xJ6d5P
jgE=
-----END CERTIFICATE-----
Generated at Wed Jun 18 16:26:07 2025 by rpki-client