Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/zDynXwRcafWJvTb0m5KvY_B8OLs.roa
File: zDynXwRcafWJvTb0m5KvY_B8OLs.roa (raw, json)
Hash identifier: AEOJy/BMXcOUiNuaT3OW5r+L3ONNmbjYFNLHURiNOjw=
Subject key identifier: CC:3C:A7:5F:04:5C:69:F5:89:BD:36:F4:9B:92:AF:63:F0:7C:38:BB
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ADD2E171E3669DAE49C3FB1721AC05FEC
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/zDynXwRcafWJvTb0m5KvY_B8OLs.roa
Signing time: Thu 28 Sep 2023 19:04:59 +0000
ROA not before: Thu 28 Sep 2023 19:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:dd2d:ce18/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:dd:2e:17:1e:36:69:da:e4:9c:3f:b1:72:1a:c0:5f:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 28 19:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc3ca75f045c69f589bd36f49b92af63f07c38bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b3:33:4a:ce:ad:93:b5:1f:1f:ba:d9:1a:80:
e3:c9:2f:b1:6a:e5:cf:f3:c6:b3:9a:56:92:08:3f:
48:77:c6:79:2e:c9:30:b7:51:4c:87:5f:24:99:7c:
21:5e:bd:2b:47:7b:ee:36:b3:33:df:19:be:81:6f:
fb:e0:f6:06:92:d0:92:8d:15:a1:ef:df:50:97:5d:
45:9b:1d:cb:df:dc:ec:ec:e2:4b:06:7d:c4:f6:2e:
e2:f2:a2:fe:27:27:5b:b2:ed:b6:c3:27:3e:52:25:
41:e0:29:b5:b8:68:d2:dc:51:ab:52:dd:b8:59:a1:
06:73:ad:a6:e1:f4:df:5c:50:00:33:19:db:20:8a:
0a:f9:65:e8:ae:c8:87:ff:b1:39:f5:f4:de:8b:89:
eb:9c:8c:89:12:0a:08:96:db:58:f5:89:1e:99:d2:
64:e4:9b:3e:09:a5:4c:9a:77:4d:82:e5:60:3a:1d:
a2:c8:5c:fd:85:4b:21:cd:85:fc:eb:c0:61:70:70:
a8:7a:fc:86:6e:56:53:07:17:00:c3:c6:da:40:77:
fd:d2:a2:b9:7f:eb:1d:8d:93:93:34:18:bb:22:4b:
33:19:97:70:48:fe:20:51:9e:5b:f9:7f:c5:7a:17:
08:65:75:e5:8e:74:0d:78:b7:b7:84:8c:ce:1c:b1:
21:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:3C:A7:5F:04:5C:69:F5:89:BD:36:F4:9B:92:AF:63:F0:7C:38:BB
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/zDynXwRcafWJvTb0m5KvY_B8OLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b4:2a:20:97:b2:e0:8b:77:b0:66:df:df:e0:b4:72:c6:1a:7b:
48:a3:d5:d2:eb:59:70:1d:f2:6e:86:e2:f7:57:a5:dd:21:51:
41:24:2a:a5:08:03:76:da:da:17:72:a6:b8:de:80:fb:c2:8d:
ef:6f:c9:fe:b3:8b:10:e5:e7:cf:f4:ab:93:27:0d:80:f1:e2:
03:a0:85:7e:0e:1d:d0:42:69:73:7d:6b:49:67:45:51:ff:44:
8c:c7:ed:5c:87:23:85:85:cf:62:db:4b:7c:db:b7:eb:bb:66:
a9:dc:d2:52:48:f2:51:fc:b9:da:35:ad:27:6a:f4:e7:4d:1d:
da:09:55:ba:97:f9:ae:5d:9a:0f:db:bd:3b:bf:1f:59:a1:13:
15:1e:d0:7a:4e:3d:a9:5f:b7:2a:65:00:9d:cc:1a:da:db:09:
15:9e:74:ff:c3:89:01:a6:ce:af:b9:94:3a:ec:1d:f2:63:7f:
e4:89:0b:73:0b:73:c2:17:72:f7:7a:92:dd:cf:57:2a:0b:22:
18:ff:6d:a5:2f:a8:29:b4:aa:fb:62:ea:3e:7f:8c:66:43:8a:
50:b2:8e:48:f4:c8:04:37:9f:a4:8d:96:77:4c:88:80:ec:f3:
73:5a:75:1b:f0:50:01:df:9d:39:27:16:2f:f0:24:03:b6:b5:
34:b6:df:52
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrdLhceNmna5Jw/sXIawF/sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI4MTkwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzNjYTc1ZjA0NWM2OWY1ODliZDM2ZjQ5YjkyYWY2M2YwN2MzOGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLMzSs6tk7UfH7rZGoDjyS+xauXP
88azmlaSCD9Id8Z5Lskwt1FMh18kmXwhXr0rR3vuNrMz3xm+gW/74PYGktCSjRWh
799Ql11Fmx3L39zs7OJLBn3E9i7i8qL+Jydbsu22wyc+UiVB4Cm1uGjS3FGrUt24
WaEGc62m4fTfXFAAMxnbIIoK+WXorsiH/7E59fTei4nrnIyJEgoIlttY9YkemdJk
5Js+CaVMmndNguVgOh2iyFz9hUshzYX868BhcHCoevyGblZTBxcAw8baQHf90qK5
f+sdjZOTNBi7IkszGZdwSP4gUZ5b+X/FehcIZXXljnQNeLe3hIzOHLEhHQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMw8p18EXGn1ib029JuSr2PwfDi7MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvekR5blh3UmNhZldKdlRiMG01S3ZZX0I4T0xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALQqIJey4It3sGbf3+C0
csYae0ij1dLrWXAd8m6G4vdXpd0hUUEkKqUIA3ba2hdyprjegPvCje9vyf6zixDl
58/0q5MnDYDx4gOghX4OHdBCaXN9a0lnRVH/RIzH7VyHI4WFz2LbS3zbt+u7Zqnc
0lJI8lH8udo1rSdq9OdNHdoJVbqX+a5dmg/bvTu/H1mhExUe0HpOPalftyplAJ3M
GtrbCRWedP/DiQGmzq+5lDrsHfJjf+SJC3MLc8IXcvd6kt3PVyoLIhj/baUvqCm0
qvti6j5/jGZDilCyjkj0yAQ3n6SNlndMiIDs83NadRvwUAHfnTknFi/wJAO2tTS2
31I=
-----END CERTIFICATE-----
Generated at Tue Jun 17 09:40:04 2025 by rpki-client