Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/zzY7U6lsDE8rVKJl16H3Hw9TUfU.roa
File: zzY7U6lsDE8rVKJl16H3Hw9TUfU.roa (raw, json)
Hash identifier: EpyejfOyzkURPIVwBfsNQJJq+udL2jh0Jv/tfmljnrs=
Subject key identifier: CF:36:3B:53:A9:6C:0C:4F:2B:54:A2:65:D7:A1:F7:1F:0F:53:51:F5
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B2C25C9F965239D33579F9075DBE8180A
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/zzY7U6lsDE8rVKJl16H3Hw9TUfU.roa
Signing time: Sat 14 Oct 2023 03:05:55 +0000
ROA not before: Sat 14 Oct 2023 03:05:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64:ffff:0:18b:2c25:d87/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:2c:25:c9:f9:65:23:9d:33:57:9f:90:75:db:e8:18:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 14 03:05:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf363b53a96c0c4f2b54a265d7a1f71f0f5351f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:0a:48:59:f4:6f:a8:0e:ae:45:9e:a5:0b:28:
2a:74:a1:57:7d:db:8e:08:b2:25:3b:43:2f:a1:c8:
34:87:a2:82:2a:2e:a7:aa:35:43:3a:56:d3:9f:e9:
23:0d:99:f5:44:bc:a3:d3:63:9a:ca:25:aa:d2:6c:
7b:a3:c2:5b:30:7b:de:89:1f:bc:e9:ef:5c:a2:b9:
9e:6f:bd:61:b1:f1:9a:61:1b:e7:86:dc:f2:2b:ec:
99:5f:c8:a4:d0:95:0a:85:da:a7:c8:aa:ba:0f:d2:
a2:96:0b:67:d7:5d:c3:ee:80:ba:99:98:4d:12:8b:
de:9e:0a:5b:ee:f3:de:f4:a4:3b:9f:4c:54:c9:02:
9c:9d:88:b4:c7:09:db:92:0a:ae:eb:f1:b6:96:e8:
33:ad:1e:59:f0:0c:e1:fe:c3:f3:eb:86:eb:c0:67:
02:c5:91:89:08:e7:c6:ac:fd:44:a0:37:17:eb:20:
89:76:ae:e2:ec:c5:99:ec:2e:a4:ea:2c:bd:37:f3:
7e:02:ec:c5:05:cb:e3:1a:c2:11:7f:b1:e1:4c:9c:
58:16:22:4e:26:e8:3b:a7:a3:c9:26:59:cf:30:5a:
e3:9f:34:e5:6f:59:ec:27:e5:05:8c:a9:b8:b1:23:
71:72:b9:f1:5e:34:3c:f6:24:52:d9:ee:b0:7f:b3:
56:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:36:3B:53:A9:6C:0C:4F:2B:54:A2:65:D7:A1:F7:1F:0F:53:51:F5
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/zzY7U6lsDE8rVKJl16H3Hw9TUfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
bb:02:4a:4c:ef:94:6a:bb:60:4e:2d:7e:31:68:f0:64:dc:6d:
20:3c:6f:bc:d6:7b:9a:fd:fe:0f:2d:d6:73:5b:11:53:68:4e:
be:f2:ed:31:8a:06:f1:88:6c:c0:fa:24:58:7a:1c:16:3a:68:
94:e6:d4:02:37:fd:57:d0:62:b5:64:79:9b:86:56:f2:31:5e:
86:ee:8a:ca:9d:a4:2e:4f:ca:47:3b:90:ea:fd:1f:ba:3c:46:
7f:50:9c:cd:ef:e9:13:43:23:48:0b:37:dc:c3:50:ab:ab:28:
ed:31:db:6c:92:47:dd:d4:0e:62:6f:d7:e9:b4:b4:78:7b:b5:
d1:ea:1e:53:72:20:d9:9e:d3:44:41:0c:0f:05:d6:53:06:02:
89:5e:26:9a:2f:33:d9:9c:75:1f:cd:ff:f3:9d:ad:ed:4b:de:
27:3d:1f:3a:2d:f3:ff:d6:bc:ef:f4:a3:49:43:3b:5c:0d:58:
57:ae:7b:a7:15:7e:40:9f:91:e6:fe:81:d0:53:7f:e1:83:5e:
25:c4:c4:a4:89:13:5f:ef:30:e9:da:7c:56:50:3d:3d:7f:37:
d7:0a:47:2a:8e:5e:5f:03:c4:74:73:58:47:7e:6f:f9:97:e0:
f1:1f:22:57:e0:d5:be:e5:af:40:5d:09:5a:25:75:3d:e7:4d:
ce:ff:db:3e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYssJcn5ZSOdM1efkHXb6BgKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE0MDMwNTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjM2M2I1M2E5NmMwYzRmMmI1NGEyNjVkN2ExZjcxZjBmNTM1MWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQpIWfRvqA6uRZ6lCygqdKFXfduO
CLIlO0Mvocg0h6KCKi6nqjVDOlbTn+kjDZn1RLyj02OayiWq0mx7o8JbMHveiR+8
6e9cormeb71hsfGaYRvnhtzyK+yZX8ik0JUKhdqnyKq6D9Kilgtn113D7oC6mZhN
Eovengpb7vPe9KQ7n0xUyQKcnYi0xwnbkgqu6/G2lugzrR5Z8Azh/sPz64brwGcC
xZGJCOfGrP1EoDcX6yCJdq7i7MWZ7C6k6iy9N/N+AuzFBcvjGsIRf7HhTJxYFiJO
Jug7p6PJJlnPMFrjnzTlb1nsJ+UFjKm4sSNxcrnxXjQ89iRS2e6wf7NWawIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM82O1OpbAxPK1SiZdeh9x8PU1H1MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvenpZN1U2bHNERThyVktKbDE2SDNIdzlUVWZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALsCSkzvlGq7YE4tfjFo
8GTcbSA8b7zWe5r9/g8t1nNbEVNoTr7y7TGKBvGIbMD6JFh6HBY6aJTm1AI3/VfQ
YrVkeZuGVvIxXobuisqdpC5Pykc7kOr9H7o8Rn9QnM3v6RNDI0gLN9zDUKurKO0x
22ySR93UDmJv1+m0tHh7tdHqHlNyINme00RBDA8F1lMGAoleJpovM9mcdR/N//Od
re1L3ic9Hzot8//WvO/0o0lDO1wNWFeue6cVfkCfkeb+gdBTf+GDXiXExKSJE1/v
MOnafFZQPT1/N9cKRyqOXl8DxHRzWEd+b/mX4PEfIlfg1b7lr0BdCVoldT3nTc7/
2z4=
-----END CERTIFICATE-----
Generated at Fri Jun 20 00:56:38 2025 by rpki-client