Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/0l8GgZpGjiwgzYOGtAVf_4uMED0.roa
File: 0l8GgZpGjiwgzYOGtAVf_4uMED0.roa (raw, json)
Hash identifier: 4FUS3Nr7gc1oAKt1rrhJVVw6HxtyM/RBoDU4mp0xRs4=
Subject key identifier: D2:5F:06:81:9A:46:8E:2C:20:CD:83:86:B4:05:5F:FF:8B:8C:10:3D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B8311FCD263DAD02AA40858AD5A6FB7CD
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/0l8GgZpGjiwgzYOGtAVf_4uMED0.roa
Signing time: Tue 31 Oct 2023 00:11:15 +0000
ROA not before: Tue 31 Oct 2023 00:11:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:83:11:fc:d2:63:da:d0:2a:a4:08:58:ad:5a:6f:b7:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 31 00:11:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d25f06819a468e2c20cd8386b4055fff8b8c103d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:50:2a:04:68:c0:de:5f:85:93:15:16:c6:65:
47:58:0c:f9:94:40:aa:65:2f:92:55:80:07:3b:a1:
7d:ec:f2:d4:1d:eb:f0:8d:c8:85:00:c2:8f:ec:a4:
f1:c4:fc:69:20:b7:17:78:97:68:fd:a8:37:a9:6a:
73:80:78:0d:99:c8:9f:9c:32:f9:bf:bc:28:62:f6:
6c:09:48:2d:7e:f7:a5:29:b3:6a:89:34:fb:c0:db:
7b:62:be:0d:9f:49:86:8d:d7:58:18:3e:9d:1f:85:
47:28:3a:64:01:a4:da:80:43:24:a3:74:96:f9:ed:
24:2f:63:82:b3:66:3f:70:d7:ce:97:84:32:ff:83:
04:8e:05:40:f5:4e:45:53:c7:72:dc:f2:0a:dd:4e:
c1:bd:1b:4b:c1:54:9a:d7:96:27:ad:70:3f:ad:ae:
a3:73:25:25:9c:a2:78:ef:2f:3a:aa:bd:0b:25:5b:
ff:7a:1c:7b:40:55:97:8d:d1:d5:bb:a3:2d:b5:f5:
82:99:07:24:14:9b:93:7a:95:87:ba:6d:dc:a7:8e:
ab:0a:4d:6f:1b:c5:f6:5f:43:43:da:9b:68:18:26:
4a:46:b3:65:3b:4a:33:fc:18:89:13:e4:bf:9c:89:
cc:37:75:b5:08:ed:af:e7:e4:a5:b0:53:d1:eb:c6:
a4:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:5F:06:81:9A:46:8E:2C:20:CD:83:86:B4:05:5F:FF:8B:8C:10:3D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/0l8GgZpGjiwgzYOGtAVf_4uMED0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6d:7f:fb:92:23:2e:b9:e1:5f:95:69:50:74:92:25:1c:ae:45:
1c:ee:22:89:de:7a:fc:d8:38:23:43:9d:f7:c0:69:66:03:41:
7b:7d:82:db:80:94:41:54:7e:98:56:c9:b2:1b:08:1c:6f:68:
63:3d:df:a5:19:99:05:1a:2d:91:0c:7a:99:d1:f8:a1:01:1a:
2c:5c:72:7f:60:78:3b:dc:2e:d5:90:76:2b:ea:0b:28:d7:09:
ba:a7:81:53:6f:cf:98:ca:85:9c:40:68:8a:2b:08:40:11:45:
7a:ea:53:43:36:cc:2b:b2:9e:aa:38:30:9d:31:6a:65:ff:dc:
a2:ed:67:50:a9:82:bb:24:75:57:9e:19:3a:5b:ca:a5:60:21:
9e:cf:ab:a7:2d:e6:d5:01:0e:65:16:2e:13:6b:32:a4:b2:1b:
d8:ff:80:5a:4e:59:40:59:ef:43:ea:db:dc:f7:2b:e7:b9:47:
01:b9:ec:62:a1:fd:da:15:72:28:45:67:6a:c1:52:8c:bd:31:
d3:23:31:2b:e5:db:c9:c1:f6:11:0b:92:65:44:c5:a2:4e:3e:
06:ac:15:e0:ff:36:34:75:e0:6d:37:bd:8b:e1:0e:f9:da:b1:
f5:51:f7:fa:09:23:8a:07:99:47:d7:7a:67:4d:44:05:2e:1b:
15:5e:bf:93
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuDEfzSY9rQKqQIWK1ab7fNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDMxMDAxMTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjVmMDY4MTlhNDY4ZTJjMjBjZDgzODZiNDA1NWZmZjhiOGMxMDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilAqBGjA3l+FkxUWxmVHWAz5lECq
ZS+SVYAHO6F97PLUHevwjciFAMKP7KTxxPxpILcXeJdo/ag3qWpzgHgNmcifnDL5
v7woYvZsCUgtfvelKbNqiTT7wNt7Yr4Nn0mGjddYGD6dH4VHKDpkAaTagEMko3SW
+e0kL2OCs2Y/cNfOl4Qy/4MEjgVA9U5FU8dy3PIK3U7BvRtLwVSa15YnrXA/ra6j
cyUlnKJ47y86qr0LJVv/ehx7QFWXjdHVu6MttfWCmQckFJuTepWHum3cp46rCk1v
G8X2X0ND2ptoGCZKRrNlO0oz/BiJE+S/nInMN3W1CO2v5+SlsFPR68akKQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNJfBoGaRo4sIM2DhrQFX/+LjBA9MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMGw4R2dacEdqaXdnellPR3RBVmZfNHVNRUQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG1/+5IjLrnhX5VpUHSS
JRyuRRzuIoneevzYOCNDnffAaWYDQXt9gtuAlEFUfphWybIbCBxvaGM936UZmQUa
LZEMepnR+KEBGixccn9geDvcLtWQdivqCyjXCbqngVNvz5jKhZxAaIorCEARRXrq
U0M2zCuynqo4MJ0xamX/3KLtZ1CpgrskdVeeGTpbyqVgIZ7Pq6ct5tUBDmUWLhNr
MqSyG9j/gFpOWUBZ70Pq29z3K+e5RwG57GKh/doVcihFZ2rBUoy9MdMjMSvl28nB
9hELkmVExaJOPgasFeD/NjR14G03vYvhDvnasfVR9/oJI4oHmUfXemdNRAUuGxVe
v5M=
-----END CERTIFICATE-----
Generated at Mon Apr 21 11:02:19 2025 by rpki-client