Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/15AhuvmOQ61UxtyOaGrJfQxWu18.roa
File: 15AhuvmOQ61UxtyOaGrJfQxWu18.roa (raw, json)
Hash identifier: sHwfMRtkZa6StueZoaNG90pIusmrJHW6W/5GpHi9mYI=
Subject key identifier: D7:90:21:BA:F9:8E:43:AD:54:C6:DC:8E:68:6A:C9:7D:0C:56:BB:5F
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BBCCC257B1A09EBDA7F9086047268333A
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/15AhuvmOQ61UxtyOaGrJfQxWu18.roa
Signing time: Sat 11 Nov 2023 05:12:57 +0000
ROA not before: Sat 11 Nov 2023 05:12:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:bc:cc:25:7b:1a:09:eb:da:7f:90:86:04:72:68:33:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 11 05:12:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d79021baf98e43ad54c6dc8e686ac97d0c56bb5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:8a:f8:f4:9e:65:56:52:cf:9c:fb:52:17:fd:
71:9c:fd:88:42:9d:e7:aa:7d:b5:eb:cd:55:83:42:
ab:9b:03:9e:67:74:70:b1:03:95:1c:f7:aa:90:c8:
ff:2a:d0:f1:de:c5:e3:d8:cb:7a:ea:e1:95:1f:23:
29:33:1f:d6:6a:ad:92:0d:2c:6a:e5:df:41:73:25:
12:d9:53:58:68:ef:18:a7:e2:30:24:c7:f1:96:5f:
6f:7a:23:99:a0:a0:50:cf:5f:84:60:bd:79:8f:8c:
0e:01:da:6e:18:84:d7:2f:40:e8:24:9e:30:c5:17:
25:29:73:bd:e9:95:44:4f:47:37:28:6a:75:96:83:
e2:7b:60:c1:7e:85:72:65:74:a1:39:70:80:4f:b3:
e0:5e:63:74:a8:26:6e:96:fd:ba:d4:3a:52:87:de:
da:c6:8f:59:82:ec:8b:1a:e9:39:4b:a6:e8:19:8b:
d5:7d:eb:c7:1c:1d:0b:6c:33:fd:58:e4:97:2c:b3:
27:fe:4d:4f:56:35:4e:8c:89:e5:7f:41:3f:8c:6a:
79:2d:ca:b2:89:90:1c:84:c2:40:2b:c7:80:86:69:
79:2c:20:77:4d:9e:c0:91:92:85:d8:f1:3f:41:71:
b3:29:45:be:f1:71:8a:59:05:52:7f:74:6e:be:a1:
a6:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:90:21:BA:F9:8E:43:AD:54:C6:DC:8E:68:6A:C9:7D:0C:56:BB:5F
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/15AhuvmOQ61UxtyOaGrJfQxWu18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1b:50:ba:0d:23:98:5e:d2:32:44:e7:a6:70:fb:b7:1b:b4:ea:
da:50:e8:bd:2b:ac:b7:16:cc:cc:fe:3a:3d:5e:a7:62:33:36:
b0:6d:7c:c7:85:09:9b:95:68:e2:30:ce:97:4f:ef:c1:0d:af:
91:97:64:4a:9a:5c:21:73:58:7f:fe:65:29:cf:d1:23:b4:6a:
de:e8:4b:4a:78:39:89:ad:82:d0:d1:e7:23:08:1e:00:e4:a1:
23:d9:f7:82:b3:1e:4b:c2:6e:2e:83:1f:bc:80:4e:51:eb:ca:
58:82:47:85:89:fa:a7:a0:e7:0f:89:81:3f:30:72:0d:70:18:
21:ec:7d:36:cb:6a:9e:b8:b8:cf:34:b7:60:71:ce:36:03:7b:
17:48:12:14:84:97:2f:a4:ac:64:f5:a7:57:ac:96:1d:a7:27:
23:c1:6d:af:c6:c9:f7:4b:02:91:74:9f:9b:e8:28:2b:bb:bb:
e1:18:f9:2e:c0:7f:21:db:ce:ef:c1:8e:d7:be:70:75:a0:9d:
47:aa:41:39:d3:cf:b6:75:ae:68:7d:92:fd:24:59:ad:d8:48:
f0:e4:21:39:b9:92:26:c3:bf:71:a2:30:02:4f:34:79:9b:1e:
32:0b:3c:b2:85:fb:03:4b:82:1e:bb:4e:1d:29:b8:90:ee:e1:
41:e1:92:fd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYu8zCV7Ggnr2n+QhgRyaDM6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTExMDUxMjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzkwMjFiYWY5OGU0M2FkNTRjNmRjOGU2ODZhYzk3ZDBjNTZiYjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAior49J5lVlLPnPtSF/1xnP2IQp3n
qn21681Vg0KrmwOeZ3RwsQOVHPeqkMj/KtDx3sXj2Mt66uGVHyMpMx/Waq2SDSxq
5d9BcyUS2VNYaO8Yp+IwJMfxll9veiOZoKBQz1+EYL15j4wOAdpuGITXL0DoJJ4w
xRclKXO96ZVET0c3KGp1loPie2DBfoVyZXShOXCAT7PgXmN0qCZulv261DpSh97a
xo9ZguyLGuk5S6boGYvVfevHHB0LbDP9WOSXLLMn/k1PVjVOjInlf0E/jGp5Lcqy
iZAchMJAK8eAhml5LCB3TZ7AkZKF2PE/QXGzKUW+8XGKWQVSf3RuvqGm3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNeQIbr5jkOtVMbcjmhqyX0MVrtfMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMTVBaHV2bU9RNjFVeHR5T2FHckpmUXhXdTE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABtQug0jmF7SMkTnpnD7
txu06tpQ6L0rrLcWzMz+Oj1ep2IzNrBtfMeFCZuVaOIwzpdP78ENr5GXZEqaXCFz
WH/+ZSnP0SO0at7oS0p4OYmtgtDR5yMIHgDkoSPZ94KzHkvCbi6DH7yATlHryliC
R4WJ+qeg5w+JgT8wcg1wGCHsfTbLap64uM80t2BxzjYDexdIEhSEly+krGT1p1es
lh2nJyPBba/GyfdLApF0n5voKCu7u+EY+S7AfyHbzu/Bjte+cHWgnUeqQTnTz7Z1
rmh9kv0kWa3YSPDkITm5kibDv3GiMAJPNHmbHjILPLKF+wNLgh67Th0puJDu4UHh
kv0=
-----END CERTIFICATE-----
Generated at Tue Apr 22 00:51:26 2025 by rpki-client