Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1d5EScHvHJ3vFt9ec4d3uP64O7U.roa
File: 1d5EScHvHJ3vFt9ec4d3uP64O7U.roa (raw, json)
Hash identifier: 0xIc59XkrIBoaiR3FdfzuRqYfFre4ZJwoJL9DQ0rekI=
Subject key identifier: D5:DE:44:49:C1:EF:1C:9D:EF:16:DF:5E:73:87:77:B8:FE:B8:3B:B5
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B1D94D7EB531C7272FE26635B2019B8F7
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1d5EScHvHJ3vFt9ec4d3uP64O7U.roa
Signing time: Wed 11 Oct 2023 07:12:55 +0000
ROA not before: Wed 11 Oct 2023 07:12:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1d:94:d7:eb:53:1c:72:72:fe:26:63:5b:20:19:b8:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 11 07:12:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5de4449c1ef1c9def16df5e738777b8feb83bb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:7c:70:ac:f0:d5:cb:50:bc:14:3a:d6:c6:c2:
ba:08:17:79:b7:6e:08:9a:61:c2:5f:64:11:8f:d7:
16:f0:0c:ce:a1:7f:9a:06:f9:ea:c7:2c:78:69:1a:
9f:ba:d1:62:0a:a1:85:7c:2e:ed:b2:52:87:71:e7:
8a:29:ce:9b:c2:76:0b:8b:bb:e3:cf:c1:47:88:80:
0f:62:cb:8d:a4:ed:7c:09:ac:fd:21:f8:d6:b1:54:
66:41:8f:29:4e:56:23:4d:d4:62:fc:8d:5e:25:3b:
86:75:c2:67:8f:03:50:25:5b:e7:37:4e:dd:83:a3:
0f:5e:74:89:a0:f5:f2:6d:95:da:e5:a6:b5:9a:39:
35:96:9f:ff:a3:06:e5:d9:c5:e8:ae:9e:bc:f7:d3:
19:0e:b8:c4:73:6d:00:29:f0:43:8e:1f:41:0a:6e:
49:8f:df:43:43:6e:d6:e8:36:2b:6a:b7:23:7a:02:
ea:a4:05:61:c1:7c:ce:64:96:ad:85:cb:ad:8f:4a:
b8:4b:5d:9d:02:a1:ce:95:50:f6:54:e8:a0:8b:32:
d8:13:ff:c6:d1:1f:ce:69:e4:f0:29:9b:1d:ed:c0:
ea:35:17:6e:2b:50:75:e4:3d:ea:c0:ad:f2:c8:eb:
bd:54:57:ff:a6:d1:6b:15:31:ca:38:42:2c:7c:e5:
87:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:DE:44:49:C1:EF:1C:9D:EF:16:DF:5E:73:87:77:B8:FE:B8:3B:B5
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1d5EScHvHJ3vFt9ec4d3uP64O7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
79:30:8b:0c:ea:ed:1e:0a:10:06:eb:89:3b:9b:a9:8c:b5:1f:
a5:1e:78:d6:f5:50:53:93:7f:36:56:94:74:9a:16:0a:77:f2:
06:87:33:fd:59:49:4c:80:eb:20:0f:5b:bf:1e:14:e7:ae:6a:
b5:ff:7a:42:22:81:1c:f4:f3:a8:e5:29:11:95:44:b4:c5:43:
1a:df:e4:c0:6f:c4:6f:ad:40:60:20:49:21:64:94:36:f4:a2:
4e:30:28:bc:04:8e:e7:61:41:22:20:db:8d:91:3e:c5:69:68:
b4:6d:a4:ef:eb:4c:8e:2e:25:ab:50:93:b6:42:50:de:35:bc:
76:f3:97:2e:0b:af:0c:08:c5:76:26:e7:29:a8:e6:f1:d7:4e:
8a:9a:ae:fc:40:45:66:be:f9:a4:e8:64:0c:ac:cf:a2:58:52:
2b:ce:9f:7b:c7:a6:42:25:fd:9d:1f:af:82:5f:74:85:15:23:
51:ed:a6:25:e8:47:0a:41:93:c7:fb:9c:d5:e2:77:62:66:d1:
36:97:3e:60:78:d2:bb:22:8f:c8:40:c4:b1:2f:ad:6b:17:11:
43:c7:72:8f:aa:ea:f4:f4:07:40:ad:c3:1d:b3:11:ca:63:0e:
6a:6d:da:36:8a:4e:e4:42:59:a1:c4:a7:32:60:0d:e9:d1:4c:
ac:42:24:e9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsdlNfrUxxycv4mY1sgGbj3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDExMDcxMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWRlNDQ0OWMxZWYxYzlkZWYxNmRmNWU3Mzg3NzdiOGZlYjgzYmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXxwrPDVy1C8FDrWxsK6CBd5t24I
mmHCX2QRj9cW8AzOoX+aBvnqxyx4aRqfutFiCqGFfC7tslKHceeKKc6bwnYLi7vj
z8FHiIAPYsuNpO18Caz9IfjWsVRmQY8pTlYjTdRi/I1eJTuGdcJnjwNQJVvnN07d
g6MPXnSJoPXybZXa5aa1mjk1lp//owbl2cXorp6899MZDrjEc20AKfBDjh9BCm5J
j99DQ27W6DYrarcjegLqpAVhwXzOZJathcutj0q4S12dAqHOlVD2VOigizLYE//G
0R/OaeTwKZsd7cDqNRduK1B15D3qwK3yyOu9VFf/ptFrFTHKOEIsfOWHMwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNXeREnB7xyd7xbfXnOHd7j+uDu1MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMWQ1RVNjSHZISjN2RnQ5ZWM0ZDN1UDY0TzdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHkwiwzq7R4KEAbriTub
qYy1H6UeeNb1UFOTfzZWlHSaFgp38gaHM/1ZSUyA6yAPW78eFOeuarX/ekIigRz0
86jlKRGVRLTFQxrf5MBvxG+tQGAgSSFklDb0ok4wKLwEjudhQSIg242RPsVpaLRt
pO/rTI4uJatQk7ZCUN41vHbzly4LrwwIxXYm5ymo5vHXToqarvxARWa++aToZAys
z6JYUivOn3vHpkIl/Z0fr4JfdIUVI1HtpiXoRwpBk8f7nNXid2Jm0TaXPmB40rsi
j8hAxLEvrWsXEUPHco+q6vT0B0Ctwx2zEcpjDmpt2jaKTuRCWaHEpzJgDenRTKxC
JOk=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:48:15 2025 by rpki-client