Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1oSCYcb-2ozc4IF0ZXUtCtGHvgs.roa
File: 1oSCYcb-2ozc4IF0ZXUtCtGHvgs.roa (raw, json)
Hash identifier: KrZTYJtymFwMhZec72MpofTZk4FwHBvFxs6Yt8qzT6M=
Subject key identifier: D6:84:82:61:C6:FE:DA:8C:DC:E0:81:74:65:75:2D:0A:D1:87:BE:0B
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C75BC07EE7CFE1AA0E65F7D8AB845C9C4
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1oSCYcb-2ozc4IF0ZXUtCtGHvgs.roa
Signing time: Sun 17 Dec 2023 03:05:06 +0000
ROA not before: Sun 17 Dec 2023 03:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64:ffff:0:18c:75bb:98a0/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:75:bc:07:ee:7c:fe:1a:a0:e6:5f:7d:8a:b8:45:c9:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 17 03:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6848261c6feda8cdce0817465752d0ad187be0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:80:68:37:ab:d8:9f:21:01:88:6d:99:7e:7b:
f6:4a:95:99:f7:ef:3a:d8:98:dc:4f:25:7c:23:3a:
4a:01:11:84:b7:0f:40:0a:b1:fa:c8:f9:ec:ba:01:
46:b3:a4:a3:7c:09:c0:7d:3c:24:5f:ce:c6:23:40:
6c:a2:e1:3c:a4:97:75:d4:46:e4:b7:fb:e1:8c:fa:
ff:ef:62:4c:11:0d:89:55:83:b4:b6:93:93:cb:4b:
72:ad:2c:62:33:7f:ad:c2:56:7f:f8:69:6c:63:8b:
6c:34:8e:82:d7:41:a7:f4:62:f4:d2:3e:2b:92:4b:
e8:3f:6b:31:82:4c:29:63:6e:36:d6:b8:3d:af:f9:
77:65:c5:0e:ea:05:09:1c:e3:06:b7:c1:58:4b:b1:
99:81:fe:53:b8:60:f2:db:d4:e2:bf:48:84:ea:af:
71:e8:e2:5c:90:37:2b:bb:38:3d:26:a8:24:ee:c8:
72:ba:fd:86:b8:78:88:4e:26:5c:e5:40:79:c8:be:
12:f2:09:8c:60:cb:bc:9f:36:ff:f3:4c:d9:6a:09:
96:b3:4d:e6:8c:b0:e8:3b:a6:89:41:1a:b9:28:52:
12:ff:a1:e0:d6:a8:9d:54:94:45:b2:a1:57:dc:7c:
7d:05:fb:78:44:28:2a:1c:ea:8b:2b:fa:5a:d0:63:
04:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:84:82:61:C6:FE:DA:8C:DC:E0:81:74:65:75:2D:0A:D1:87:BE:0B
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1oSCYcb-2ozc4IF0ZXUtCtGHvgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6b:48:ce:e5:75:9e:0b:8d:e1:95:0f:38:b5:18:52:b4:4d:13:
7e:04:f0:e7:af:be:11:31:0d:af:46:d4:c1:b2:7a:b4:97:cd:
a9:0c:db:f3:19:8f:66:f1:aa:ab:ce:d9:99:48:5e:27:ce:54:
37:4f:ee:45:bb:cd:8d:62:5b:2c:1b:d5:18:69:b6:4b:14:39:
bd:95:46:b4:56:a6:b2:2d:3f:2e:75:b5:63:ae:5e:36:97:28:
82:93:0f:37:ad:4a:e5:86:24:0e:de:cb:4f:f1:d3:aa:81:30:
88:49:8e:c3:26:90:0c:ee:d3:8d:62:08:67:e7:4b:19:48:a2:
dc:82:3e:d5:2a:08:f3:f5:1e:c1:c9:b1:c3:f1:46:c9:38:f2:
35:50:24:ea:e3:0d:59:01:b7:2c:f3:e3:57:c2:e4:1d:28:02:
e4:a6:d9:83:28:eb:87:ca:72:d7:48:ec:f3:65:79:56:9d:7e:
4a:11:f6:1b:95:c9:f5:13:bb:17:5c:5c:79:57:ad:9b:52:31:
03:d2:ac:dd:ea:42:b2:0c:90:47:83:4f:b8:88:c6:22:9d:9e:
a8:95:d0:a0:27:b4:8f:35:59:ad:d6:84:62:87:50:64:81:d5:
42:2b:12:dd:30:92:19:dc:66:39:a5:f7:24:9b:76:ca:b4:cc:
89:f5:6e:83
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYx1vAfufP4aoOZffYq4RcnEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE3MDMwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjg0ODI2MWM2ZmVkYThjZGNlMDgxNzQ2NTc1MmQwYWQxODdiZTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4BoN6vYnyEBiG2Zfnv2SpWZ9+86
2JjcTyV8IzpKARGEtw9ACrH6yPnsugFGs6SjfAnAfTwkX87GI0BsouE8pJd11Ebk
t/vhjPr/72JMEQ2JVYO0tpOTy0tyrSxiM3+twlZ/+GlsY4tsNI6C10Gn9GL00j4r
kkvoP2sxgkwpY2421rg9r/l3ZcUO6gUJHOMGt8FYS7GZgf5TuGDy29Tiv0iE6q9x
6OJckDcruzg9Jqgk7shyuv2GuHiITiZc5UB5yL4S8gmMYMu8nzb/80zZagmWs03m
jLDoO6aJQRq5KFIS/6Hg1qidVJRFsqFX3Hx9Bft4RCgqHOqLK/pa0GME/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNaEgmHG/tqM3OCBdGV1LQrRh74LMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMW9TQ1ljYi0yb3pjNElGMFpYVXRDdEdIdmdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGtIzuV1nguN4ZUPOLUY
UrRNE34E8OevvhExDa9G1MGyerSXzakM2/MZj2bxqqvO2ZlIXifOVDdP7kW7zY1i
Wywb1RhptksUOb2VRrRWprItPy51tWOuXjaXKIKTDzetSuWGJA7ey0/x06qBMIhJ
jsMmkAzu041iCGfnSxlIotyCPtUqCPP1HsHJscPxRsk48jVQJOrjDVkBtyzz41fC
5B0oAuSm2YMo64fKctdI7PNleVadfkoR9huVyfUTuxdcXHlXrZtSMQPSrN3qQrIM
kEeDT7iIxiKdnqiV0KAntI81Wa3WhGKHUGSB1UIrEt0wkhncZjml9ySbdsq0zIn1
boM=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:51:48 2025 by rpki-client