Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/216XR75usAxvHQuZzX8JCTju7nA.roa
File: 216XR75usAxvHQuZzX8JCTju7nA.roa (raw, json)
Hash identifier: G6Fo7mt84PZp1UuWiOzaDS8oQneM+TcQsDyNd4DZTn8=
Subject key identifier: DB:5E:97:47:BE:6E:B0:0C:6F:1D:0B:99:CD:7F:09:09:38:EE:EE:70
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AB43BC16FC899DECC2EB74563544F53B7
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/216XR75usAxvHQuZzX8JCTju7nA.roa
Signing time: Wed 20 Sep 2023 20:15:29 +0000
ROA not before: Wed 20 Sep 2023 20:15:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b4:3b:c1:6f:c8:99:de:cc:2e:b7:45:63:54:4f:53:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 20 20:15:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db5e9747be6eb00c6f1d0b99cd7f090938eeee70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:1b:d8:12:af:23:30:57:7f:76:30:42:3b:62:
76:30:7e:68:ce:b4:1a:c3:93:bf:49:7a:e3:e4:cf:
a7:81:2a:fd:48:b7:b2:76:a1:3f:a2:e0:fa:a1:0d:
c7:20:48:c3:52:8f:8b:35:7a:ec:aa:33:ad:e9:2d:
51:39:93:7e:b5:70:3d:1e:81:ab:c2:f3:b6:f0:1a:
a1:75:fd:bd:45:d6:7c:d1:54:16:c5:14:c0:25:5f:
fc:cf:8c:1f:e9:33:1d:e9:b2:19:18:0b:7e:5f:25:
8f:3b:93:6a:a8:5d:f1:e2:34:f2:61:04:69:06:38:
12:66:00:af:ac:7f:1a:21:73:fb:18:e4:1b:0a:5f:
0e:f9:9d:41:fb:c8:eb:52:5c:a0:71:97:75:c0:6a:
92:10:21:be:67:aa:be:13:41:fd:39:75:e8:cd:3d:
ac:6e:35:d7:e9:ea:f3:5e:0f:79:56:07:f8:d9:3d:
be:f8:42:7d:a3:64:ed:cb:9d:60:84:83:84:f0:5e:
26:c7:cf:f2:a7:9f:b3:26:6a:44:39:09:6b:cd:6a:
b6:f0:1d:e9:77:5e:e1:08:c5:62:eb:f8:7f:00:9a:
47:be:01:06:64:98:dd:4c:2b:be:dc:56:db:93:2a:
f2:e9:8b:f1:e3:d8:1b:43:7f:5f:e2:1a:c6:56:ff:
09:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:5E:97:47:BE:6E:B0:0C:6F:1D:0B:99:CD:7F:09:09:38:EE:EE:70
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/216XR75usAxvHQuZzX8JCTju7nA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a9:5f:2e:bf:96:3b:71:10:ac:9d:07:ff:1d:b5:8e:91:40:b2:
91:4e:79:24:70:34:f5:cf:e5:5f:bd:29:da:ea:37:c6:ed:55:
b4:93:60:a5:d1:96:ea:4d:0f:37:7e:06:8f:18:cf:99:be:02:
52:2c:3f:20:3e:d4:90:ea:8b:ed:05:ed:41:5c:4c:ba:8f:72:
ee:f0:19:d8:54:bb:4c:a3:e8:b3:56:cc:cd:42:9d:45:31:59:
84:95:ea:5f:7c:81:57:5b:ad:3e:24:a3:7d:41:32:6e:aa:6f:
f0:45:be:4b:94:4e:3d:59:88:1c:1a:16:0d:f1:a0:5b:4b:7f:
8a:17:d1:ce:69:b4:41:5b:54:e0:9e:13:15:09:57:78:d0:3c:
8f:cb:0a:5b:de:24:4a:5e:cb:4b:b4:e8:9d:2a:78:e5:91:03:
2f:47:9f:50:8d:67:4e:76:45:f5:7b:7b:3a:45:bb:5b:d8:64:
15:7c:87:08:b7:5c:cb:4f:7f:88:ed:a1:8d:c5:a2:e7:bd:a1:
a4:49:db:e9:a3:2f:21:ac:d1:bb:05:a4:f5:3e:a0:41:e7:5d:
6d:da:75:6c:26:4b:a3:49:ff:15:49:8a:e9:cf:d4:69:43:94:
28:f5:4e:f5:ec:09:be:a7:d0:e3:99:c3:0e:03:c1:ff:61:f0:
8e:96:75:b9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYq0O8FvyJnezC63RWNUT1O3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIwMjAxNTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjVlOTc0N2JlNmViMDBjNmYxZDBiOTljZDdmMDkwOTM4ZWVlZTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRvYEq8jMFd/djBCO2J2MH5ozrQa
w5O/SXrj5M+ngSr9SLeydqE/ouD6oQ3HIEjDUo+LNXrsqjOt6S1ROZN+tXA9HoGr
wvO28Bqhdf29RdZ80VQWxRTAJV/8z4wf6TMd6bIZGAt+XyWPO5NqqF3x4jTyYQRp
BjgSZgCvrH8aIXP7GOQbCl8O+Z1B+8jrUlygcZd1wGqSECG+Z6q+E0H9OXXozT2s
bjXX6erzXg95Vgf42T2++EJ9o2Tty51ghIOE8F4mx8/yp5+zJmpEOQlrzWq28B3p
d17hCMVi6/h/AJpHvgEGZJjdTCu+3Fbbkyry6Yvx49gbQ39f4hrGVv8J4wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNtel0e+brAMbx0Lmc1/CQk47u5wMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMjE2WFI3NXVzQXh2SFF1WnpYOEpDVGp1N25BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKlfLr+WO3EQrJ0H/x21
jpFAspFOeSRwNPXP5V+9KdrqN8btVbSTYKXRlupNDzd+Bo8Yz5m+AlIsPyA+1JDq
i+0F7UFcTLqPcu7wGdhUu0yj6LNWzM1CnUUxWYSV6l98gVdbrT4ko31BMm6qb/BF
vkuUTj1ZiBwaFg3xoFtLf4oX0c5ptEFbVOCeExUJV3jQPI/LClveJEpey0u06J0q
eOWRAy9Hn1CNZ052RfV7ezpFu1vYZBV8hwi3XMtPf4jtoY3Foue9oaRJ2+mjLyGs
0bsFpPU+oEHnXW3adWwmS6NJ/xVJiunP1GlDlCj1TvXsCb6n0OOZww4Dwf9h8I6W
dbk=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:03:47 2025 by rpki-client