Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/23afQZGc-GlcpBIAjUrv_J_8FBo.roa
File: 23afQZGc-GlcpBIAjUrv_J_8FBo.roa (raw, json)
Hash identifier: LAzea1lu4vHAUhFK0evfG5V2pYMcvdHaLCNjcx2z5o4=
Subject key identifier: DB:76:9F:41:91:9C:F8:69:5C:A4:12:00:8D:4A:EF:FC:9F:FC:14:1A
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BD7C0D7E852E0CE33A2BC4DE41637C85C
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/23afQZGc-GlcpBIAjUrv_J_8FBo.roa
Signing time: Thu 16 Nov 2023 10:50:21 +0000
ROA not before: Thu 16 Nov 2023 10:50:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d7:c0:d7:e8:52:e0:ce:33:a2:bc:4d:e4:16:37:c8:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 16 10:50:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db769f41919cf8695ca412008d4aeffc9ffc141a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:8d:fb:1c:95:81:98:24:f6:d0:65:ec:77:eb:
19:e7:c9:56:dc:fc:d0:d9:87:4a:e2:25:23:69:d7:
94:dd:25:c1:6a:c5:1f:68:b1:a4:46:66:5a:07:5c:
cc:64:db:4c:8d:b4:35:2a:17:f6:f4:af:33:a5:b9:
21:a4:8a:33:17:2f:be:21:bc:c1:64:93:94:66:b3:
1f:1c:20:ba:6e:e2:3d:ab:f1:62:e4:b6:a9:da:9e:
fa:5b:62:f3:58:82:c0:e2:e0:e6:f3:12:4d:94:0c:
9e:f2:fc:88:bb:63:e5:ba:8c:0a:39:aa:fb:1d:d8:
84:39:d0:1f:65:05:60:1a:5a:79:5a:84:0b:af:5d:
77:4b:1d:6c:e4:48:3c:f8:d2:bb:a6:a3:14:7e:39:
36:32:d9:e2:09:ed:99:45:ac:51:13:c1:cf:83:34:
0a:ae:8b:33:4f:94:88:db:a3:2e:ba:b5:40:16:f9:
d6:53:e3:dd:94:ce:96:8d:c4:c7:f4:bc:30:6b:81:
71:2d:3d:1b:3d:51:cd:07:9a:9b:79:c3:ee:e3:cc:
72:93:6a:71:30:bb:2c:a1:a8:bb:ca:40:7a:9b:d8:
6e:44:c2:34:9c:ab:61:cc:6d:12:15:4d:8d:cc:f4:
f7:24:17:38:1f:50:3d:9f:db:98:fb:29:f0:63:40:
ec:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:76:9F:41:91:9C:F8:69:5C:A4:12:00:8D:4A:EF:FC:9F:FC:14:1A
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/23afQZGc-GlcpBIAjUrv_J_8FBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
65:35:ba:42:15:bb:66:17:8b:f7:31:77:38:cd:09:1a:11:b7:
40:b8:83:80:61:89:04:09:33:62:36:60:8c:cb:81:91:c0:3a:
cf:01:48:90:19:cf:9c:65:6a:a2:57:11:56:8b:73:21:2b:dc:
6f:03:a1:bf:32:fb:3d:b9:35:7e:27:5b:24:50:3a:d6:e0:9b:
ac:3c:5f:ff:4e:02:5d:94:8f:46:ae:35:bb:4e:40:f7:04:a5:
6f:96:9d:58:31:19:38:e4:6a:69:1c:54:e3:0f:99:5a:b3:33:
1e:c3:b8:e9:14:03:f9:f1:e4:69:c6:5e:ed:a7:82:a9:97:73:
db:67:c9:a5:02:07:3f:79:6d:ad:90:e6:b9:41:6c:5d:8b:ca:
c3:d5:4d:91:43:49:e8:d0:82:02:e1:fe:9b:6a:4a:e2:9b:3b:
3f:f1:7b:19:06:9f:20:47:b4:72:19:f9:87:4c:23:2b:da:f1:
7e:47:7c:8e:81:47:8a:98:39:2f:dd:4d:90:4a:dd:7e:ba:68:
fa:18:e4:50:ac:be:07:d4:d6:f9:b8:c9:ac:24:7d:7d:f9:96:
7c:11:e8:44:f3:ab:da:3e:97:54:94:10:4f:fc:95:16:05:f7:
d7:42:7d:60:0b:28:d5:94:0d:47:ab:c6:cc:c7:8a:e2:b0:4f:
f7:4a:af:d3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvXwNfoUuDOM6K8TeQWN8hcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTE2MTA1MDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjc2OWY0MTkxOWNmODY5NWNhNDEyMDA4ZDRhZWZmYzlmZmMxNDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkY37HJWBmCT20GXsd+sZ58lW3PzQ
2YdK4iUjadeU3SXBasUfaLGkRmZaB1zMZNtMjbQ1Khf29K8zpbkhpIozFy++IbzB
ZJOUZrMfHCC6buI9q/Fi5Lap2p76W2LzWILA4uDm8xJNlAye8vyIu2PluowKOar7
HdiEOdAfZQVgGlp5WoQLr113Sx1s5Eg8+NK7pqMUfjk2MtniCe2ZRaxRE8HPgzQK
roszT5SI26MuurVAFvnWU+PdlM6WjcTH9Lwwa4FxLT0bPVHNB5qbecPu48xyk2px
MLssoai7ykB6m9huRMI0nKthzG0SFU2NzPT3JBc4H1A9n9uY+ynwY0Ds0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNt2n0GRnPhpXKQSAI1K7/yf/BQaMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMjNhZlFaR2MtR2xjcEJJQWpVcnZfSl84RkJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGU1ukIVu2YXi/cxdzjN
CRoRt0C4g4BhiQQJM2I2YIzLgZHAOs8BSJAZz5xlaqJXEVaLcyEr3G8Dob8y+z25
NX4nWyRQOtbgm6w8X/9OAl2Uj0auNbtOQPcEpW+WnVgxGTjkamkcVOMPmVqzMx7D
uOkUA/nx5GnGXu2ngqmXc9tnyaUCBz95ba2Q5rlBbF2LysPVTZFDSejQggLh/ptq
SuKbOz/xexkGnyBHtHIZ+YdMIyva8X5HfI6BR4qYOS/dTZBK3X66aPoY5FCsvgfU
1vm4yawkfX35lnwR6ETzq9o+l1SUEE/8lRYF99dCfWALKNWUDUerxszHiuKwT/dK
r9M=
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:33:02 2025 by rpki-client