Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2IA-yGTULg8oLtRIfpBGCg2pyHs.roa
File: 2IA-yGTULg8oLtRIfpBGCg2pyHs.roa (raw, json)
Hash identifier: 7cGat+NjBVdCtajauiFzFMHUebgv37/HoUMgmn4nEpE=
Subject key identifier: D8:80:3E:C8:64:D4:2E:0F:28:2E:D4:48:7E:90:46:0A:0D:A9:C8:7B
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C107AF0B0C79FBF1990AE1A5BBD8CD8A0
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2IA-yGTULg8oLtRIfpBGCg2pyHs.roa
Signing time: Mon 27 Nov 2023 11:12:21 +0000
ROA not before: Mon 27 Nov 2023 11:12:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:10:7a:f0:b0:c7:9f:bf:19:90:ae:1a:5b:bd:8c:d8:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 27 11:12:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8803ec864d42e0f282ed4487e90460a0da9c87b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:6c:5c:d0:05:b3:93:2b:d1:15:50:76:40:38:
18:56:45:92:98:06:08:b1:51:85:f7:a4:0e:21:3c:
b7:11:70:fd:bb:fb:d7:0f:5d:cc:76:dc:ad:9b:52:
13:e2:f2:f0:34:a0:95:eb:a5:2f:3c:40:45:7a:9f:
0f:d3:ad:90:be:06:fd:aa:6b:31:00:7e:e1:d0:3f:
7a:6a:1e:9b:35:f6:be:60:e3:07:c3:a1:03:40:da:
5a:22:6c:9f:6b:24:4b:54:78:c5:3c:8e:17:98:8f:
95:a8:be:ec:88:07:65:d2:06:ea:2a:d7:83:30:36:
98:73:35:1b:a2:92:79:39:c3:1b:57:be:98:42:e1:
b0:8e:05:f1:b1:9f:7c:6b:75:0e:7d:57:03:7a:8b:
5e:61:6e:93:44:e7:f9:ac:b6:a3:a3:df:e6:a8:2a:
09:c9:8a:6a:f9:2c:d0:0b:eb:f4:73:42:d0:6b:62:
ac:2b:dc:f2:a5:18:1e:c5:f8:db:54:12:d2:fc:a1:
cb:8a:b9:81:5a:bb:42:dc:e7:c6:ab:de:39:88:9f:
2d:43:9d:13:38:a2:17:4b:e4:3b:f9:df:f2:e9:ff:
2f:be:dc:3f:d4:1a:ff:85:75:0b:eb:ff:f9:bd:6a:
1f:b8:42:78:92:d0:1c:01:dd:54:2c:5b:d0:03:ff:
8e:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:80:3E:C8:64:D4:2E:0F:28:2E:D4:48:7E:90:46:0A:0D:A9:C8:7B
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2IA-yGTULg8oLtRIfpBGCg2pyHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a0:46:76:1c:a3:4c:89:55:c2:fb:f1:5a:d9:66:48:df:6e:99:
8b:d6:34:bc:1d:46:58:4a:b7:0b:98:ea:fe:3c:bb:a7:fc:de:
bf:3e:0d:b3:41:23:9d:21:a8:4c:35:db:4a:02:41:43:d4:80:
c4:e2:65:07:a0:f8:8a:f3:34:e2:e5:0f:6f:ec:d0:ae:28:e3:
31:8e:27:29:74:85:ef:4c:a8:f3:e0:e0:39:56:db:39:f6:b7:
88:48:56:51:f6:6e:9d:f6:c7:30:26:2e:ca:d7:41:a4:79:d5:
10:41:1c:5d:b9:76:37:7f:a1:b2:1e:8f:52:d3:e4:6b:4b:dc:
f4:44:c1:53:26:04:73:8f:16:34:7c:5d:93:2f:bc:fd:db:e9:
6a:41:4b:23:88:6b:d1:e4:7c:d0:b5:ef:e0:4d:c5:b9:c5:21:
58:79:e6:fb:b0:a4:36:8c:ab:bf:af:c5:9e:d6:f6:f7:af:9a:
30:a3:16:9b:e9:27:44:0b:11:9e:9d:cb:ef:9f:25:b7:86:44:
c2:34:fa:de:79:26:88:ca:01:a3:54:dc:68:d3:da:6c:9d:e6:
4f:e3:f0:36:8f:57:27:9a:ac:f8:59:23:3c:4e:99:0a:7b:d6:
fe:5c:6f:c1:2e:bd:bb:a5:c5:a7:27:dc:32:39:80:c4:0c:da:
b0:30:1e:d9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwQevCwx5+/GZCuGlu9jNigMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI3MTExMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODgwM2VjODY0ZDQyZTBmMjgyZWQ0NDg3ZTkwNDYwYTBkYTljODdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWxc0AWzkyvRFVB2QDgYVkWSmAYI
sVGF96QOITy3EXD9u/vXD13Mdtytm1IT4vLwNKCV66UvPEBFep8P062Qvgb9qmsx
AH7h0D96ah6bNfa+YOMHw6EDQNpaImyfayRLVHjFPI4XmI+VqL7siAdl0gbqKteD
MDaYczUbopJ5OcMbV76YQuGwjgXxsZ98a3UOfVcDeoteYW6TROf5rLajo9/mqCoJ
yYpq+SzQC+v0c0LQa2KsK9zypRgexfjbVBLS/KHLirmBWrtC3OfGq945iJ8tQ50T
OKIXS+Q7+d/y6f8vvtw/1Br/hXUL6//5vWofuEJ4ktAcAd1ULFvQA/+O1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNiAPshk1C4PKC7USH6QRgoNqch7MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMklBLXlHVFVMZzhvTHRSSWZwQkdDZzJweUhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKBGdhyjTIlVwvvxWtlm
SN9umYvWNLwdRlhKtwuY6v48u6f83r8+DbNBI50hqEw120oCQUPUgMTiZQeg+Irz
NOLlD2/s0K4o4zGOJyl0he9MqPPg4DlW2zn2t4hIVlH2bp32xzAmLsrXQaR51RBB
HF25djd/obIej1LT5GtL3PREwVMmBHOPFjR8XZMvvP3b6WpBSyOIa9HkfNC17+BN
xbnFIVh55vuwpDaMq7+vxZ7W9vevmjCjFpvpJ0QLEZ6dy++fJbeGRMI0+t55JojK
AaNU3GjT2myd5k/j8DaPVyearPhZIzxOmQp71v5cb8Euvbulxacn3DI5gMQM2rAw
Htk=
-----END CERTIFICATE-----
Generated at Tue Apr 22 00:54:44 2025 by rpki-client