Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2pK8YhsfnaAWwK7Jp0XGVPOvG4Y.roa
File: 2pK8YhsfnaAWwK7Jp0XGVPOvG4Y.roa (raw, json)
Hash identifier: ES5PESeYCtd//VnD4gtpxcFM+4QxkQgzlIag4/paYEQ=
Subject key identifier: DA:92:BC:62:1B:1F:9D:A0:16:C0:AE:C9:A7:45:C6:54:F3:AF:1B:86
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AC52650D7388DB22C5DFDF76BDA4970F6
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2pK8YhsfnaAWwK7Jp0XGVPOvG4Y.roa
Signing time: Sun 24 Sep 2023 03:05:37 +0000
ROA not before: Sun 24 Sep 2023 03:05:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:c525:a8fc/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c5:26:50:d7:38:8d:b2:2c:5d:fd:f7:6b:da:49:70:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 24 03:05:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da92bc621b1f9da016c0aec9a745c654f3af1b86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e0:58:66:cf:c6:9f:61:52:d8:20:fb:cc:93:
a7:a2:01:c4:1c:4f:ac:97:6e:04:72:da:30:33:51:
26:df:78:82:64:85:b7:87:67:cc:5c:24:73:72:fd:
9b:bd:84:c8:6b:09:36:08:1f:a3:7f:0f:d1:b8:b9:
56:dc:7a:5d:05:67:98:07:c6:c6:c1:af:f3:42:82:
f3:41:f4:ae:14:d2:a9:a3:0e:1d:92:07:4f:bd:9f:
b1:2c:b7:ce:77:44:dc:c6:11:a7:c4:ea:bb:20:a2:
73:ae:ee:c5:54:c6:16:f5:c9:02:f2:e7:be:7a:b1:
10:f5:b9:3d:c9:ac:af:3f:c3:c3:26:f1:d7:4a:6f:
de:f0:28:df:39:f3:94:fe:71:08:67:8e:18:53:ed:
c7:6f:2f:2d:12:40:90:f4:24:c8:1b:39:86:9e:92:
80:5b:8d:ef:4b:85:e0:b3:05:a6:f7:00:47:a6:9e:
19:39:20:57:16:ff:c0:71:82:fe:cd:69:f4:b8:c9:
c4:90:94:a4:cf:1c:af:66:a4:37:1e:e0:f2:36:82:
38:33:5d:26:07:95:3d:4f:03:fc:df:88:b8:e2:a4:
9d:66:a0:d3:7c:d2:33:54:9f:07:be:92:26:53:86:
82:c0:f4:1d:c2:7e:b9:4c:24:5d:b0:45:04:79:d3:
29:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:92:BC:62:1B:1F:9D:A0:16:C0:AE:C9:A7:45:C6:54:F3:AF:1B:86
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2pK8YhsfnaAWwK7Jp0XGVPOvG4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
98:35:a8:f5:a2:b2:ea:f9:67:f8:d2:a4:58:a5:3a:94:a3:dd:
99:e6:e1:3e:3f:46:39:f3:f7:96:ea:c7:6b:d7:20:7d:45:ff:
fd:48:78:b2:db:13:d4:7b:1e:6a:4b:59:90:d2:9d:5c:9a:d2:
f7:40:1b:3e:4e:bf:14:c3:61:a4:31:9f:c6:a4:8b:73:9a:1c:
3a:f3:d0:3b:40:1e:78:bb:87:82:72:84:60:ab:20:6f:5f:bf:
67:73:89:a8:f2:cf:9f:38:b4:1b:c3:59:e9:c0:94:7e:2e:9f:
db:b9:f4:80:1d:91:d0:72:36:ad:52:31:84:5f:ea:0a:e3:8f:
37:84:ec:cb:ad:71:f4:2c:8d:5f:fc:d0:9a:39:73:3f:04:2f:
5c:ec:4a:6f:ae:32:1a:a7:a4:22:07:45:7e:9d:16:63:ee:9a:
14:6f:5f:38:57:6d:73:09:39:08:f5:4a:ca:77:71:81:9f:59:
30:f1:41:6d:39:71:51:a9:27:1a:c5:de:66:88:eb:1f:6a:b2:
c6:74:b6:43:80:5b:cf:7c:47:3c:43:1e:01:6f:01:fb:d7:a3:
c1:85:69:f2:ee:ac:1a:0b:a0:b0:70:25:b9:93:a8:e1:ce:fe:
8d:b9:94:2b:10:97:d7:c7:fb:76:e8:05:66:57:07:c6:49:11:
ce:76:9e:00
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrFJlDXOI2yLF3992vaSXD2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI0MDMwNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTkyYmM2MjFiMWY5ZGEwMTZjMGFlYzlhNzQ1YzY1NGYzYWYxYjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+BYZs/Gn2FS2CD7zJOnogHEHE+s
l24EctowM1Em33iCZIW3h2fMXCRzcv2bvYTIawk2CB+jfw/RuLlW3HpdBWeYB8bG
wa/zQoLzQfSuFNKpow4dkgdPvZ+xLLfOd0TcxhGnxOq7IKJzru7FVMYW9ckC8ue+
erEQ9bk9yayvP8PDJvHXSm/e8CjfOfOU/nEIZ44YU+3Hby8tEkCQ9CTIGzmGnpKA
W43vS4XgswWm9wBHpp4ZOSBXFv/AcYL+zWn0uMnEkJSkzxyvZqQ3HuDyNoI4M10m
B5U9TwP834i44qSdZqDTfNIzVJ8HvpImU4aCwPQdwn65TCRdsEUEedMp1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNqSvGIbH52gFsCuyadFxlTzrxuGMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMnBLOFloc2ZuYUFXd0s3SnAwWEdWUE92RzRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJg1qPWisur5Z/jSpFil
OpSj3Znm4T4/Rjnz95bqx2vXIH1F//1IeLLbE9R7HmpLWZDSnVya0vdAGz5OvxTD
YaQxn8aki3OaHDrz0DtAHni7h4JyhGCrIG9fv2dziajyz584tBvDWenAlH4un9u5
9IAdkdByNq1SMYRf6grjjzeE7MutcfQsjV/80Jo5cz8EL1zsSm+uMhqnpCIHRX6d
FmPumhRvXzhXbXMJOQj1Ssp3cYGfWTDxQW05cVGpJxrF3maI6x9qssZ0tkOAW898
RzxDHgFvAfvXo8GFafLurBoLoLBwJbmTqOHO/o25lCsQl9fH+3boBWZXB8ZJEc52
ngA=
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:33:11 2025 by rpki-client