Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2sXuopFSX0bq72vzkzeZ2slwiRE.roa
File: 2sXuopFSX0bq72vzkzeZ2slwiRE.roa (raw, json)
Hash identifier: 2kDS3iUEhe8X6bDTHwccRzBxW4JU7YxKnkujVx6F6lU=
Subject key identifier: DA:C5:EE:A2:91:52:5F:46:EA:EF:6B:F3:93:37:99:DA:C9:70:89:11
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B9EF71AC88F1FF9359FE66690DC997F6B
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2sXuopFSX0bq72vzkzeZ2slwiRE.roa
Signing time: Sun 05 Nov 2023 10:11:16 +0000
ROA not before: Sun 05 Nov 2023 10:11:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:9e:f7:1a:c8:8f:1f:f9:35:9f:e6:66:90:dc:99:7f:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 5 10:11:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dac5eea291525f46eaef6bf3933799dac9708911
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:3d:2a:59:92:fc:e1:5a:79:7b:28:68:b4:2d:
60:2f:16:04:65:c6:3f:14:7d:64:e8:ce:57:7d:a0:
d7:fe:36:72:61:e0:31:13:38:73:a4:f4:06:02:30:
4b:e5:f6:36:e2:d9:78:ce:44:3d:49:9d:7e:e1:5f:
08:3c:bd:c5:a4:13:ea:ce:03:76:04:d2:f6:a4:2a:
b2:86:49:f4:1c:8c:43:be:8e:ef:7d:0a:e9:a0:f6:
a9:77:44:07:9e:ff:fa:65:b5:37:4c:c0:e6:54:67:
e3:41:5a:72:7e:d3:43:87:31:03:04:87:2b:77:df:
01:2a:16:7d:f6:99:8d:4a:ff:81:f5:2f:01:e0:81:
f2:9a:98:fa:6b:1e:99:81:13:fc:7f:0c:86:4a:7f:
7f:fc:05:59:f1:8a:9c:e4:4a:e7:01:7e:83:58:07:
c2:62:86:57:a4:9a:23:55:e1:6d:43:64:09:c6:24:
46:9e:ea:04:a1:ae:29:7a:43:83:ad:2d:66:43:05:
10:7c:db:ed:e6:50:95:1d:e9:6d:66:12:8c:bf:7b:
3e:a5:d4:dc:3d:9d:43:b8:5b:cb:37:14:1a:1c:01:
5e:38:c5:8d:c9:b8:ed:56:68:50:96:14:dc:3d:f5:
5b:70:ad:75:1a:da:6d:a2:0a:0d:8b:be:81:d1:9f:
43:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:C5:EE:A2:91:52:5F:46:EA:EF:6B:F3:93:37:99:DA:C9:70:89:11
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2sXuopFSX0bq72vzkzeZ2slwiRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
43:1e:21:5e:f4:ff:42:2b:f3:75:5e:b5:71:f6:9e:14:b5:3f:
d4:b0:1f:78:b7:52:7e:e6:d0:3f:14:3d:e0:5c:90:43:50:3e:
78:5b:4c:43:80:80:84:13:22:da:2c:7a:0f:87:ab:6a:41:53:
57:6f:62:e5:48:e4:d7:e7:78:86:89:59:41:5b:dc:8a:cd:1f:
77:02:7e:92:b3:18:b3:e9:0d:23:a6:fb:c8:48:9b:b2:20:85:
be:22:0f:48:60:fc:6f:f8:4b:5c:af:15:4f:77:65:49:1e:33:
01:1a:ae:c6:2d:03:1f:b6:0d:87:db:05:9e:55:06:91:08:b2:
b3:10:fd:0b:28:4c:88:28:b9:66:03:ea:25:16:40:a5:ab:a3:
0e:26:4a:09:35:31:24:6d:81:8e:d8:4b:7c:ca:e1:54:a2:06:
6f:2c:8f:52:5e:0e:cf:0b:1e:03:16:a3:47:b7:e6:3a:a0:72:
fb:44:84:28:c1:0c:82:ee:10:9e:1d:e5:93:cc:a4:db:e9:b6:
74:4d:31:c0:5a:43:23:e3:4a:e2:2a:2f:27:ae:28:6a:1f:38:
ba:e3:83:ae:45:71:39:c7:0c:1c:fd:14:bb:b1:0b:86:04:af:
fe:b8:80:1e:da:05:cc:cb:fc:be:f5:ce:c3:53:71:5d:4d:6c:
1a:87:52:ec
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYue9xrIjx/5NZ/mZpDcmX9rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA1MTAxMTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWM1ZWVhMjkxNTI1ZjQ2ZWFlZjZiZjM5MzM3OTlkYWM5NzA4OTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlD0qWZL84Vp5eyhotC1gLxYEZcY/
FH1k6M5XfaDX/jZyYeAxEzhzpPQGAjBL5fY24tl4zkQ9SZ1+4V8IPL3FpBPqzgN2
BNL2pCqyhkn0HIxDvo7vfQrpoPapd0QHnv/6ZbU3TMDmVGfjQVpyftNDhzEDBIcr
d98BKhZ99pmNSv+B9S8B4IHympj6ax6ZgRP8fwyGSn9//AVZ8Yqc5ErnAX6DWAfC
YoZXpJojVeFtQ2QJxiRGnuoEoa4pekODrS1mQwUQfNvt5lCVHeltZhKMv3s+pdTc
PZ1DuFvLNxQaHAFeOMWNybjtVmhQlhTcPfVbcK11GtptogoNi76B0Z9DiwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNrF7qKRUl9G6u9r85M3mdrJcIkRMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMnNYdW9wRlNYMGJxNzJ2emt6ZVoyc2x3aVJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEMeIV70/0Ir83VetXH2
nhS1P9SwH3i3Un7m0D8UPeBckENQPnhbTEOAgIQTItoseg+Hq2pBU1dvYuVI5Nfn
eIaJWUFb3IrNH3cCfpKzGLPpDSOm+8hIm7Ighb4iD0hg/G/4S1yvFU93ZUkeMwEa
rsYtAx+2DYfbBZ5VBpEIsrMQ/QsoTIgouWYD6iUWQKWrow4mSgk1MSRtgY7YS3zK
4VSiBm8sj1JeDs8LHgMWo0e35jqgcvtEhCjBDILuEJ4d5ZPMpNvptnRNMcBaQyPj
SuIqLyeuKGofOLrjg65FcTnHDBz9FLuxC4YEr/64gB7aBczL/L71zsNTcV1NbBqH
Uuw=
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:00:43 2025 by rpki-client