Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2uJaQsbuoB6-I1OFei2P7E9xRrs.roa
File: 2uJaQsbuoB6-I1OFei2P7E9xRrs.roa (raw, json)
Hash identifier: fVfbPSPGnWFQ53CCb2Ko/p9EMM/8J3c0i+xtR5cUVAs=
Subject key identifier: DA:E2:5A:42:C6:EE:A0:1E:BE:23:53:85:7A:2D:8F:EC:4F:71:46:BB
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C07B2AD4BEE283BC2ED29220855778838
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2uJaQsbuoB6-I1OFei2P7E9xRrs.roa
Signing time: Sat 25 Nov 2023 18:16:39 +0000
ROA not before: Sat 25 Nov 2023 18:16:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:07:b2:ad:4b:ee:28:3b:c2:ed:29:22:08:55:77:88:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 25 18:16:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dae25a42c6eea01ebe2353857a2d8fec4f7146bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1a:33:f8:3f:7e:2e:ab:e6:70:f3:20:3f:c5:
14:ef:88:1c:0a:88:03:25:14:a7:e0:d5:a6:47:81:
f7:d6:d3:5e:06:55:9a:cd:fc:32:16:7e:ab:ff:a3:
00:b3:7b:eb:0c:7d:57:8a:a2:1b:8a:fe:e4:f5:e7:
ef:42:6f:39:2a:4c:00:17:a7:94:32:ff:dc:0a:88:
c5:9e:7b:2d:2e:39:96:47:62:7c:bc:28:57:ca:c3:
16:e9:ab:b2:42:71:8e:a9:4a:0a:46:c8:45:2a:39:
c6:ff:70:a2:21:cd:ab:1a:0d:ff:d3:01:d7:a2:8d:
c5:0f:49:d6:ed:b9:2a:95:e1:c9:b0:ef:9d:0d:a3:
81:63:bd:ac:c8:b3:73:3a:be:31:95:3d:03:55:aa:
48:10:98:11:41:56:5e:ac:99:f4:34:47:23:76:be:
14:74:77:88:7b:8a:fc:f0:73:db:9f:27:b4:df:2a:
af:10:0d:51:f1:6a:80:e3:33:64:29:82:fd:cc:75:
d2:6a:3d:d6:04:1b:10:1e:ac:54:62:b8:7a:48:21:
be:a6:6b:8f:0f:a8:f9:5e:59:0a:b3:2e:de:87:22:
cc:9a:9c:53:02:73:17:2d:4a:fe:1d:61:fc:22:9e:
6a:76:32:38:b1:16:44:28:5a:30:9e:2a:36:da:45:
8c:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:E2:5A:42:C6:EE:A0:1E:BE:23:53:85:7A:2D:8F:EC:4F:71:46:BB
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2uJaQsbuoB6-I1OFei2P7E9xRrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a9:02:d8:d1:4f:24:f7:2b:68:3c:31:9d:1c:5d:a9:1c:73:5d:
89:38:de:a4:4f:a0:1f:4b:f6:c5:8e:01:3c:d3:a7:2d:05:a7:
a7:07:e8:83:31:0d:a5:4d:9c:5b:ec:c1:a3:e5:ef:36:15:8a:
15:6f:bd:ff:26:d3:be:3f:1e:ab:7f:a3:13:b1:13:8c:01:58:
68:5d:d3:df:2e:17:d5:1c:85:06:9f:77:8d:28:eb:da:35:b7:
4d:b7:0a:75:4d:ae:9d:79:51:d8:7f:a1:1b:57:1b:a5:fd:11:
41:77:9b:0a:a6:0c:de:5e:62:58:ab:31:85:c8:8b:e0:d0:48:
30:84:d0:47:e8:a3:b9:99:7d:83:3c:1f:a2:c9:16:87:22:a5:
79:60:0c:e4:dd:26:cd:60:34:0b:7e:c0:5e:c7:6c:39:04:67:
08:c8:94:24:cb:d4:9b:02:0c:1b:2d:cc:a7:98:c7:9f:7c:f6:
0c:8f:72:79:14:96:4f:b6:02:6a:0a:f1:e4:4f:be:d6:56:f0:
00:5a:bc:7a:bb:80:97:51:12:7c:80:a5:1e:ff:cf:d4:f6:49:
45:42:94:d9:c8:fc:7a:26:92:26:d3:3e:65:77:34:c4:9b:6c:
15:0a:73:d5:59:98:35:1a:0c:71:23:2a:04:8f:28:c5:f6:ba:
f1:6b:d9:65
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwHsq1L7ig7wu0pIghVd4g4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI1MTgxNjM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWUyNWE0MmM2ZWVhMDFlYmUyMzUzODU3YTJkOGZlYzRmNzE0NmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxoz+D9+LqvmcPMgP8UU74gcCogD
JRSn4NWmR4H31tNeBlWazfwyFn6r/6MAs3vrDH1XiqIbiv7k9efvQm85KkwAF6eU
Mv/cCojFnnstLjmWR2J8vChXysMW6auyQnGOqUoKRshFKjnG/3CiIc2rGg3/0wHX
oo3FD0nW7bkqleHJsO+dDaOBY72syLNzOr4xlT0DVapIEJgRQVZerJn0NEcjdr4U
dHeIe4r88HPbnye03yqvEA1R8WqA4zNkKYL9zHXSaj3WBBsQHqxUYrh6SCG+pmuP
D6j5XlkKsy7ehyLMmpxTAnMXLUr+HWH8Ip5qdjI4sRZEKFownio22kWMnQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNriWkLG7qAeviNThXotj+xPcUa7MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMnVKYVFzYnVvQjYtSTFPRmVpMlA3RTl4UnJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKkC2NFPJPcraDwxnRxd
qRxzXYk43qRPoB9L9sWOATzTpy0Fp6cH6IMxDaVNnFvswaPl7zYVihVvvf8m074/
Hqt/oxOxE4wBWGhd098uF9UchQafd40o69o1t023CnVNrp15Udh/oRtXG6X9EUF3
mwqmDN5eYlirMYXIi+DQSDCE0Efoo7mZfYM8H6LJFocipXlgDOTdJs1gNAt+wF7H
bDkEZwjIlCTL1JsCDBstzKeYx5989gyPcnkUlk+2AmoK8eRPvtZW8ABavHq7gJdR
EnyApR7/z9T2SUVClNnI/HomkibTPmV3NMSbbBUKc9VZmDUaDHEjKgSPKMX2uvFr
2WU=
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:31:25 2025 by rpki-client