Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2yDJ5b88W3lwztKBUT9YXDO36h8.roa
File: 2yDJ5b88W3lwztKBUT9YXDO36h8.roa (raw, json)
Hash identifier: /E64HDZ2h+5dgVS2pZadL+RuD5JhhtrSZvXeS0y3+lg=
Subject key identifier: DB:20:C9:E5:BF:3C:5B:79:70:CE:D2:81:51:3F:58:5C:33:B7:EA:1F
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C4243FAAB5C235373297B455FB6D2CEBB
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2yDJ5b88W3lwztKBUT9YXDO36h8.roa
Signing time: Thu 07 Dec 2023 03:13:20 +0000
ROA not before: Thu 07 Dec 2023 03:13:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:42:43:fa:ab:5c:23:53:73:29:7b:45:5f:b6:d2:ce:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 7 03:13:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db20c9e5bf3c5b7970ced281513f585c33b7ea1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:73:6c:b4:1b:8e:7d:dd:f5:78:a1:2a:b1:4e:
ee:b8:1d:11:f7:49:c3:f9:90:ec:08:0c:96:c6:d7:
b4:e0:fe:a5:c8:92:4f:47:5d:fb:d3:be:1e:50:9a:
1c:1d:e5:93:56:8e:e5:4a:df:fb:d0:6b:20:f5:45:
c9:90:6a:51:24:8e:cf:95:8a:bf:65:f8:7b:ac:f3:
10:dd:4c:00:1a:a9:0e:44:ed:7e:c1:e9:e4:74:de:
01:6a:1a:62:2f:96:11:59:f4:a1:14:97:ce:d9:24:
fd:54:0f:ea:c8:65:b4:f3:4b:6f:e6:5b:8b:49:a0:
6b:e6:46:1e:d1:f3:58:52:bb:47:0d:1d:04:46:12:
7e:41:49:03:6b:71:a0:d3:bb:bc:f4:a9:39:57:3e:
78:40:0e:20:f3:fa:3d:ac:dd:56:11:98:73:bc:00:
e9:b5:22:fa:fa:87:99:d1:9d:37:8d:2e:b0:ce:fe:
fd:e7:98:c8:ba:b9:15:2a:40:29:59:0c:96:ad:72:
fc:21:ab:cc:9b:bc:ea:c5:1b:82:5b:1d:96:6a:af:
6f:6a:1e:b2:94:56:c2:23:c4:b5:7d:63:e5:e6:cf:
d9:41:11:65:76:7a:f0:90:8b:a5:ad:8f:45:a2:a8:
7d:d6:d2:40:95:2a:f0:be:a3:d7:3f:30:5d:4f:5e:
14:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:20:C9:E5:BF:3C:5B:79:70:CE:D2:81:51:3F:58:5C:33:B7:EA:1F
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2yDJ5b88W3lwztKBUT9YXDO36h8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
34:76:7e:fe:a3:50:1a:be:f0:3a:1d:3c:49:26:c9:f2:b9:c2:
d7:de:63:ae:e9:6d:9e:d6:a9:8a:d0:80:45:29:f3:f1:5f:19:
75:f9:16:64:44:fa:35:79:bc:bd:6a:74:95:04:c1:18:19:b9:
3e:fb:0d:83:94:21:b9:9b:6b:d0:32:50:80:a8:71:ba:ba:88:
af:eb:f9:59:4e:e3:73:16:98:01:67:47:eb:4a:aa:bf:6a:c4:
66:13:ec:22:e2:64:59:4c:7f:ca:f4:b7:f1:3a:14:9c:be:e8:
25:78:dc:25:8b:fb:38:a6:b0:40:e5:21:87:c3:2c:82:12:58:
2c:de:d8:d4:07:d9:ad:a7:a7:b3:cc:d9:ef:fd:f2:49:68:73:
0e:af:94:11:da:a8:95:ed:ae:d6:e3:48:1e:08:7c:03:81:d1:
1d:e7:8d:bf:43:87:6e:87:7e:5c:00:bd:53:1c:ac:42:77:c8:
22:09:84:ca:ea:e5:b6:27:2f:a6:f2:37:00:66:4f:2a:ce:33:
61:7e:1a:d0:d8:7e:3c:eb:d3:5d:4f:d3:5b:08:a0:bf:06:79:
da:e4:f7:5a:c7:2d:4a:48:c7:f2:2c:a0:71:92:56:28:a8:08:
c8:44:1c:0c:d6:a3:a3:f1:ca:e1:12:f1:c0:aa:3a:2d:53:43:
c5:c1:c5:fe
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxCQ/qrXCNTcyl7RV+20s67MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA3MDMxMzIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjIwYzllNWJmM2M1Yjc5NzBjZWQyODE1MTNmNTg1YzMzYjdlYTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2HNstBuOfd31eKEqsU7uuB0R90nD
+ZDsCAyWxte04P6lyJJPR137074eUJocHeWTVo7lSt/70Gsg9UXJkGpRJI7PlYq/
Zfh7rPMQ3UwAGqkORO1+wenkdN4BahpiL5YRWfShFJfO2ST9VA/qyGW080tv5luL
SaBr5kYe0fNYUrtHDR0ERhJ+QUkDa3Gg07u89Kk5Vz54QA4g8/o9rN1WEZhzvADp
tSL6+oeZ0Z03jS6wzv7955jIurkVKkApWQyWrXL8IavMm7zqxRuCWx2Waq9vah6y
lFbCI8S1fWPl5s/ZQRFldnrwkIulrY9Foqh91tJAlSrwvqPXPzBdT14UHQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNsgyeW/PFt5cM7SgVE/WFwzt+ofMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMnlESjViODhXM2x3enRLQlVUOVlYRE8zNmg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADR2fv6jUBq+8DodPEkm
yfK5wtfeY67pbZ7WqYrQgEUp8/FfGXX5FmRE+jV5vL1qdJUEwRgZuT77DYOUIbmb
a9AyUICocbq6iK/r+VlO43MWmAFnR+tKqr9qxGYT7CLiZFlMf8r0t/E6FJy+6CV4
3CWL+zimsEDlIYfDLIISWCze2NQH2a2np7PM2e/98klocw6vlBHaqJXtrtbjSB4I
fAOB0R3njb9Dh26HflwAvVMcrEJ3yCIJhMrq5bYnL6byNwBmTyrOM2F+GtDYfjzr
011P01sIoL8Gedrk91rHLUpIx/IsoHGSViioCMhEHAzWo6PxyuES8cCqOi1TQ8XB
xf4=
-----END CERTIFICATE-----
Generated at Wed Apr 23 05:02:15 2025 by rpki-client