Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/34gnVJy0k-pj7lt9WGPZs70sJ0U.roa
File: 34gnVJy0k-pj7lt9WGPZs70sJ0U.roa (raw, json)
Hash identifier: uOJF4V/8uHurryaszOPkRXc1r+7Tr3DYnodSo2oQBnA=
Subject key identifier: DF:88:27:54:9C:B4:93:EA:63:EE:5B:7D:58:63:D9:B3:BD:2C:27:45
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C4D7239E03ED99BED61EFCD9020132A86
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/34gnVJy0k-pj7lt9WGPZs70sJ0U.roa
Signing time: Sat 09 Dec 2023 07:19:40 +0000
ROA not before: Sat 09 Dec 2023 07:19:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:4d:72:39:e0:3e:d9:9b:ed:61:ef:cd:90:20:13:2a:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 9 07:19:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df8827549cb493ea63ee5b7d5863d9b3bd2c2745
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:3a:fb:31:a6:98:02:f2:fd:02:8d:fe:e9:58:
15:c0:aa:c6:bc:97:b9:33:06:ae:db:ec:05:10:ae:
42:e2:d0:33:c7:5f:ca:e4:02:6f:86:44:b5:64:db:
1c:61:05:0f:4e:56:7d:a5:f8:fd:6c:6a:15:a9:50:
bf:77:14:74:6b:fa:44:8d:51:6b:d3:05:9f:1d:1d:
23:ac:15:3f:6b:15:e8:e3:a7:be:48:90:43:2a:8c:
22:d4:36:d5:9d:b6:78:e6:e4:32:90:48:11:fc:13:
9e:5c:ef:ff:15:0b:01:4d:bb:d5:28:0c:15:b7:88:
20:91:0c:2d:9c:06:a3:a7:9b:61:a0:f0:ae:9e:fc:
e1:dc:c2:0b:e7:90:56:e1:1c:4c:dc:1e:82:f3:af:
b5:42:f4:60:9a:51:06:df:42:9c:4f:65:70:e0:dd:
6f:f3:34:2e:b4:34:ec:52:a9:e7:07:63:10:75:a0:
85:44:82:37:72:8a:63:ad:f6:94:23:d9:e3:56:74:
19:f9:56:56:51:d2:82:a7:fc:34:24:65:1e:27:69:
13:d7:54:50:8a:c8:36:7b:99:7a:f9:75:7a:a5:80:
91:f4:ae:64:80:e5:fc:5d:10:c4:b0:59:56:dc:2d:
49:4a:5e:05:85:99:f3:e8:6d:b0:6e:fd:6a:de:f0:
c6:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:88:27:54:9C:B4:93:EA:63:EE:5B:7D:58:63:D9:B3:BD:2C:27:45
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/34gnVJy0k-pj7lt9WGPZs70sJ0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c9:3f:f6:d0:f5:e3:98:7d:22:2c:35:b9:59:19:b1:03:2f:df:
63:0f:e1:5c:3d:e6:21:4a:4b:38:8d:07:8b:1d:cb:87:47:85:
ea:98:e3:f9:35:5d:65:f4:44:95:aa:bd:36:a0:70:77:a6:50:
e2:31:29:c0:ea:40:8a:cf:ed:2a:8a:fa:f3:d5:58:c1:39:dc:
d6:b6:e4:3d:0a:9e:d7:43:7a:02:20:dc:b9:3a:c4:48:0a:74:
05:85:90:b3:61:6c:67:0a:94:62:f8:f6:8e:57:04:c6:d1:04:
41:c4:71:26:47:59:7d:bf:38:b2:a3:33:e2:d3:03:3a:7f:e8:
21:91:29:b7:d4:db:b6:59:2a:91:1b:a1:5f:e2:09:8f:12:0d:
0b:9d:f1:ce:9a:87:46:c1:4d:1b:af:20:f3:ed:8b:4e:8b:2a:
b5:bc:f8:9a:fd:8b:e2:a0:91:07:1c:50:f6:0b:bf:76:3d:58:
b3:72:dd:10:13:d0:fa:68:f7:69:3c:e4:2f:d7:3e:f5:23:45:
16:32:81:d6:5a:02:76:14:20:ce:ff:81:42:f8:67:00:35:90:
0e:d7:ef:72:7c:25:ff:64:02:30:ff:8a:dc:35:05:b7:a3:00:
b2:09:27:8d:a4:ac:8c:cb:d1:e2:a5:5f:71:52:67:e0:ba:84:
5e:44:74:aa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxNcjngPtmb7WHvzZAgEyqGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA5MDcxOTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjg4Mjc1NDljYjQ5M2VhNjNlZTViN2Q1ODYzZDliM2JkMmMyNzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDr7MaaYAvL9Ao3+6VgVwKrGvJe5
Mwau2+wFEK5C4tAzx1/K5AJvhkS1ZNscYQUPTlZ9pfj9bGoVqVC/dxR0a/pEjVFr
0wWfHR0jrBU/axXo46e+SJBDKowi1DbVnbZ45uQykEgR/BOeXO//FQsBTbvVKAwV
t4ggkQwtnAajp5thoPCunvzh3MIL55BW4RxM3B6C86+1QvRgmlEG30KcT2Vw4N1v
8zQutDTsUqnnB2MQdaCFRII3copjrfaUI9njVnQZ+VZWUdKCp/w0JGUeJ2kT11RQ
isg2e5l6+XV6pYCR9K5kgOX8XRDEsFlW3C1JSl4FhZnz6G2wbv1q3vDGtwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN+IJ1SctJPqY+5bfVhj2bO9LCdFMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMzRnblZKeTBrLXBqN2x0OVdHUFpzNzBzSjBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMk/9tD145h9Iiw1uVkZ
sQMv32MP4Vw95iFKSziNB4sdy4dHheqY4/k1XWX0RJWqvTagcHemUOIxKcDqQIrP
7SqK+vPVWME53Na25D0KntdDegIg3Lk6xEgKdAWFkLNhbGcKlGL49o5XBMbRBEHE
cSZHWX2/OLKjM+LTAzp/6CGRKbfU27ZZKpEboV/iCY8SDQud8c6ah0bBTRuvIPPt
i06LKrW8+Jr9i+KgkQccUPYLv3Y9WLNy3RAT0Ppo92k85C/XPvUjRRYygdZaAnYU
IM7/gUL4ZwA1kA7X73J8Jf9kAjD/itw1BbejALIJJ42krIzL0eKlX3FSZ+C6hF5E
dKo=
-----END CERTIFICATE-----
Generated at Tue Apr 22 05:01:15 2025 by rpki-client