Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/3vLYkpkVwdEDk9XEbYKsVc64cS4.roa
File: 3vLYkpkVwdEDk9XEbYKsVc64cS4.roa (raw, json)
Hash identifier: YgOMg5DGb2LY7ehcEu5qqS8J4X44IJhe9CIJ4IDvawc=
Subject key identifier: DE:F2:D8:92:99:15:C1:D1:03:93:D5:C4:6D:82:AC:55:CE:B8:71:2E
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B5481709208B123BDC110616997756251
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/3vLYkpkVwdEDk9XEbYKsVc64cS4.roa
Signing time: Sat 21 Oct 2023 23:10:50 +0000
ROA not before: Sat 21 Oct 2023 23:10:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:547b:c373/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:54:81:70:92:08:b1:23:bd:c1:10:61:69:97:75:62:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 21 23:10:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=def2d8929915c1d10393d5c46d82ac55ceb8712e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:50:10:43:57:7a:5e:c4:d9:91:95:ad:5b:3d:
26:29:f8:60:67:88:3e:a6:96:25:90:f3:8a:57:7f:
f4:ac:f2:d4:1c:76:ec:62:86:14:c4:22:9e:74:8a:
e9:5f:99:e7:5e:4f:88:b8:9e:f4:b6:6d:e7:20:3d:
48:9b:3e:5b:44:a6:87:8f:83:28:48:71:5d:a2:5a:
18:ef:bd:3d:57:a2:98:f0:a1:e8:79:e8:16:3d:1e:
50:7b:3b:da:a9:ba:a6:c0:b4:bc:5b:d1:b7:ac:43:
77:a0:d9:cf:b7:96:42:87:2b:39:4e:8a:2b:47:54:
e0:24:c6:a1:1e:27:3f:3c:cf:b5:d5:8c:aa:cb:82:
c4:0f:e1:d2:78:1e:f2:eb:30:1a:3f:9b:be:ce:5d:
e4:4a:77:db:2f:d7:23:29:91:61:f2:e8:38:05:10:
b8:4e:18:40:db:7c:02:25:9e:50:ac:a6:c2:09:8d:
13:31:92:21:b6:4d:d2:7a:3a:7b:00:70:cd:02:56:
8a:d1:64:f7:0d:f8:90:d0:42:4f:ec:58:dd:a7:ee:
bc:bc:46:b7:db:38:d1:26:24:86:6c:be:66:d8:3a:
6a:f0:af:27:82:df:2a:5c:06:11:34:f3:51:8f:b5:
1b:cb:ad:2d:f9:b7:f1:21:a0:68:c3:62:0a:bb:99:
c8:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:F2:D8:92:99:15:C1:D1:03:93:D5:C4:6D:82:AC:55:CE:B8:71:2E
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/3vLYkpkVwdEDk9XEbYKsVc64cS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
cf:d5:db:de:c0:a3:c9:31:3b:22:23:9c:c7:af:ce:5b:24:ef:
44:e3:08:dd:2f:a7:4a:84:f7:b5:dd:b6:d7:d6:d0:1a:59:be:
82:46:25:23:74:ed:72:3b:97:2e:bd:82:f6:3e:8c:7c:57:d5:
ce:55:75:a1:4b:b2:b7:b3:01:95:d8:98:51:24:be:0f:fd:7f:
5c:d7:26:32:d8:4b:c7:12:87:9f:a8:45:cc:73:e5:5c:ea:d6:
f3:66:ec:12:81:c6:3b:f9:7e:29:cd:75:6c:6a:01:2d:72:f1:
c8:24:ae:a0:2f:ea:0e:91:04:81:ab:8a:3b:fc:6f:ac:b8:a6:
af:9b:05:21:1e:6b:47:bc:5a:51:45:bd:c4:a0:8f:f6:c9:c0:
c2:0e:70:0a:97:f4:73:48:eb:74:e7:af:1f:f5:86:b0:a1:88:
ed:99:45:60:d4:55:fa:62:5c:11:b8:c9:7d:47:c5:68:2c:14:
37:7b:15:64:55:5d:d0:fe:6f:0e:7e:94:a2:6a:d2:c6:a6:44:
33:38:08:a8:96:7b:96:9f:6f:9f:1d:57:47:4b:5b:54:48:1b:
d7:5e:d9:c3:66:b8:0c:b7:10:94:1b:1d:72:ab:64:09:22:d6:
a8:09:3e:97:01:f5:b4:55:a4:f1:72:fb:7a:13:8b:55:53:41:
5d:6a:f1:fe
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtUgXCSCLEjvcEQYWmXdWJRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIxMjMxMDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWYyZDg5Mjk5MTVjMWQxMDM5M2Q1YzQ2ZDgyYWM1NWNlYjg3MTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAglAQQ1d6XsTZkZWtWz0mKfhgZ4g+
ppYlkPOKV3/0rPLUHHbsYoYUxCKedIrpX5nnXk+IuJ70tm3nID1Imz5bRKaHj4Mo
SHFdoloY7709V6KY8KHoeegWPR5QezvaqbqmwLS8W9G3rEN3oNnPt5ZChys5Toor
R1TgJMahHic/PM+11Yyqy4LED+HSeB7y6zAaP5u+zl3kSnfbL9cjKZFh8ug4BRC4
ThhA23wCJZ5QrKbCCY0TMZIhtk3Sejp7AHDNAlaK0WT3DfiQ0EJP7Fjdp+68vEa3
2zjRJiSGbL5m2Dpq8K8ngt8qXAYRNPNRj7Uby60t+bfxIaBow2IKu5nIkQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN7y2JKZFcHRA5PVxG2CrFXOuHEuMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvM3ZMWWtwa1Z3ZEVEazlYRWJZS3NWYzY0Y1M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAM/V297Ao8kxOyIjnMev
zlsk70TjCN0vp0qE97XdttfW0BpZvoJGJSN07XI7ly69gvY+jHxX1c5VdaFLsrez
AZXYmFEkvg/9f1zXJjLYS8cSh5+oRcxz5Vzq1vNm7BKBxjv5finNdWxqAS1y8cgk
rqAv6g6RBIGrijv8b6y4pq+bBSEea0e8WlFFvcSgj/bJwMIOcAqX9HNI63Tnrx/1
hrChiO2ZRWDUVfpiXBG4yX1HxWgsFDd7FWRVXdD+bw5+lKJq0samRDM4CKiWe5af
b58dV0dLW1RIG9de2cNmuAy3EJQbHXKrZAki1qgJPpcB9bRVpPFy+3oTi1VTQV1q
8f4=
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:36:17 2025 by rpki-client