Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/4O54ZhwAi-Gxs6HEktgxQlyGH-0.roa
File: 4O54ZhwAi-Gxs6HEktgxQlyGH-0.roa (raw, json)
Hash identifier: Sdn8hf0dpPdzDOdi6UsQoP0LjApX/4QV4IV3Z2yWC44=
Subject key identifier: E0:EE:78:66:1C:00:8B:E1:B1:B3:A1:C4:92:D8:31:42:5C:86:1F:ED
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BBB12DC43C652E59D2FD7EC1804A2BCA7
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/4O54ZhwAi-Gxs6HEktgxQlyGH-0.roa
Signing time: Fri 10 Nov 2023 21:10:57 +0000
ROA not before: Fri 10 Nov 2023 21:10:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:bb:12:dc:43:c6:52:e5:9d:2f:d7:ec:18:04:a2:bc:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 10 21:10:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0ee78661c008be1b1b3a1c492d831425c861fed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:6a:76:87:75:7e:9d:93:ba:05:6d:3b:4c:8b:
90:b8:cd:e5:4c:c9:ca:ee:02:c3:18:33:dc:98:8c:
82:21:30:41:35:43:64:9d:3b:7a:de:1c:7d:50:68:
1f:04:25:9f:2d:7d:83:2a:cd:a4:fe:df:cf:bb:a1:
20:73:b0:f6:ee:e2:d1:61:45:57:38:60:b7:78:1f:
7f:a4:de:e5:4e:8a:91:ae:86:79:7d:14:15:9b:23:
ea:fe:d3:c2:65:05:3b:59:ba:de:6c:e5:59:0b:71:
84:61:e9:3f:f5:81:24:23:ce:67:d8:1a:7f:7f:2f:
bb:7c:4e:b3:d9:e5:13:7a:0d:16:c7:93:b9:d4:8e:
d8:f8:36:26:70:96:90:a6:1c:fb:15:f4:f0:1f:61:
16:3c:e0:50:67:50:7a:26:b4:e4:aa:df:16:63:6a:
d9:dc:63:30:91:28:f7:80:90:7e:ee:76:6b:3b:b6:
1a:79:07:6d:22:8b:0c:b5:07:b7:8d:f9:d4:ac:46:
6a:a7:43:38:eb:52:b2:29:a5:55:06:44:69:e3:1e:
2e:bf:e6:46:b9:1d:54:62:73:06:f7:3a:da:68:3d:
5d:2a:c8:3f:58:cc:45:e8:8a:fa:58:7f:87:20:17:
79:98:49:53:fb:7e:eb:d4:65:e5:f3:6c:7d:6d:36:
27:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:EE:78:66:1C:00:8B:E1:B1:B3:A1:C4:92:D8:31:42:5C:86:1F:ED
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/4O54ZhwAi-Gxs6HEktgxQlyGH-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1c:46:ad:10:b2:27:ed:ac:9c:d1:d5:c0:71:92:aa:62:ab:2b:
b3:4e:02:a3:9d:99:bd:1f:d7:a0:ff:cf:f5:cb:33:7b:8c:86:
0c:7a:27:fe:00:fd:e7:b5:9b:40:42:02:a5:15:16:90:03:14:
dd:5f:ae:5b:07:42:a8:72:6a:14:57:04:39:de:50:53:a1:a8:
e9:b3:11:5b:a9:43:bd:53:bb:05:9d:58:26:c8:00:21:04:e8:
6b:4d:42:23:72:89:f3:2f:d3:41:2b:93:39:77:1e:c5:4e:60:
d9:e0:68:40:4b:1e:7a:fa:3d:e8:3d:5b:d0:70:e4:4d:cb:66:
31:ed:75:55:c6:46:3c:62:db:84:e3:6f:1c:9e:0f:4b:dd:a5:
2b:e2:1b:86:b9:71:97:5d:2b:5e:6e:ba:f1:71:ad:6e:42:dc:
fa:21:51:8a:89:ab:fe:42:1f:67:fb:3c:1e:3f:23:8f:b3:c3:
03:3f:ad:05:9b:ae:96:e5:bb:42:86:d0:30:6a:33:fd:05:8c:
62:6b:ba:34:5b:91:12:97:fb:a4:55:01:d1:9f:28:76:dd:b4:
1b:50:25:2b:bb:d6:d1:c7:2c:e5:a0:2a:35:fa:24:9b:89:0a:
19:ff:dc:d3:20:eb:1d:6f:7f:19:63:6d:fb:34:13:21:79:84:
40:86:1a:34
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYu7EtxDxlLlnS/X7BgEorynMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTEwMjExMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGVlNzg2NjFjMDA4YmUxYjFiM2ExYzQ5MmQ4MzE0MjVjODYxZmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWp2h3V+nZO6BW07TIuQuM3lTMnK
7gLDGDPcmIyCITBBNUNknTt63hx9UGgfBCWfLX2DKs2k/t/Pu6Egc7D27uLRYUVX
OGC3eB9/pN7lToqRroZ5fRQVmyPq/tPCZQU7WbrebOVZC3GEYek/9YEkI85n2Bp/
fy+7fE6z2eUTeg0Wx5O51I7Y+DYmcJaQphz7FfTwH2EWPOBQZ1B6JrTkqt8WY2rZ
3GMwkSj3gJB+7nZrO7YaeQdtIosMtQe3jfnUrEZqp0M461KyKaVVBkRp4x4uv+ZG
uR1UYnMG9zraaD1dKsg/WMxF6Ir6WH+HIBd5mElT+37r1GXl82x9bTYn0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFODueGYcAIvhsbOhxJLYMUJchh/tMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvNE81NFpod0FpLUd4czZIRWt0Z3hRbHlHSC0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABxGrRCyJ+2snNHVwHGS
qmKrK7NOAqOdmb0f16D/z/XLM3uMhgx6J/4A/ee1m0BCAqUVFpADFN1frlsHQqhy
ahRXBDneUFOhqOmzEVupQ71TuwWdWCbIACEE6GtNQiNyifMv00Erkzl3HsVOYNng
aEBLHnr6Peg9W9Bw5E3LZjHtdVXGRjxi24TjbxyeD0vdpSviG4a5cZddK15uuvFx
rW5C3PohUYqJq/5CH2f7PB4/I4+zwwM/rQWbrpblu0KG0DBqM/0FjGJrujRbkRKX
+6RVAdGfKHbdtBtQJSu71tHHLOWgKjX6JJuJChn/3NMg6x1vfxljbfs0EyF5hECG
GjQ=
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:45:57 2025 by rpki-client