Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/4dOAJ5IJsxduhKVn3edjGEVAIPQ.roa
File: 4dOAJ5IJsxduhKVn3edjGEVAIPQ.roa (raw, json)
Hash identifier: Fy8f27Z9JVJYhbQKrcT1YfnFAG9oCSI/zN6c/BK9KMY=
Subject key identifier: E1:D3:80:27:92:09:B3:17:6E:84:A5:67:DD:E7:63:18:45:40:20:F4
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B6AD575396B28D8BE41827727A8E4AEEF
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/4dOAJ5IJsxduhKVn3edjGEVAIPQ.roa
Signing time: Thu 26 Oct 2023 07:14:15 +0000
ROA not before: Thu 26 Oct 2023 07:14:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6a:d5:75:39:6b:28:d8:be:41:82:77:27:a8:e4:ae:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 26 07:14:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1d380279209b3176e84a567dde76318454020f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:66:19:ee:a7:66:d7:76:4e:d9:fd:93:53:fd:
97:25:75:3e:bf:90:02:bc:a2:34:8c:73:c5:85:30:
cd:7c:94:eb:22:e3:70:3a:ce:60:75:00:2f:1a:d7:
b8:b7:59:39:a7:28:47:43:be:c9:5c:22:9c:c7:97:
34:da:ae:06:01:50:94:5c:3c:60:e8:cc:00:8a:57:
fc:8e:12:59:65:d5:9b:4a:ee:48:19:c0:18:05:b7:
49:e5:63:bc:c1:20:e7:5c:87:01:c7:53:ce:47:e4:
b8:78:56:16:fa:5a:08:40:ac:fe:89:42:56:20:48:
0a:96:cc:2b:28:43:f5:85:dc:6b:3e:45:e8:1a:2c:
9a:b1:b3:b3:75:0d:09:8d:6f:67:69:48:1e:6a:64:
bb:7e:d0:76:3f:60:e2:7c:84:6a:a6:1d:17:bd:9c:
68:90:fa:08:fa:38:e3:7d:3a:19:98:58:21:6d:8d:
89:04:92:89:04:e8:63:ef:7e:32:31:49:b0:15:cb:
65:1c:30:81:6c:db:88:f8:5b:c8:cf:41:4b:ad:87:
30:7a:85:7d:57:af:bb:13:1e:32:c1:c4:8e:53:42:
36:e0:e5:e4:40:58:9f:8a:e1:57:21:4d:54:c7:70:
01:89:f7:cb:6d:69:38:b7:a4:3c:0b:8d:16:1c:9a:
5a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:D3:80:27:92:09:B3:17:6E:84:A5:67:DD:E7:63:18:45:40:20:F4
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/4dOAJ5IJsxduhKVn3edjGEVAIPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7b:ac:f1:73:56:f3:23:b4:bc:99:e1:9e:06:94:fb:ba:fc:0d:
5f:58:4b:de:af:14:7d:bf:5b:e1:91:62:a4:ef:34:4a:e3:40:
80:9b:fe:4c:d8:c7:df:bb:ac:f2:68:cf:11:2b:63:b4:16:86:
c5:b4:ad:f6:09:cc:ef:13:67:d4:a4:46:a6:db:29:44:63:64:
0b:a6:41:1a:d7:65:17:7b:da:4f:08:47:cf:9d:4b:79:f5:e2:
1e:ba:63:c1:e7:9d:9c:e1:1c:40:2b:8e:91:2d:f3:6f:2f:92:
7a:6a:20:3d:5f:51:59:dd:86:86:3f:13:78:07:49:40:9c:21:
86:11:2c:43:85:5c:1c:92:36:04:7e:b0:80:24:36:46:17:06:
f6:6a:bb:0b:13:c2:54:b8:73:89:7a:14:6b:fd:95:c9:60:14:
6b:e6:bc:eb:55:88:3a:93:b4:58:f1:62:ec:07:be:bb:6b:19:
1f:4b:6d:c8:87:7f:3b:a4:d7:a5:2a:94:b1:8a:13:77:c2:4a:
4f:69:67:66:a6:3a:c6:a7:8f:d3:20:6c:61:84:7b:d4:3a:57:
13:d2:45:d2:00:0c:bf:4a:5b:6f:05:fa:83:33:e8:b7:7b:61:
90:81:fc:5e:2a:92:5a:0e:ab:5f:83:b2:52:ad:74:04:94:1f:
f1:40:88:36
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtq1XU5ayjYvkGCdyeo5K7vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI2MDcxNDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWQzODAyNzkyMDliMzE3NmU4NGE1NjdkZGU3NjMxODQ1NDAyMGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2YZ7qdm13ZO2f2TU/2XJXU+v5AC
vKI0jHPFhTDNfJTrIuNwOs5gdQAvGte4t1k5pyhHQ77JXCKcx5c02q4GAVCUXDxg
6MwAilf8jhJZZdWbSu5IGcAYBbdJ5WO8wSDnXIcBx1POR+S4eFYW+loIQKz+iUJW
IEgKlswrKEP1hdxrPkXoGiyasbOzdQ0JjW9naUgeamS7ftB2P2DifIRqph0XvZxo
kPoI+jjjfToZmFghbY2JBJKJBOhj734yMUmwFctlHDCBbNuI+FvIz0FLrYcweoV9
V6+7Ex4ywcSOU0I24OXkQFifiuFXIU1Ux3ABiffLbWk4t6Q8C40WHJpaYQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOHTgCeSCbMXboSlZ93nYxhFQCD0MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvNGRPQUo1SUpzeGR1aEtWbjNlZGpHRVZBSVBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHus8XNW8yO0vJnhngaU
+7r8DV9YS96vFH2/W+GRYqTvNErjQICb/kzYx9+7rPJozxErY7QWhsW0rfYJzO8T
Z9SkRqbbKURjZAumQRrXZRd72k8IR8+dS3n14h66Y8HnnZzhHEArjpEt828vknpq
ID1fUVndhoY/E3gHSUCcIYYRLEOFXBySNgR+sIAkNkYXBvZquwsTwlS4c4l6FGv9
lclgFGvmvOtViDqTtFjxYuwHvrtrGR9LbciHfzuk16UqlLGKE3fCSk9pZ2amOsan
j9MgbGGEe9Q6VxPSRdIADL9KW28F+oMz6Ld7YZCB/F4qkloOq1+DslKtdASUH/FA
iDY=
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:15:16 2025 by rpki-client