Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/4xa-HOuvbA0OfoPOdeQI5wBzOpg.roa
File: 4xa-HOuvbA0OfoPOdeQI5wBzOpg.roa (raw, json)
Hash identifier: Qkqpvei7oa/XRkuEsR8N6MeJ4ZXNM1xOT9LnplpeV/4=
Subject key identifier: E3:16:BE:1C:EB:AF:6C:0D:0E:7E:83:CE:75:E4:08:E7:00:73:3A:98
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C3F42F551AFC7383E4336D174E2204228
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/4xa-HOuvbA0OfoPOdeQI5wBzOpg.roa
Signing time: Wed 06 Dec 2023 13:13:21 +0000
ROA not before: Wed 06 Dec 2023 13:13:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3f:42:f5:51:af:c7:38:3e:43:36:d1:74:e2:20:42:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 6 13:13:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e316be1cebaf6c0d0e7e83ce75e408e700733a98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:de:e5:42:2c:b6:2e:fd:92:d2:80:3a:23:1e:
4e:3b:b5:53:ea:99:eb:be:2a:88:00:4a:54:8c:83:
82:b7:10:88:28:fb:c4:fe:87:af:c3:e4:cd:91:21:
68:69:43:18:e6:d5:66:4e:09:bb:45:95:8e:b7:f6:
c4:f9:61:85:f7:d3:75:c8:aa:f0:ba:22:9f:d1:be:
03:af:a1:c5:b4:0e:e3:28:d2:2c:c1:f4:c1:9c:78:
a7:a6:38:c1:af:71:96:26:0e:d8:34:71:71:50:d2:
84:25:63:b5:59:65:7b:41:2a:fb:6b:05:31:3e:21:
51:15:85:09:6a:06:fc:fb:96:cb:f2:99:ba:2d:ed:
49:f3:b9:b4:d8:1b:62:71:35:85:b1:3c:02:05:65:
5f:40:6e:06:5a:58:3d:6f:10:6f:1d:e9:05:64:26:
81:99:cd:10:ef:b3:46:f2:be:7c:18:9e:f3:d9:7e:
10:f8:51:99:67:c1:1a:3a:25:2e:1e:d9:02:98:83:
c1:6a:0f:56:a3:53:3f:4b:ab:ff:ff:3b:97:82:e4:
07:7b:36:bd:03:9d:a3:70:3b:0c:13:c2:4b:0c:53:
ac:75:ff:0a:33:c3:26:50:2b:12:5e:36:94:04:4c:
bb:69:12:67:40:69:6a:5a:5b:20:38:44:a9:9a:1c:
64:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:16:BE:1C:EB:AF:6C:0D:0E:7E:83:CE:75:E4:08:E7:00:73:3A:98
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/4xa-HOuvbA0OfoPOdeQI5wBzOpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
97:2c:65:57:0b:fb:8d:73:82:06:48:04:a3:00:03:de:f0:ec:
a6:42:df:6a:f1:ad:8d:4c:da:e5:c6:00:d2:54:ab:5e:cd:18:
c6:9c:95:7d:7c:40:58:8c:86:5b:92:7d:e5:29:4a:ae:2b:44:
09:16:e8:cd:aa:14:a0:66:0c:ce:da:e2:62:e9:a2:99:d7:42:
71:ec:57:12:a8:e7:6c:6d:44:dd:45:fb:c1:77:19:8e:91:e5:
cd:65:51:47:0d:41:dd:74:c1:9e:f7:b2:3d:26:2e:47:4f:64:
f4:e4:b3:c8:3f:1a:c2:f5:51:38:c5:d3:ba:6a:33:e1:b9:a2:
25:e0:fb:e4:16:83:1a:ac:72:10:08:dd:b6:9b:34:e3:84:73:
3b:3b:08:6f:2f:c5:07:a8:03:fd:55:17:1d:db:9d:57:c8:b7:
46:82:3f:13:35:f0:1d:59:a7:2f:b6:e3:c1:dc:20:a0:4a:89:
05:51:7b:4e:1f:cb:a3:7a:bc:f5:49:59:a9:3e:9a:d4:19:0b:
60:24:fc:70:17:cc:36:08:fa:51:4c:db:54:ec:ab:ef:a7:3a:
f8:44:42:3e:b9:d4:1f:25:7c:bd:f5:7a:01:eb:c3:0f:5c:53:
59:f5:33:13:9b:36:a2:8d:e2:26:3b:10:00:32:e7:d7:ee:8d:
d9:28:97:01
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYw/QvVRr8c4PkM20XTiIEIoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA2MTMxMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzE2YmUxY2ViYWY2YzBkMGU3ZTgzY2U3NWU0MDhlNzAwNzMzYTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmd7lQiy2Lv2S0oA6Ix5OO7VT6pnr
viqIAEpUjIOCtxCIKPvE/oevw+TNkSFoaUMY5tVmTgm7RZWOt/bE+WGF99N1yKrw
uiKf0b4Dr6HFtA7jKNIswfTBnHinpjjBr3GWJg7YNHFxUNKEJWO1WWV7QSr7awUx
PiFRFYUJagb8+5bL8pm6Le1J87m02BticTWFsTwCBWVfQG4GWlg9bxBvHekFZCaB
mc0Q77NG8r58GJ7z2X4Q+FGZZ8EaOiUuHtkCmIPBag9Wo1M/S6v//zuXguQHeza9
A52jcDsME8JLDFOsdf8KM8MmUCsSXjaUBEy7aRJnQGlqWlsgOESpmhxkJQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOMWvhzrr2wNDn6DznXkCOcAczqYMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvNHhhLUhPdXZiQTBPZm9QT2RlUUk1d0J6T3BnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJcsZVcL+41zggZIBKMA
A97w7KZC32rxrY1M2uXGANJUq17NGMaclX18QFiMhluSfeUpSq4rRAkW6M2qFKBm
DM7a4mLpopnXQnHsVxKo52xtRN1F+8F3GY6R5c1lUUcNQd10wZ73sj0mLkdPZPTk
s8g/GsL1UTjF07pqM+G5oiXg++QWgxqschAI3babNOOEczs7CG8vxQeoA/1VFx3b
nVfIt0aCPxM18B1Zpy+248HcIKBKiQVRe04fy6N6vPVJWak+mtQZC2Ak/HAXzDYI
+lFM21Tsq++nOvhEQj651B8lfL31egHrww9cU1n1MxObNqKN4iY7EAAy59fujdko
lwE=
-----END CERTIFICATE-----
Generated at Sun Apr 20 05:08:23 2025 by rpki-client