Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/52cpfaXHvGtjITkiRRcmKMf-zts.roa
File: 52cpfaXHvGtjITkiRRcmKMf-zts.roa (raw, json)
Hash identifier: NpTv/zp2EvxWaCTZBpxvohOGirJtkw1h6PQ3yV+U/B0=
Subject key identifier: E7:67:29:7D:A5:C7:BC:6B:63:21:39:22:45:17:26:28:C7:FE:CE:DB
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AC48AAD94A07FD300616FE7DFF04D661B
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/52cpfaXHvGtjITkiRRcmKMf-zts.roa
Signing time: Sun 24 Sep 2023 00:15:37 +0000
ROA not before: Sun 24 Sep 2023 00:15:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c4:8a:ad:94:a0:7f:d3:00:61:6f:e7:df:f0:4d:66:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 24 00:15:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e767297da5c7bc6b6321392245172628c7fecedb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:5e:d1:98:00:40:1d:5e:22:2b:8a:27:7f:80:
c8:fb:83:49:07:a8:a9:23:48:2c:94:a9:fd:90:49:
9c:6f:1e:d7:63:35:f0:a1:57:06:17:9c:ca:0b:d1:
13:d9:3e:57:43:0a:c8:07:b0:f4:37:a6:a1:36:48:
0b:62:87:bd:49:74:07:73:2e:8c:f3:fc:5f:e2:a4:
26:41:af:21:f1:a7:6f:a8:41:83:b2:25:11:18:bb:
2b:25:31:a6:51:a3:bc:2a:73:53:78:ff:d9:44:c5:
cd:46:04:ed:00:34:b8:65:a6:22:36:5d:7a:84:0d:
46:24:36:51:e2:6c:7d:dc:ed:e7:d0:b0:ff:b6:12:
25:8b:12:c5:55:0c:d8:5d:a8:70:28:75:4a:05:9b:
48:5a:01:ce:f1:75:68:ed:d3:2b:c9:6c:54:c2:ca:
09:ce:2d:42:bc:19:82:1b:84:88:42:45:62:e5:10:
6a:19:7e:87:72:ce:10:2e:a0:ee:be:8d:c5:d4:7c:
a9:5d:c0:42:01:cf:5e:16:4a:ac:9c:a6:93:81:92:
8a:4d:ab:9b:c9:46:43:e5:25:7a:c2:a2:98:27:16:
c4:d8:05:37:a1:22:a3:6f:46:99:6a:27:41:7c:0b:
72:48:62:db:00:f1:ae:d9:f5:03:27:1c:7e:d6:47:
e7:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:67:29:7D:A5:C7:BC:6B:63:21:39:22:45:17:26:28:C7:FE:CE:DB
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/52cpfaXHvGtjITkiRRcmKMf-zts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
67:88:1f:92:20:a4:88:d7:d7:2b:87:8b:b6:4b:69:c0:46:14:
1d:64:13:b0:48:4b:37:d4:fd:8c:d9:cb:1d:17:7e:d8:bc:2b:
b8:19:c7:96:29:d6:be:10:91:fe:f7:b9:e8:02:9e:1f:c0:01:
5a:29:f6:40:a8:e9:76:68:1d:96:2d:db:59:92:c3:48:3d:83:
32:f4:c8:d9:0c:a6:bb:d5:a9:87:8d:d8:18:85:d3:4d:75:fc:
e8:b8:ec:4c:98:35:1b:8d:77:b6:6c:fa:09:fb:f2:99:1e:7f:
07:ef:e2:75:12:b2:60:8e:07:7b:6b:aa:5c:4c:37:f7:b6:74:
6b:59:3a:23:13:aa:b5:e1:39:92:d9:42:43:b9:fe:ae:1a:34:
11:1c:3c:c4:ed:2d:5d:51:d2:8d:c0:f2:25:a5:75:f3:5f:77:
43:02:df:f4:09:fd:1b:31:ac:bc:4b:7d:fb:db:2a:ac:12:e7:
00:05:4a:7f:9c:a3:1f:86:4f:e1:7e:c7:a7:1f:39:6c:f2:6a:
28:ae:0d:3c:31:7b:8d:b3:84:28:7b:2c:a5:4b:64:6f:84:48:
ae:62:ce:17:f8:cd:6e:aa:ba:6b:65:ca:df:2a:34:88:c6:ab:
00:3b:91:bc:d1:3f:3e:4d:15:e4:ed:1c:e7:f7:d5:f5:23:fd:
47:4b:04:83
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrEiq2UoH/TAGFv59/wTWYbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI0MDAxNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzY3Mjk3ZGE1YzdiYzZiNjMyMTM5MjI0NTE3MjYyOGM3ZmVjZWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiF7RmABAHV4iK4onf4DI+4NJB6ip
I0gslKn9kEmcbx7XYzXwoVcGF5zKC9ET2T5XQwrIB7D0N6ahNkgLYoe9SXQHcy6M
8/xf4qQmQa8h8advqEGDsiURGLsrJTGmUaO8KnNTeP/ZRMXNRgTtADS4ZaYiNl16
hA1GJDZR4mx93O3n0LD/thIlixLFVQzYXahwKHVKBZtIWgHO8XVo7dMryWxUwsoJ
zi1CvBmCG4SIQkVi5RBqGX6Hcs4QLqDuvo3F1HypXcBCAc9eFkqsnKaTgZKKTaub
yUZD5SV6wqKYJxbE2AU3oSKjb0aZaidBfAtySGLbAPGu2fUDJxx+1kfnywIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOdnKX2lx7xrYyE5IkUXJijH/s7bMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvNTJjcGZhWEh2R3RqSVRraVJSY21LTWYtenRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGeIH5IgpIjX1yuHi7ZL
acBGFB1kE7BISzfU/YzZyx0Xfti8K7gZx5Yp1r4Qkf73uegCnh/AAVop9kCo6XZo
HZYt21mSw0g9gzL0yNkMprvVqYeN2BiF0011/Oi47EyYNRuNd7Zs+gn78pkefwfv
4nUSsmCOB3trqlxMN/e2dGtZOiMTqrXhOZLZQkO5/q4aNBEcPMTtLV1R0o3A8iWl
dfNfd0MC3/QJ/RsxrLxLffvbKqwS5wAFSn+cox+GT+F+x6cfOWzyaiiuDTwxe42z
hCh7LKVLZG+ESK5izhf4zW6qumtlyt8qNIjGqwA7kbzRPz5NFeTtHOf31fUj/UdL
BIM=
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:43:10 2025 by rpki-client