Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/59P83s87k0lN6EM5eGQJadpQt98.roa
File: 59P83s87k0lN6EM5eGQJadpQt98.roa (raw, json)
Hash identifier: ToqXHQDZlyFswmnQjqEm5X2VxogEzaWvSwDisieMxro=
Subject key identifier: E7:D3:FC:DE:CF:3B:93:49:4D:E8:43:39:78:64:09:69:DA:50:B7:DF
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BCB60BFC953CE581C307D681FE83F093C
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/59P83s87k0lN6EM5eGQJadpQt98.roa
Signing time: Tue 14 Nov 2023 01:09:57 +0000
ROA not before: Tue 14 Nov 2023 01:09:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cb:60:bf:c9:53:ce:58:1c:30:7d:68:1f:e8:3f:09:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 14 01:09:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7d3fcdecf3b93494de8433978640969da50b7df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b0:32:23:24:ae:62:6e:1e:a1:18:03:20:e7:
95:97:e8:c7:63:86:90:0c:2f:f0:1e:72:ba:79:19:
e5:7f:17:f1:66:1f:89:b3:17:ca:d7:97:65:9b:90:
ce:e0:9b:82:43:ca:1f:94:23:45:9c:b0:18:30:6f:
3d:d6:eb:00:7a:95:7f:11:e7:68:27:20:65:37:da:
80:22:90:35:b7:8a:e4:28:00:ac:68:f9:c8:a8:69:
4b:e8:23:4f:65:cb:83:87:ba:da:87:a9:f2:8c:26:
21:d9:64:51:f8:0e:ae:05:ac:47:d4:f5:74:97:f0:
8c:8c:e4:66:7f:d4:9b:9a:82:05:4d:3f:c6:c3:83:
b1:59:bb:35:34:77:a7:66:d9:7b:a3:35:41:b1:9c:
77:cf:4d:6a:06:fb:36:46:fc:56:80:27:28:f9:77:
5c:46:39:c3:d4:da:bb:79:13:62:90:b3:bf:80:c1:
eb:48:ce:35:87:80:42:e2:6b:d9:80:40:3c:13:da:
bd:ac:87:e3:79:9e:19:f6:19:86:42:1f:48:9c:22:
18:8d:ae:8f:56:6d:3f:ad:f3:e6:e1:53:ad:7a:07:
d9:3a:59:1b:9a:bf:54:f7:b8:c5:f6:35:df:90:de:
66:79:35:aa:46:a7:2a:dd:1b:ab:3d:ba:f2:77:7a:
b0:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:D3:FC:DE:CF:3B:93:49:4D:E8:43:39:78:64:09:69:DA:50:B7:DF
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/59P83s87k0lN6EM5eGQJadpQt98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
78:29:37:00:cf:96:1d:01:d8:54:55:51:93:7c:3b:d6:99:70:
6b:8c:88:ee:fe:bf:0e:84:3f:bd:6e:cc:0e:7c:50:28:b9:4e:
94:02:1f:f9:81:13:3a:4c:d3:2e:50:14:51:cd:82:99:76:b7:
bc:70:e4:49:92:20:ab:44:c8:2b:c6:ff:f4:9d:0c:e4:da:8e:
2d:4a:7c:cc:d1:2f:42:24:b2:c1:20:57:bf:34:66:b0:dc:7b:
9e:e1:62:1c:3f:01:2b:40:7a:1e:65:af:da:b4:31:b9:ed:8f:
7a:ea:b8:dd:46:f6:7d:c7:59:75:53:17:de:89:47:16:7b:a3:
ee:7d:b0:f8:b0:00:bd:ce:82:5c:23:29:cd:e2:0d:00:83:12:
c7:d5:82:c9:22:0a:af:f0:24:a3:71:75:60:f2:e6:d0:39:2a:
d7:57:b7:63:6b:50:db:86:61:dc:5e:26:78:73:6b:6a:14:6f:
cf:e8:34:9e:68:06:a9:84:96:9a:93:39:04:c2:1c:4b:ff:ce:
fd:68:d6:eb:7b:3d:80:1a:d3:64:3f:41:86:5e:ee:ab:9b:45:
1b:e4:6a:9c:a6:c1:b6:37:9b:9c:ef:44:c4:c7:5c:ce:1f:31:
0b:f7:e1:71:f7:2d:e6:18:8a:20:d3:19:78:ce:c5:d0:15:5e:
9d:a6:10:0d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvLYL/JU85YHDB9aB/oPwk8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTE0MDEwOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2QzZmNkZWNmM2I5MzQ5NGRlODQzMzk3ODY0MDk2OWRhNTBiN2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbAyIySuYm4eoRgDIOeVl+jHY4aQ
DC/wHnK6eRnlfxfxZh+JsxfK15dlm5DO4JuCQ8oflCNFnLAYMG891usAepV/Eedo
JyBlN9qAIpA1t4rkKACsaPnIqGlL6CNPZcuDh7rah6nyjCYh2WRR+A6uBaxH1PV0
l/CMjORmf9SbmoIFTT/Gw4OxWbs1NHenZtl7ozVBsZx3z01qBvs2RvxWgCco+Xdc
RjnD1Nq7eRNikLO/gMHrSM41h4BC4mvZgEA8E9q9rIfjeZ4Z9hmGQh9InCIYja6P
Vm0/rfPm4VOtegfZOlkbmr9U97jF9jXfkN5meTWqRqcq3RurPbryd3qw+wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOfT/N7PO5NJTehDOXhkCWnaULffMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvNTlQODNzODdrMGxONkVNNWVHUUphZHBRdDk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHgpNwDPlh0B2FRVUZN8
O9aZcGuMiO7+vw6EP71uzA58UCi5TpQCH/mBEzpM0y5QFFHNgpl2t7xw5EmSIKtE
yCvG//SdDOTaji1KfMzRL0IkssEgV780ZrDce57hYhw/AStAeh5lr9q0Mbntj3rq
uN1G9n3HWXVTF96JRxZ7o+59sPiwAL3OglwjKc3iDQCDEsfVgskiCq/wJKNxdWDy
5tA5KtdXt2NrUNuGYdxeJnhza2oUb8/oNJ5oBqmElpqTOQTCHEv/zv1o1ut7PYAa
02Q/QYZe7qubRRvkapymwbY3m5zvRMTHXM4fMQv34XH3LeYYiiDTGXjOxdAVXp2m
EA0=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:10:02 2025 by rpki-client