Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/65IgKEuMtP7mwLa8D3T3rV94aiM.roa
File: 65IgKEuMtP7mwLa8D3T3rV94aiM.roa (raw, json)
Hash identifier: nqi6y0N3KLmUKprWr+6JMY0p7DAg/Heo1KOdB3WdkpE=
Subject key identifier: EB:92:20:28:4B:8C:B4:FE:E6:C0:B6:BC:0F:74:F7:AD:5F:78:6A:23
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B9CA05915A207A19A740C4660DD8097D3
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/65IgKEuMtP7mwLa8D3T3rV94aiM.roa
Signing time: Sat 04 Nov 2023 23:17:16 +0000
ROA not before: Sat 04 Nov 2023 23:17:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:9c:a0:59:15:a2:07:a1:9a:74:0c:46:60:dd:80:97:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 4 23:17:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eb9220284b8cb4fee6c0b6bc0f74f7ad5f786a23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:da:b5:6c:0a:5a:29:54:f0:ce:5c:73:ff:82:
fe:7a:5a:8a:73:85:67:7d:e6:9c:15:29:33:67:ce:
25:93:ba:e5:31:7e:c6:07:2c:7b:66:28:b9:55:3c:
54:8e:1d:28:71:56:6f:7d:7c:35:29:5a:3d:2f:00:
1e:8f:fd:80:01:a0:ad:81:a3:29:38:b4:c6:29:19:
72:51:41:1d:76:cb:54:bb:95:95:c0:73:c5:04:30:
c0:81:d5:19:39:30:e9:be:6b:5a:66:79:d2:c2:ce:
fb:95:a3:e4:d3:f6:54:41:20:d5:4f:3a:44:2b:11:
fd:25:c8:4c:27:7e:f8:3b:85:4d:cf:b8:65:3e:41:
34:bf:59:d4:2b:c2:ad:74:66:f9:e4:a5:98:df:21:
8f:36:39:40:c9:89:f0:f2:48:e9:b4:7e:a8:8e:70:
1e:fc:a6:85:42:53:9c:08:c7:1d:94:d0:37:b9:f8:
3c:39:e2:2c:86:08:9b:eb:ac:7e:5d:30:31:83:94:
0b:e6:7b:71:61:f5:ac:36:5a:ce:a5:e2:5e:fe:16:
02:db:3e:d2:75:e8:a7:04:09:f2:3c:09:14:73:b3:
81:1e:cf:87:86:c8:d8:54:2f:4b:fb:77:61:9c:b6:
11:4f:08:2a:64:5a:36:f3:59:41:a6:48:84:e8:5c:
25:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:92:20:28:4B:8C:B4:FE:E6:C0:B6:BC:0F:74:F7:AD:5F:78:6A:23
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/65IgKEuMtP7mwLa8D3T3rV94aiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ac:e2:34:8b:01:a4:b2:3b:0b:42:13:c9:d9:9c:f6:16:a1:c1:
ce:6a:70:6e:b9:cd:d3:bd:cd:26:8b:97:ae:40:52:40:d3:01:
2b:82:ce:1a:00:91:bd:ec:ea:87:48:d6:2f:25:91:68:66:b2:
e1:0a:38:ff:dd:96:f3:fa:4c:3e:c2:56:ed:cb:cd:e0:cf:c7:
3f:b1:43:a5:4b:8c:87:4d:d2:2a:7b:48:e8:18:53:20:39:80:
78:6b:ed:3f:3b:de:e2:ee:c5:30:34:35:02:cd:ac:91:48:5a:
4e:9d:bf:9f:be:9e:93:5e:fb:19:a0:7c:99:39:c4:03:a0:e5:
50:2b:e3:43:80:c2:45:88:26:9f:16:04:2f:68:0e:10:65:b2:
54:32:33:07:32:04:8f:5f:4a:dd:8d:b4:cd:6f:60:22:d1:42:
6b:5d:6e:11:e3:6e:3c:6f:29:48:96:f4:52:c3:0b:bc:2d:96:
d6:e9:7f:60:04:76:1a:8b:bc:6e:2d:a8:57:f7:1c:53:53:88:
cf:34:dd:81:cb:d9:dd:8d:af:a8:d9:7b:34:8e:ff:b4:09:e8:
ac:bb:b3:80:83:ce:89:95:b8:9f:72:57:29:a0:c4:bf:eb:68:
ea:3b:49:17:57:a5:dc:d1:51:5f:03:65:0e:9d:f0:0f:90:5f:
45:3d:c1:78
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYucoFkVogehmnQMRmDdgJfTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA0MjMxNzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjkyMjAyODRiOGNiNGZlZTZjMGI2YmMwZjc0ZjdhZDVmNzg2YTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNq1bApaKVTwzlxz/4L+elqKc4Vn
feacFSkzZ84lk7rlMX7GByx7Zii5VTxUjh0ocVZvfXw1KVo9LwAej/2AAaCtgaMp
OLTGKRlyUUEddstUu5WVwHPFBDDAgdUZOTDpvmtaZnnSws77laPk0/ZUQSDVTzpE
KxH9JchMJ374O4VNz7hlPkE0v1nUK8KtdGb55KWY3yGPNjlAyYnw8kjptH6ojnAe
/KaFQlOcCMcdlNA3ufg8OeIshgib66x+XTAxg5QL5ntxYfWsNlrOpeJe/hYC2z7S
deinBAnyPAkUc7OBHs+HhsjYVC9L+3dhnLYRTwgqZFo281lBpkiE6FwlIwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOuSIChLjLT+5sC2vA90961feGojMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvNjVJZ0tFdU10UDdtd0xhOEQzVDNyVjk0YWlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKziNIsBpLI7C0ITydmc
9hahwc5qcG65zdO9zSaLl65AUkDTASuCzhoAkb3s6odI1i8lkWhmsuEKOP/dlvP6
TD7CVu3LzeDPxz+xQ6VLjIdN0ip7SOgYUyA5gHhr7T873uLuxTA0NQLNrJFIWk6d
v5++npNe+xmgfJk5xAOg5VAr40OAwkWIJp8WBC9oDhBlslQyMwcyBI9fSt2NtM1v
YCLRQmtdbhHjbjxvKUiW9FLDC7wtltbpf2AEdhqLvG4tqFf3HFNTiM803YHL2d2N
r6jZezSO/7QJ6Ky7s4CDzomVuJ9yVymgxL/raOo7SRdXpdzRUV8DZQ6d8A+QX0U9
wXg=
-----END CERTIFICATE-----
Generated at Tue Apr 22 19:53:56 2025 by rpki-client