Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/7W7kTv-cG9JtGn8F_u3OnP3C0Uc.roa
File: 7W7kTv-cG9JtGn8F_u3OnP3C0Uc.roa (raw, json)
Hash identifier: KR8cKd8IWrxrvp+AFXAoBxzHMJfqRKHvvWjfl07R8FA=
Subject key identifier: ED:6E:E4:4E:FF:9C:1B:D2:6D:1A:7F:05:FE:ED:CE:9C:FD:C2:D1:47
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C74B19CBBF9CAAC31E4444D4C3FD60C60
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/7W7kTv-cG9JtGn8F_u3OnP3C0Uc.roa
Signing time: Sat 16 Dec 2023 22:14:06 +0000
ROA not before: Sat 16 Dec 2023 22:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:74:b1:9c:bb:f9:ca:ac:31:e4:44:4d:4c:3f:d6:0c:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 16 22:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ed6ee44eff9c1bd26d1a7f05feedce9cfdc2d147
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:28:5e:7b:f9:79:52:54:47:ad:c5:4f:c0:08:
3d:92:7a:71:1f:47:4b:b1:46:43:29:8e:3c:b0:53:
24:bf:49:c7:81:ce:3e:3d:3e:8c:ab:4c:78:27:bf:
bd:42:ed:f9:5c:25:5e:5e:7c:64:ad:01:60:76:08:
a0:df:60:58:61:36:ec:49:98:c7:83:32:63:dc:c8:
c1:13:3e:4f:ef:d5:3f:28:52:05:f1:fa:08:98:70:
12:b8:78:34:6b:a6:6d:71:dc:b6:bc:4c:de:63:01:
3b:1a:bf:04:ab:93:bd:ce:03:19:10:68:b3:2f:fa:
00:3b:90:89:9a:b2:31:a0:b2:9b:b6:b4:d8:84:f7:
43:5b:81:1c:fa:f0:af:27:de:e4:f6:b1:b2:7f:81:
81:85:60:04:70:01:f8:c6:46:ee:f4:57:5e:ce:10:
7a:6c:01:d9:2f:c1:f5:0a:39:30:27:48:89:fb:de:
28:54:00:3c:12:e0:8e:44:aa:92:69:10:02:54:65:
37:bd:d9:02:23:96:32:8a:bf:7c:5d:02:92:8b:7d:
c6:26:21:39:bd:47:1b:a8:25:e2:ed:fd:e1:6a:b3:
34:90:d8:f3:27:35:36:0b:91:2b:15:24:28:7a:6a:
46:7b:ae:2b:4b:c6:a7:45:72:60:14:c1:bd:1d:7d:
36:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:6E:E4:4E:FF:9C:1B:D2:6D:1A:7F:05:FE:ED:CE:9C:FD:C2:D1:47
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/7W7kTv-cG9JtGn8F_u3OnP3C0Uc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3d:3f:70:1a:15:e2:21:28:2b:19:d3:7a:a9:13:f8:fc:8b:d0:
60:b1:79:d5:81:f0:61:49:dd:a3:9b:ea:0b:7d:65:aa:8b:f3:
79:a1:c3:eb:26:50:21:4d:3b:58:c6:59:00:a0:72:4c:27:7b:
3e:73:a1:3c:e6:99:08:ac:ed:74:66:ff:7d:50:e1:8b:27:d6:
65:cd:70:ff:69:98:20:ed:f2:59:97:ca:e2:24:60:25:48:6f:
5b:bf:7f:f8:10:6e:17:67:8c:e7:4b:d8:79:88:79:89:27:14:
98:5d:03:66:e8:7c:b0:66:f8:8c:96:41:30:62:af:ec:bd:c0:
74:14:9c:28:21:45:9b:16:16:cd:fb:86:09:42:1f:1f:b9:29:
ec:f5:67:72:48:6b:29:a3:dc:e8:f0:3c:8d:dd:38:d2:6d:cf:
d8:27:17:f4:da:9e:8a:c6:29:32:e5:6b:13:7a:f9:44:c2:94:
5c:d0:d1:57:a1:85:af:58:61:fb:f5:4e:f7:f4:69:1e:9b:5f:
05:90:4d:9c:65:cb:9d:16:e6:02:08:47:0c:1e:b3:42:4a:ee:
b9:6b:f3:dd:02:39:2f:44:a0:cc:00:13:58:80:4f:cf:0b:28:
4e:0e:4c:c5:a1:81:d7:d0:c7:9e:de:cb:84:12:55:30:61:d7:
57:17:7e:84
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYx0sZy7+cqsMeRETUw/1gxgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE2MjIxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDZlZTQ0ZWZmOWMxYmQyNmQxYTdmMDVmZWVkY2U5Y2ZkYzJkMTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiChee/l5UlRHrcVPwAg9knpxH0dL
sUZDKY48sFMkv0nHgc4+PT6Mq0x4J7+9Qu35XCVeXnxkrQFgdgig32BYYTbsSZjH
gzJj3MjBEz5P79U/KFIF8foImHASuHg0a6Ztcdy2vEzeYwE7Gr8Eq5O9zgMZEGiz
L/oAO5CJmrIxoLKbtrTYhPdDW4Ec+vCvJ97k9rGyf4GBhWAEcAH4xkbu9FdezhB6
bAHZL8H1CjkwJ0iJ+94oVAA8EuCORKqSaRACVGU3vdkCI5Yyir98XQKSi33GJiE5
vUcbqCXi7f3harM0kNjzJzU2C5ErFSQoempGe64rS8anRXJgFMG9HX02YQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO1u5E7/nBvSbRp/Bf7tzpz9wtFHMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvN1c3a1R2LWNHOUp0R244Rl91M09uUDNDMFVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD0/cBoV4iEoKxnTeqkT
+PyL0GCxedWB8GFJ3aOb6gt9ZaqL83mhw+smUCFNO1jGWQCgckwnez5zoTzmmQis
7XRm/31Q4Ysn1mXNcP9pmCDt8lmXyuIkYCVIb1u/f/gQbhdnjOdL2HmIeYknFJhd
A2bofLBm+IyWQTBir+y9wHQUnCghRZsWFs37hglCHx+5Kez1Z3JIaymj3OjwPI3d
ONJtz9gnF/TanorGKTLlaxN6+UTClFzQ0Vehha9YYfv1Tvf0aR6bXwWQTZxly50W
5gIIRwwes0JK7rlr890COS9EoMwAE1iAT88LKE4OTMWhgdfQx57ey4QSVTBh11cX
foQ=
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:06:37 2025 by rpki-client