Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/8C2XWNXQxys2wEMGAkXJasEgawA.roa
File: 8C2XWNXQxys2wEMGAkXJasEgawA.roa (raw, json)
Hash identifier: FV7HTJh1S8TEPLElzbv5+6lrixsSI8LAObSEk6VGFeA=
Subject key identifier: F0:2D:97:58:D5:D0:C7:2B:36:C0:43:06:02:45:C9:6A:C1:20:6B:00
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C4545790739074CD6AFAEC161A0CB7463
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/8C2XWNXQxys2wEMGAkXJasEgawA.roa
Signing time: Thu 07 Dec 2023 17:13:50 +0000
ROA not before: Thu 07 Dec 2023 17:13:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:45:45:79:07:39:07:4c:d6:af:ae:c1:61:a0:cb:74:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 7 17:13:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f02d9758d5d0c72b36c043060245c96ac1206b00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:50:35:a8:e4:36:25:82:a5:05:0f:91:66:3c:
7c:e2:1b:43:4c:a4:2c:aa:3d:ec:62:8a:99:20:18:
07:bc:45:ec:14:1f:f2:6b:7f:b0:fc:61:c4:0e:b4:
89:8c:af:24:04:8b:07:21:25:30:6e:43:62:da:3c:
f7:96:8a:e6:27:b4:90:37:7d:67:93:7b:62:7c:10:
fc:a4:d7:01:ff:b3:c9:30:7b:c7:f7:9a:d5:be:e2:
49:df:b4:f9:e3:ad:9c:42:9a:38:a7:59:44:cb:05:
65:fd:a6:85:42:cc:30:b5:ef:0e:82:52:4c:82:85:
d3:db:f0:eb:a9:fa:fc:a2:33:36:d7:bb:0e:1f:1e:
48:6b:dd:31:52:2c:7b:fd:4c:52:63:2c:90:02:6f:
ae:c3:37:b2:90:66:b7:aa:40:a2:10:ce:1e:e9:d7:
b0:25:6d:3f:59:64:fb:7f:01:a3:58:30:43:97:e1:
c0:e8:c3:1e:27:df:4e:9a:0f:18:46:82:7e:41:57:
0f:a4:5d:92:82:83:89:32:ee:f5:46:9a:2e:4e:6d:
7b:c6:20:0e:65:17:94:6b:26:df:85:4a:55:dc:26:
82:51:b1:9e:69:28:54:43:a1:80:30:cd:a3:a4:35:
cf:3e:6a:83:5b:72:64:5a:ac:0a:3f:69:35:28:e9:
b3:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:2D:97:58:D5:D0:C7:2B:36:C0:43:06:02:45:C9:6A:C1:20:6B:00
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/8C2XWNXQxys2wEMGAkXJasEgawA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1c:5a:40:a2:8d:d6:c8:dc:02:d4:f9:78:5c:5e:bb:96:54:cb:
2e:70:fc:52:74:be:4b:cc:13:39:9c:16:e5:30:ce:69:21:34:
d9:3b:a2:a8:0b:86:fb:b3:5a:d2:04:c5:59:49:2c:05:46:18:
a4:3e:1c:6c:94:f3:3f:d0:84:54:14:b4:62:bd:b7:33:f0:79:
c8:88:6c:da:7e:01:9e:d4:5b:d9:93:4f:6b:2c:3f:2e:b7:d6:
b2:e5:7b:17:c4:98:28:b3:9c:4f:11:6a:af:b1:b7:6e:65:76:
df:bc:ac:bb:8b:cd:99:4e:33:94:65:1a:24:5b:f1:b3:a7:1e:
47:2c:d6:7e:76:d5:ef:01:9a:5e:3f:89:f1:27:ee:d2:fd:5f:
f3:50:86:4a:a3:12:59:32:c8:44:ce:18:de:da:21:4e:71:f1:
c2:99:82:44:99:78:01:e7:bc:7f:e8:dc:69:3c:3a:69:64:45:
28:db:a4:30:b3:f7:be:04:be:89:e7:eb:79:bc:d9:f7:59:0a:
eb:79:92:11:14:25:3c:47:61:98:20:4c:15:85:45:77:b4:78:
43:49:1c:e4:01:c0:15:1e:2e:92:5e:90:75:0e:e9:0e:70:9d:
d8:71:ad:51:8d:57:0c:4c:73:4e:df:78:e4:e5:74:ce:74:d4:
40:7c:aa:3f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxFRXkHOQdM1q+uwWGgy3RjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA3MTcxMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDJkOTc1OGQ1ZDBjNzJiMzZjMDQzMDYwMjQ1Yzk2YWMxMjA2YjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFA1qOQ2JYKlBQ+RZjx84htDTKQs
qj3sYoqZIBgHvEXsFB/ya3+w/GHEDrSJjK8kBIsHISUwbkNi2jz3lormJ7SQN31n
k3tifBD8pNcB/7PJMHvH95rVvuJJ37T5462cQpo4p1lEywVl/aaFQswwte8OglJM
goXT2/Drqfr8ojM217sOHx5Ia90xUix7/UxSYyyQAm+uwzeykGa3qkCiEM4e6dew
JW0/WWT7fwGjWDBDl+HA6MMeJ99Omg8YRoJ+QVcPpF2SgoOJMu71RpouTm17xiAO
ZReUaybfhUpV3CaCUbGeaShUQ6GAMM2jpDXPPmqDW3JkWqwKP2k1KOmzKwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPAtl1jV0McrNsBDBgJFyWrBIGsAMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvOEMyWFdOWFF4eXMyd0VNR0FrWEphc0VnYXdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABxaQKKN1sjcAtT5eFxe
u5ZUyy5w/FJ0vkvMEzmcFuUwzmkhNNk7oqgLhvuzWtIExVlJLAVGGKQ+HGyU8z/Q
hFQUtGK9tzPweciIbNp+AZ7UW9mTT2ssPy631rLlexfEmCiznE8Raq+xt25ldt+8
rLuLzZlOM5RlGiRb8bOnHkcs1n521e8Bml4/ifEn7tL9X/NQhkqjElkyyETOGN7a
IU5x8cKZgkSZeAHnvH/o3Gk8OmlkRSjbpDCz974Evonn63m82fdZCut5khEUJTxH
YZggTBWFRXe0eENJHOQBwBUeLpJekHUO6Q5wndhxrVGNVwxMc07feOTldM501EB8
qj8=
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:07:41 2025 by rpki-client