Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/8ns1xZv_qFSvERZccL85xldNcg0.roa
File: 8ns1xZv_qFSvERZccL85xldNcg0.roa (raw, json)
Hash identifier: QxZWz1z8OfYS2ff4OXciEVLCt570e1uYVY8AuuAYVTs=
Subject key identifier: F2:7B:35:C5:9B:FF:A8:54:AF:11:16:5C:70:BF:39:C6:57:4D:72:0D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BC37132B9F18467C3D033CB290A31CBDD
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/8ns1xZv_qFSvERZccL85xldNcg0.roa
Signing time: Sun 12 Nov 2023 12:10:57 +0000
ROA not before: Sun 12 Nov 2023 12:10:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c3:71:32:b9:f1:84:67:c3:d0:33:cb:29:0a:31:cb:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 12 12:10:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f27b35c59bffa854af11165c70bf39c6574d720d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d9:b2:7e:e0:0c:3a:38:0c:08:6c:b3:39:76:
99:a7:70:ab:91:dd:c3:3d:c1:05:13:8d:00:b2:b3:
e8:df:ee:fd:54:27:bb:db:45:f7:14:5e:ba:a9:aa:
61:10:de:9c:a2:e3:b5:f5:49:6c:5a:b3:cf:63:d6:
46:59:c7:f8:f4:c3:ca:77:42:f0:f4:5f:24:ae:aa:
9c:5b:40:d0:3e:ff:62:31:7c:99:5c:25:da:3d:54:
67:48:42:b4:32:c4:12:3d:30:ba:f0:14:2c:5d:8b:
bc:5f:c3:c6:41:30:b5:71:bb:44:4e:8d:56:40:5c:
47:e3:42:8f:17:45:b3:f8:63:72:5f:4f:65:db:d2:
e7:26:6a:17:1c:5a:12:ea:44:1c:31:31:76:b6:11:
35:9b:13:0a:b7:36:06:7c:cb:94:d8:4f:2c:d7:a8:
c5:56:8e:cf:e2:d5:2e:60:6e:49:0f:a4:e0:c4:a5:
59:e4:e0:4e:83:3f:be:56:60:e7:25:04:8d:e8:c9:
6c:fc:2f:0c:24:fd:f4:ae:d5:0d:21:6f:7d:27:f7:
08:f7:7e:e3:a2:8c:83:86:d8:db:54:ec:a5:6c:04:
cb:56:aa:95:69:3b:47:09:83:7a:68:db:53:24:9b:
82:6d:41:66:c3:f7:55:70:40:00:1e:5a:9e:5b:a7:
a8:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:7B:35:C5:9B:FF:A8:54:AF:11:16:5C:70:BF:39:C6:57:4D:72:0D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/8ns1xZv_qFSvERZccL85xldNcg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b8:5c:8f:09:52:1e:c1:86:80:6e:b6:3c:da:1c:99:c9:77:bc:
c2:f0:f6:02:a0:03:41:37:ea:ec:a4:37:b2:50:64:2f:73:49:
1e:4f:86:92:23:8d:ec:cc:79:57:5d:bc:94:22:27:d2:c4:b2:
38:b9:f0:65:05:dc:06:b4:6e:c1:49:df:d2:00:c7:5b:e6:46:
25:03:76:17:14:80:e3:9b:74:02:b0:31:39:35:73:40:4e:7d:
3d:02:13:73:3c:fd:79:d3:42:67:ff:61:c9:18:1f:ce:db:f0:
0d:f8:05:04:52:d4:ca:21:41:58:b6:ae:00:6f:90:4f:37:33:
30:86:e1:b8:98:6b:35:35:bd:19:0e:17:b8:1a:ee:91:65:15:
7c:9d:6d:e7:2f:d0:fc:d5:11:01:e8:68:bb:ed:ea:26:8a:5b:
81:74:d1:c1:f4:1e:42:f1:e6:72:82:44:3d:41:87:d5:f0:fe:
85:3a:5a:41:c1:98:e4:19:f4:49:e2:7c:3a:c9:0d:61:27:6c:
c5:71:1d:76:49:f2:7b:0e:b7:34:76:e2:e6:24:38:b9:15:36:
0c:34:e8:8b:19:84:6e:ff:40:14:b8:06:4d:da:fd:10:98:08:
a7:5d:e0:e1:c9:a1:23:96:90:73:7c:d6:14:ce:d0:f1:ff:fa:
13:4f:13:cd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvDcTK58YRnw9AzyykKMcvdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTEyMTIxMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjdiMzVjNTliZmZhODU0YWYxMTE2NWM3MGJmMzljNjU3NGQ3MjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtmyfuAMOjgMCGyzOXaZp3Crkd3D
PcEFE40AsrPo3+79VCe720X3FF66qaphEN6couO19UlsWrPPY9ZGWcf49MPKd0Lw
9F8krqqcW0DQPv9iMXyZXCXaPVRnSEK0MsQSPTC68BQsXYu8X8PGQTC1cbtETo1W
QFxH40KPF0Wz+GNyX09l29LnJmoXHFoS6kQcMTF2thE1mxMKtzYGfMuU2E8s16jF
Vo7P4tUuYG5JD6TgxKVZ5OBOgz++VmDnJQSN6Mls/C8MJP30rtUNIW99J/cI937j
ooyDhtjbVOylbATLVqqVaTtHCYN6aNtTJJuCbUFmw/dVcEAAHlqeW6eoiQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPJ7NcWb/6hUrxEWXHC/OcZXTXINMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvOG5zMXhadl9xRlN2RVJaY2NMODV4bGROY2cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALhcjwlSHsGGgG62PNoc
mcl3vMLw9gKgA0E36uykN7JQZC9zSR5PhpIjjezMeVddvJQiJ9LEsji58GUF3Aa0
bsFJ39IAx1vmRiUDdhcUgOObdAKwMTk1c0BOfT0CE3M8/XnTQmf/YckYH87b8A34
BQRS1MohQVi2rgBvkE83MzCG4biYazU1vRkOF7ga7pFlFXydbecv0PzVEQHoaLvt
6iaKW4F00cH0HkLx5nKCRD1Bh9Xw/oU6WkHBmOQZ9EnifDrJDWEnbMVxHXZJ8nsO
tzR24uYkOLkVNgw06IsZhG7/QBS4Bk3a/RCYCKdd4OHJoSOWkHN81hTO0PH/+hNP
E80=
-----END CERTIFICATE-----
Generated at Sat Apr 19 05:48:48 2025 by rpki-client