Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/AX2d6kMX_NHwaokM2Rot3Ml9k1g.roa
File: AX2d6kMX_NHwaokM2Rot3Ml9k1g.roa (raw, json)
Hash identifier: 0nf31xtWVZI2aEHpWrhY5EMkgFjhjpbIPECFgK8WaaU=
Subject key identifier: 01:7D:9D:EA:43:17:FC:D1:F0:6A:89:0C:D9:1A:2D:DC:C9:7D:93:58
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B67D729A71E2CBFE0021B931193006A9B
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/AX2d6kMX_NHwaokM2Rot3Ml9k1g.roa
Signing time: Wed 25 Oct 2023 17:17:15 +0000
ROA not before: Wed 25 Oct 2023 17:17:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:67:d7:29:a7:1e:2c:bf:e0:02:1b:93:11:93:00:6a:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 25 17:17:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=017d9dea4317fcd1f06a890cd91a2ddcc97d9358
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:22:43:c7:20:6f:25:8c:83:7e:8c:ea:c4:de:
dc:e8:43:d9:f7:4f:0c:db:d4:85:8c:b3:42:36:32:
d8:bd:d3:e9:8b:ad:35:9d:e2:70:73:6b:45:07:d2:
66:c0:df:81:b7:4f:c5:b6:53:b4:bb:89:6d:38:75:
0b:39:f3:81:08:79:e0:09:5e:23:9c:b6:51:9b:16:
b4:91:5e:53:a4:a4:d2:6c:58:e0:75:20:8a:56:ad:
06:97:9b:01:24:5c:a0:a8:4f:77:05:af:41:c4:18:
b6:6a:fa:3f:b9:a8:1e:c1:9d:cf:05:5e:2e:8f:21:
0d:61:13:68:f6:15:32:56:d1:6c:3c:cd:11:ef:1b:
7a:19:54:92:e2:a6:c9:f5:2c:6d:7f:ab:e3:6f:64:
16:50:84:e8:dd:e5:14:50:38:79:21:c1:3a:48:1f:
0f:6b:80:69:61:5c:1f:38:74:d6:6b:f3:ca:3c:a9:
cb:72:61:ae:5b:00:d1:6f:b4:5e:a8:6f:59:7e:5c:
d5:e6:e1:00:a6:2b:ea:07:ed:d5:87:99:8c:5d:8e:
eb:d5:38:a5:a1:b7:c8:18:05:6e:8f:95:f6:b4:7d:
24:6b:58:e5:b9:37:9f:55:3d:62:37:a6:6a:5a:3e:
2c:32:a1:6e:76:53:cc:4d:b0:15:0b:2f:70:20:f8:
ca:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:7D:9D:EA:43:17:FC:D1:F0:6A:89:0C:D9:1A:2D:DC:C9:7D:93:58
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/AX2d6kMX_NHwaokM2Rot3Ml9k1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
84:a4:31:f4:23:bf:04:12:0a:e1:69:53:27:b0:73:f4:44:4d:
b9:6a:60:3f:93:79:26:03:4b:7f:99:28:aa:a0:ac:d4:2f:f7:
32:13:a0:27:2a:b2:d8:9c:7b:86:bf:a8:f5:ba:c9:ad:51:be:
2f:e6:f8:b9:36:27:ac:2b:ae:2d:b6:da:4a:ed:c2:f1:e6:11:
53:16:74:52:a7:e3:a8:ba:2c:71:5a:f0:1b:97:50:9e:cc:f5:
5d:8f:32:0f:02:96:65:d8:78:5a:a4:b4:3a:b1:4b:86:87:7c:
56:0e:cb:11:69:fa:ee:e9:de:28:20:cb:14:52:f1:bd:8c:e1:
92:39:2c:ee:a2:a8:b6:b0:9c:ce:ea:ba:cf:bc:d3:65:ed:cd:
4f:28:24:d6:88:01:a7:d9:16:5c:22:79:70:a0:0a:bf:cb:85:
66:2f:e1:b7:23:26:37:5c:92:c9:90:89:39:ad:89:d2:a6:ad:
8d:c8:ed:58:58:39:86:f5:00:44:93:e9:54:44:3e:79:e1:8f:
bc:b0:b7:dc:5a:07:7a:14:cf:5e:90:35:c2:36:35:5a:e7:ed:
9d:40:76:fc:4e:01:55:36:f3:26:aa:d8:bd:83:a4:4d:9b:aa:
85:5a:6d:42:de:56:3e:20:0a:91:7b:ab:8a:b4:12:c8:04:48:
b8:2f:75:a1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtn1ymnHiy/4AIbkxGTAGqbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI1MTcxNzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTdkOWRlYTQzMTdmY2QxZjA2YTg5MGNkOTFhMmRkY2M5N2Q5MzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCJDxyBvJYyDfozqxN7c6EPZ908M
29SFjLNCNjLYvdPpi601neJwc2tFB9JmwN+Bt0/FtlO0u4ltOHULOfOBCHngCV4j
nLZRmxa0kV5TpKTSbFjgdSCKVq0Gl5sBJFygqE93Ba9BxBi2avo/uagewZ3PBV4u
jyENYRNo9hUyVtFsPM0R7xt6GVSS4qbJ9Sxtf6vjb2QWUITo3eUUUDh5IcE6SB8P
a4BpYVwfOHTWa/PKPKnLcmGuWwDRb7ReqG9ZflzV5uEApivqB+3Vh5mMXY7r1Til
obfIGAVuj5X2tH0ka1jluTefVT1iN6ZqWj4sMqFudlPMTbAVCy9wIPjKjQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAF9nepDF/zR8GqJDNkaLdzJfZNYMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQVgyZDZrTVhfTkh3YW9rTTJSb3QzTWw5azFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAISkMfQjvwQSCuFpUyew
c/RETblqYD+TeSYDS3+ZKKqgrNQv9zIToCcqstice4a/qPW6ya1Rvi/m+Lk2J6wr
ri222krtwvHmEVMWdFKn46i6LHFa8BuXUJ7M9V2PMg8ClmXYeFqktDqxS4aHfFYO
yxFp+u7p3iggyxRS8b2M4ZI5LO6iqLawnM7qus+802XtzU8oJNaIAafZFlwieXCg
Cr/LhWYv4bcjJjdcksmQiTmtidKmrY3I7VhYOYb1AEST6VREPnnhj7ywt9xaB3oU
z16QNcI2NVrn7Z1AdvxOAVU28yaq2L2DpE2bqoVabULeVj4gCpF7q4q0EsgESLgv
daE=
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:39:58 2025 by rpki-client