Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Axs82f6E6Fii6vuNOjJbO_kRoI0.roa
File: Axs82f6E6Fii6vuNOjJbO_kRoI0.roa (raw, json)
Hash identifier: NhDPj4hHuzx3qy39Xld2PAF/ZKjtpFy+Sk6864K2tmM=
Subject key identifier: 03:1B:3C:D9:FE:84:E8:58:A2:EA:FB:8D:3A:32:5B:3B:F9:11:A0:8D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B732F36A087777CF02BD55C94563731D6
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Axs82f6E6Fii6vuNOjJbO_kRoI0.roa
Signing time: Fri 27 Oct 2023 22:09:15 +0000
ROA not before: Fri 27 Oct 2023 22:09:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:73:2f:36:a0:87:77:7c:f0:2b:d5:5c:94:56:37:31:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 27 22:09:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=031b3cd9fe84e858a2eafb8d3a325b3bf911a08d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:3a:bf:b3:73:fa:8b:71:55:3e:e9:82:91:1e:
1d:31:da:b1:4f:3e:27:29:43:35:cf:33:2c:ab:96:
0e:e1:4a:7c:1c:1c:b1:cd:4b:67:fd:d6:6a:d0:72:
db:9d:fd:6e:52:59:9d:ac:93:41:67:e7:85:b8:30:
fc:71:08:7c:db:8d:16:da:85:8c:d6:e7:8c:e9:ad:
b1:c7:bf:0e:54:1a:92:62:4d:86:9b:36:60:c6:69:
30:b1:65:e7:68:e9:92:da:ef:59:24:f3:f1:25:26:
6e:3d:08:10:3c:92:78:30:95:97:86:64:32:92:39:
cf:e0:f5:9c:b2:3f:86:09:1b:e4:23:da:15:45:3f:
c2:e3:5d:41:84:01:4e:57:87:c8:52:41:25:03:82:
0a:d8:d4:a4:cf:da:be:80:ed:ac:7c:09:00:e4:55:
08:58:69:52:de:78:e2:76:dd:19:4c:98:81:d7:a9:
ce:e4:bc:32:98:15:19:18:2b:f3:7a:ee:3d:e5:fe:
2b:9e:ba:1e:cc:4a:68:40:f8:16:1c:aa:be:fd:83:
78:32:a5:d7:d6:fd:75:a3:75:4c:7d:70:55:d5:4c:
aa:80:8b:f0:86:9a:2d:29:39:dc:49:cd:82:7a:f3:
f2:3f:86:30:fe:c9:ce:a2:73:26:b7:08:df:ac:fa:
4b:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:1B:3C:D9:FE:84:E8:58:A2:EA:FB:8D:3A:32:5B:3B:F9:11:A0:8D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Axs82f6E6Fii6vuNOjJbO_kRoI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b3:fc:55:e2:f5:25:3e:8f:58:b3:54:74:2e:e0:f6:1b:b8:89:
e7:96:6a:f4:c6:80:2e:16:f7:c7:1f:10:7e:64:43:56:4a:d8:
00:40:3e:50:3e:94:bb:ba:69:26:68:e9:7e:0e:de:37:38:ca:
22:33:bd:5c:38:0c:c2:7d:3b:e2:c0:b9:d1:23:ad:78:73:46:
83:fc:7a:be:2a:89:e5:a5:ac:42:3a:d0:7a:9d:b6:e8:08:13:
be:4b:f4:1f:94:56:e6:62:69:80:f9:f9:86:31:d6:5b:f4:db:
20:1c:04:a3:b8:7f:20:03:d3:60:63:fa:6d:15:d5:63:3a:c3:
bf:ce:5f:54:5f:25:8d:3b:34:89:8b:b5:e1:5b:46:ee:2a:c3:
ed:7a:21:0d:07:00:fa:f7:00:6a:7c:2b:fe:f0:cd:47:37:e1:
c6:6e:4e:86:d0:99:dd:69:68:56:82:91:b3:7b:7d:15:12:b1:
0a:15:6d:d1:28:20:b9:37:00:ac:0e:de:d8:81:d6:75:f6:0a:
a1:89:ff:94:79:5a:57:a8:4f:09:39:6f:f2:af:71:9a:5e:c2:
df:68:7e:50:6b:11:b9:af:b1:55:59:4e:5b:94:4a:0f:a7:db:
7d:1d:01:8f:54:4b:5a:45:d6:54:15:d5:82:8d:0a:5a:2c:aa:
8e:6f:a7:b3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtzLzagh3d88CvVXJRWNzHWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI3MjIwOTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzFiM2NkOWZlODRlODU4YTJlYWZiOGQzYTMyNWIzYmY5MTFhMDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijq/s3P6i3FVPumCkR4dMdqxTz4n
KUM1zzMsq5YO4Up8HByxzUtn/dZq0HLbnf1uUlmdrJNBZ+eFuDD8cQh8240W2oWM
1ueM6a2xx78OVBqSYk2GmzZgxmkwsWXnaOmS2u9ZJPPxJSZuPQgQPJJ4MJWXhmQy
kjnP4PWcsj+GCRvkI9oVRT/C411BhAFOV4fIUkElA4IK2NSkz9q+gO2sfAkA5FUI
WGlS3njidt0ZTJiB16nO5LwymBUZGCvzeu495f4rnroezEpoQPgWHKq+/YN4MqXX
1v11o3VMfXBV1UyqgIvwhpotKTncSc2CevPyP4Yw/snOonMmtwjfrPpLiQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAMbPNn+hOhYour7jToyWzv5EaCNMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQXhzODJmNkU2RmlpNnZ1Tk9qSmJPX2tSb0kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALP8VeL1JT6PWLNUdC7g
9hu4ieeWavTGgC4W98cfEH5kQ1ZK2ABAPlA+lLu6aSZo6X4O3jc4yiIzvVw4DMJ9
O+LAudEjrXhzRoP8er4qieWlrEI60HqdtugIE75L9B+UVuZiaYD5+YYx1lv02yAc
BKO4fyAD02Bj+m0V1WM6w7/OX1RfJY07NImLteFbRu4qw+16IQ0HAPr3AGp8K/7w
zUc34cZuTobQmd1paFaCkbN7fRUSsQoVbdEoILk3AKwO3tiB1nX2CqGJ/5R5Wleo
Twk5b/KvcZpewt9oflBrEbmvsVVZTluUSg+n230dAY9US1pF1lQV1YKNClosqo5v
p7M=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:21:39 2025 by rpki-client