Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/CGeWXUt4R5I2SrJ8y_8BFRRSWa0.roa
File: CGeWXUt4R5I2SrJ8y_8BFRRSWa0.roa (raw, json)
Hash identifier: uvZ8hAqAT9e2CO0Pm4cxGA9lzkfmw9CiyZUqzsWjXig=
Subject key identifier: 08:67:96:5D:4B:78:47:92:36:4A:B2:7C:CB:FF:01:15:14:52:59:AD
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C27A963371F8DA218B7EE4585F02DA1FE
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/CGeWXUt4R5I2SrJ8y_8BFRRSWa0.roa
Signing time: Fri 01 Dec 2023 23:14:21 +0000
ROA not before: Fri 01 Dec 2023 23:14:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:27:a9:63:37:1f:8d:a2:18:b7:ee:45:85:f0:2d:a1:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 1 23:14:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0867965d4b784792364ab27ccbff0115145259ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:9f:fe:3a:5d:b3:a5:6e:e7:97:d5:17:09:72:
18:20:3b:74:b5:f9:24:dc:58:f1:6b:6e:27:1d:a8:
f0:59:b4:80:30:e5:67:83:08:22:37:4d:2c:d9:0e:
78:65:5d:4b:41:4a:fa:7e:a9:16:7d:d5:b6:df:1a:
b2:69:03:3e:30:51:37:04:b1:4b:7a:34:3c:6a:85:
09:4a:52:d3:4b:cb:29:91:12:21:50:ea:f0:91:7f:
7c:38:c2:04:5b:df:74:f2:3f:e4:c7:e8:e2:36:7f:
47:1d:0d:c8:dd:85:ba:79:47:49:90:bd:ef:1d:f4:
09:2d:a1:f4:98:23:d0:d4:4c:2d:94:f7:b6:44:c9:
fd:fb:50:c2:72:55:ad:34:21:30:1d:82:bf:62:06:
6f:ab:c2:1f:e4:41:8a:21:ca:53:a3:ec:19:96:3a:
24:06:be:ce:85:64:1e:7b:cb:68:43:6e:18:4f:f4:
42:ef:3a:fd:13:fe:d7:48:a6:12:90:e2:09:59:50:
d4:a1:d0:0d:51:03:e4:45:e3:26:d1:bf:01:35:84:
b8:31:38:0d:7d:52:8c:98:79:47:51:bb:7d:ef:dd:
74:e3:c3:8a:d1:ca:6a:c2:e9:ac:72:90:25:29:d5:
4b:d6:e9:2a:cc:3c:aa:3a:cc:e6:d6:2a:43:81:9c:
6e:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:67:96:5D:4B:78:47:92:36:4A:B2:7C:CB:FF:01:15:14:52:59:AD
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/CGeWXUt4R5I2SrJ8y_8BFRRSWa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0d:e9:ea:06:2f:a6:e2:71:cf:74:47:8e:d3:07:a8:3b:02:f4:
39:d8:59:4f:e1:04:69:43:f4:b8:08:7d:60:eb:3b:ea:a6:b3:
1e:be:95:f6:99:78:cc:f0:34:15:f2:06:88:14:8c:a0:52:14:
f9:c5:43:5f:71:09:6c:5e:51:dc:48:dd:3e:dd:a8:ee:e5:98:
da:aa:a1:21:5d:96:36:8e:42:bb:48:82:f7:14:ff:78:75:a3:
7b:78:da:57:9b:95:a4:c0:4c:f2:d5:aa:6c:9d:d9:3f:36:ba:
d6:d4:39:85:4f:37:c0:1f:d7:12:0d:c9:9a:65:2e:83:98:e5:
ec:ad:76:76:6a:14:a4:42:a5:5a:92:60:26:90:9e:dd:df:83:
ed:6c:42:25:82:20:1c:36:ee:bb:6b:4c:e6:f9:d1:d0:0d:8d:
7d:3b:34:a0:4b:b8:2a:d2:19:d8:48:27:b6:63:da:d5:7c:25:
34:a0:8c:87:55:7b:b3:45:f1:5e:76:3e:8d:96:40:ef:4f:57:
ba:e8:27:83:c5:a0:66:5d:25:02:06:f9:89:15:2b:63:3e:27:
0d:6d:a9:37:8a:bf:94:04:03:26:f3:b0:2a:ae:04:86:2d:07:
30:ba:15:18:07:c4:8a:7f:79:0c:9c:0d:96:66:b3:9e:ef:08:
81:96:c8:cd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwnqWM3H42iGLfuRYXwLaH+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjAxMjMxNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODY3OTY1ZDRiNzg0NzkyMzY0YWIyN2NjYmZmMDExNTE0NTI1OWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJ/+Ol2zpW7nl9UXCXIYIDt0tfkk
3Fjxa24nHajwWbSAMOVngwgiN00s2Q54ZV1LQUr6fqkWfdW23xqyaQM+MFE3BLFL
ejQ8aoUJSlLTS8spkRIhUOrwkX98OMIEW9908j/kx+jiNn9HHQ3I3YW6eUdJkL3v
HfQJLaH0mCPQ1EwtlPe2RMn9+1DCclWtNCEwHYK/YgZvq8If5EGKIcpTo+wZljok
Br7OhWQee8toQ24YT/RC7zr9E/7XSKYSkOIJWVDUodANUQPkReMm0b8BNYS4MTgN
fVKMmHlHUbt9791048OK0cpqwumscpAlKdVL1ukqzDyqOszm1ipDgZxuKQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAhnll1LeEeSNkqyfMv/ARUUUlmtMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQ0dlV1hVdDRSNUkyU3JKOHlfOEJGUlJTV2EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA3p6gYvpuJxz3RHjtMH
qDsC9DnYWU/hBGlD9LgIfWDrO+qmsx6+lfaZeMzwNBXyBogUjKBSFPnFQ19xCWxe
UdxI3T7dqO7lmNqqoSFdljaOQrtIgvcU/3h1o3t42leblaTATPLVqmyd2T82utbU
OYVPN8Af1xINyZplLoOY5eytdnZqFKRCpVqSYCaQnt3fg+1sQiWCIBw27rtrTOb5
0dANjX07NKBLuCrSGdhIJ7Zj2tV8JTSgjIdVe7NF8V52Po2WQO9PV7roJ4PFoGZd
JQIG+YkVK2M+Jw1tqTeKv5QEAybzsCquBIYtBzC6FRgHxIp/eQycDZZms57vCIGW
yM0=
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:59:39 2025 by rpki-client