Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/CS8cGg815s0rUWz_aO6LWeT8Jog.roa
File: CS8cGg815s0rUWz_aO6LWeT8Jog.roa (raw, json)
Hash identifier: Uv5hKc8G469cbGCFJGGRzhnTIaLMnE0rGH+obK8LQf4=
Subject key identifier: 09:2F:1C:1A:0F:35:E6:CD:2B:51:6C:FF:68:EE:8B:59:E4:FC:26:88
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AF5E77E9547A33B903B8B0B9DADF10A5E
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/CS8cGg815s0rUWz_aO6LWeT8Jog.roa
Signing time: Tue 03 Oct 2023 14:18:23 +0000
ROA not before: Tue 03 Oct 2023 14:18:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f5:e7:7e:95:47:a3:3b:90:3b:8b:0b:9d:ad:f1:0a:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 3 14:18:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=092f1c1a0f35e6cd2b516cff68ee8b59e4fc2688
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:68:d6:84:df:fb:db:f9:c5:00:82:98:35:ec:
ca:97:04:49:a7:92:cd:ec:82:7f:c2:0b:68:51:c7:
2c:f8:0f:13:79:7e:c5:47:23:ea:01:94:d2:5e:cb:
b5:79:48:33:91:e1:a8:c6:92:22:9d:ec:ef:41:d0:
3d:1c:99:7f:f9:df:1b:77:6f:3a:52:04:75:01:49:
d8:a2:be:88:4b:67:69:31:58:b4:aa:c8:33:fd:02:
8f:1b:a5:00:c2:1e:46:12:c3:6c:56:d8:a4:41:5a:
f7:e2:b2:42:27:81:c1:e9:54:8a:50:26:2a:94:cc:
bb:5b:51:a3:9c:ab:a6:8e:96:72:cf:ac:51:4b:76:
f1:b3:16:76:f8:98:86:59:06:d5:68:65:b9:f9:83:
3d:0d:33:53:9b:c0:c0:74:62:0e:cf:02:66:ab:88:
48:63:f4:1c:14:6a:2a:fa:60:b4:6b:4d:2b:19:7a:
a1:b5:15:32:05:b4:2e:35:a7:f3:49:e6:a2:ae:b4:
55:5f:cf:07:38:7c:ac:d8:b7:27:20:e2:36:fc:1c:
3b:e0:87:d1:c8:dc:0a:b1:d3:fc:39:1b:f4:11:bd:
f9:6f:b8:d5:36:99:98:61:83:ea:84:86:d4:74:46:
fe:ff:fe:fc:5d:dc:4c:dc:79:3e:d9:87:59:d6:87:
58:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:2F:1C:1A:0F:35:E6:CD:2B:51:6C:FF:68:EE:8B:59:E4:FC:26:88
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/CS8cGg815s0rUWz_aO6LWeT8Jog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
50:ae:68:53:e3:4b:ce:1a:1d:7d:90:6f:c1:fa:ca:da:38:6b:
47:89:63:29:d2:61:3f:35:95:9e:f8:58:27:fe:83:5e:3c:1c:
2b:c2:d6:47:9d:37:ad:c9:8d:55:c3:37:29:29:4f:28:cd:6d:
ae:7a:5e:bb:48:da:42:0c:d1:8f:5c:84:6b:11:e0:e8:c4:93:
d5:2b:f7:70:db:1f:20:11:9f:33:3a:4e:90:b0:77:52:6a:57:
6a:b9:27:26:84:82:87:78:20:4e:5a:1c:40:50:f5:d2:57:a1:
bf:d6:83:e2:86:70:c2:84:70:82:29:2e:db:8b:5c:ba:42:76:
3b:a4:f5:13:4f:bb:6f:34:f1:f8:5d:8b:4f:1a:e2:15:36:42:
e7:6f:78:ec:01:20:32:e6:8e:b4:a2:20:e4:9e:72:89:d9:a0:
82:78:27:59:40:e2:23:ff:7a:21:ef:f9:1c:4a:d8:3b:e4:fd:
d4:9f:1d:a2:09:b1:3b:3d:34:8f:36:fd:a5:d3:1c:c8:00:2e:
50:48:07:48:3e:c0:68:73:b2:c2:18:13:7b:bc:ea:d2:1d:4d:
d5:ea:7e:a9:14:d6:86:93:37:12:9e:75:b2:c0:70:f4:72:e9:
76:8f:41:05:b3:34:d0:c7:86:10:6b:97:fb:4f:be:1a:41:a2:
cd:18:0b:15
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYr1536VR6M7kDuLC52t8QpeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDAzMTQxODIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTJmMWMxYTBmMzVlNmNkMmI1MTZjZmY2OGVlOGI1OWU0ZmMyNjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGjWhN/72/nFAIKYNezKlwRJp5LN
7IJ/wgtoUccs+A8TeX7FRyPqAZTSXsu1eUgzkeGoxpIinezvQdA9HJl/+d8bd286
UgR1AUnYor6IS2dpMVi0qsgz/QKPG6UAwh5GEsNsVtikQVr34rJCJ4HB6VSKUCYq
lMy7W1GjnKumjpZyz6xRS3bxsxZ2+JiGWQbVaGW5+YM9DTNTm8DAdGIOzwJmq4hI
Y/QcFGoq+mC0a00rGXqhtRUyBbQuNafzSeairrRVX88HOHys2LcnIOI2/Bw74IfR
yNwKsdP8ORv0Eb35b7jVNpmYYYPqhIbUdEb+//78XdxM3Hk+2YdZ1odY1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAkvHBoPNebNK1Fs/2jui1nk/CaIMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQ1M4Y0dnODE1czByVVd6X2FPNkxXZVQ4Sm9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFCuaFPjS84aHX2Qb8H6
yto4a0eJYynSYT81lZ74WCf+g148HCvC1kedN63JjVXDNykpTyjNba56XrtI2kIM
0Y9chGsR4OjEk9Ur93DbHyARnzM6TpCwd1JqV2q5JyaEgod4IE5aHEBQ9dJXob/W
g+KGcMKEcIIpLtuLXLpCdjuk9RNPu2808fhdi08a4hU2QudveOwBIDLmjrSiIOSe
conZoIJ4J1lA4iP/eiHv+RxK2Dvk/dSfHaIJsTs9NI82/aXTHMgALlBIB0g+wGhz
ssIYE3u86tIdTdXqfqkU1oaTNxKedbLAcPRy6XaPQQWzNNDHhhBrl/tPvhpBos0Y
CxU=
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:27:11 2025 by rpki-client