Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/CVYXdk68F1XdcZi0TDPlvoBZ5HQ.roa
File: CVYXdk68F1XdcZi0TDPlvoBZ5HQ.roa (raw, json)
Hash identifier: lT6MxL2cX9Sb52AOCsFgddg84TPyipTqwLj1KbGeI1E=
Subject key identifier: 09:56:17:76:4E:BC:17:55:DD:71:98:B4:4C:33:E5:BE:80:59:E4:74
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B126B4CE80004E87A56540547DB2F3834
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/CVYXdk68F1XdcZi0TDPlvoBZ5HQ.roa
Signing time: Mon 09 Oct 2023 03:11:43 +0000
ROA not before: Mon 09 Oct 2023 03:11:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:12:6b:4c:e8:00:04:e8:7a:56:54:05:47:db:2f:38:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 9 03:11:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=095617764ebc1755dd7198b44c33e5be8059e474
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:cb:c1:82:89:9a:3b:58:3d:6d:cf:6a:9d:ef:
5d:e2:b3:9a:98:c5:32:6b:fd:53:25:37:76:e4:c9:
3a:a9:04:b5:ba:3f:e9:ee:65:eb:b7:1e:e7:15:40:
1b:f9:cf:f4:61:91:b2:01:02:27:bd:93:fa:db:a0:
5f:8f:c2:b4:fa:9d:cb:5f:c9:53:ab:a5:4d:34:d8:
fd:ac:88:d5:83:46:68:0a:87:7a:50:af:cd:d0:73:
9a:1e:6e:65:b9:94:e3:31:33:48:b7:7a:98:0a:e6:
77:1f:7f:4c:05:7d:27:91:9d:ce:10:33:d3:44:61:
c9:8c:04:4c:d7:72:6d:ba:b0:dd:9a:0e:c6:bb:38:
39:91:84:ac:20:1a:8a:d9:f4:00:2e:39:7e:f6:e1:
51:ec:2a:df:f5:23:ac:f5:2d:69:b9:0e:76:12:a0:
e8:5c:92:1b:03:0b:31:11:c5:ec:f0:a2:68:c6:7a:
e8:25:6c:74:a1:6c:d6:a5:b5:9d:99:ae:c0:89:a9:
5b:04:27:f0:e4:e6:7e:c3:ff:1a:69:76:04:93:75:
59:10:7b:fd:94:04:57:57:d7:36:8a:f7:29:d1:9d:
b2:f0:30:b9:97:f4:26:46:f2:ce:59:39:3b:be:df:
af:73:cb:f9:e6:3a:93:1c:15:7b:ff:d3:01:f9:f2:
76:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:56:17:76:4E:BC:17:55:DD:71:98:B4:4C:33:E5:BE:80:59:E4:74
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/CVYXdk68F1XdcZi0TDPlvoBZ5HQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2f:48:ae:72:f9:ba:7f:c5:b2:a6:e6:05:35:c2:67:04:c7:39:
e3:9c:5c:df:10:c4:d1:9d:7d:46:c6:04:45:96:bb:ba:6c:9a:
3c:54:c9:21:e9:81:ed:ae:8b:b2:05:d6:e1:87:d0:e5:b2:c0:
24:97:cc:46:c9:25:12:f9:39:74:43:ca:f7:24:c3:cf:45:8d:
46:33:a8:13:6e:7e:6a:94:35:23:49:55:13:dc:1d:5c:ca:e3:
ae:c4:f4:ae:83:64:7b:18:78:f1:81:06:c4:4e:2e:32:17:67:
65:19:19:ef:11:9b:ba:75:01:52:e8:c6:d0:00:a4:92:6a:94:
77:dc:d6:15:00:6d:c3:b3:1b:7d:d8:f7:13:7e:80:2c:3d:e6:
60:b6:71:73:4a:2c:95:e7:b7:ac:7c:9e:20:34:5f:ba:19:d4:
af:1c:bc:5f:9b:ba:60:c8:58:80:0f:20:bb:15:78:ae:54:12:
ee:92:ed:47:b0:1f:fa:a6:cd:69:0c:19:a8:76:7f:ce:9e:fb:
8f:ce:b9:7c:2f:4d:ce:54:8a:3f:a8:c9:f3:f2:90:4e:11:7b:
4c:70:f4:2c:c1:31:19:92:0a:6a:7c:71:57:7b:d4:e8:8a:b9:
5b:1c:b7:4c:cd:b4:a6:f1:4b:be:45:60:cf:8c:49:87:ab:f4:
70:89:ee:d0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsSa0zoAAToelZUBUfbLzg0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA5MDMxMTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTU2MTc3NjRlYmMxNzU1ZGQ3MTk4YjQ0YzMzZTViZTgwNTllNDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8vBgomaO1g9bc9qne9d4rOamMUy
a/1TJTd25Mk6qQS1uj/p7mXrtx7nFUAb+c/0YZGyAQInvZP626Bfj8K0+p3LX8lT
q6VNNNj9rIjVg0ZoCod6UK/N0HOaHm5luZTjMTNIt3qYCuZ3H39MBX0nkZ3OEDPT
RGHJjARM13JturDdmg7Guzg5kYSsIBqK2fQALjl+9uFR7Crf9SOs9S1puQ52EqDo
XJIbAwsxEcXs8KJoxnroJWx0oWzWpbWdma7AialbBCfw5OZ+w/8aaXYEk3VZEHv9
lARXV9c2ivcp0Z2y8DC5l/QmRvLOWTk7vt+vc8v55jqTHBV7/9MB+fJ2XQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAlWF3ZOvBdV3XGYtEwz5b6AWeR0MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQ1ZZWGRrNjhGMVhkY1ppMFREUGx2b0JaNUhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC9IrnL5un/FsqbmBTXC
ZwTHOeOcXN8QxNGdfUbGBEWWu7psmjxUySHpge2ui7IF1uGH0OWywCSXzEbJJRL5
OXRDyvckw89FjUYzqBNufmqUNSNJVRPcHVzK467E9K6DZHsYePGBBsROLjIXZ2UZ
Ge8Rm7p1AVLoxtAApJJqlHfc1hUAbcOzG33Y9xN+gCw95mC2cXNKLJXnt6x8niA0
X7oZ1K8cvF+bumDIWIAPILsVeK5UEu6S7UewH/qmzWkMGah2f86e+4/OuXwvTc5U
ij+oyfPykE4Re0xw9CzBMRmSCmp8cVd71OiKuVsct0zNtKbxS75FYM+MSYer9HCJ
7tA=
-----END CERTIFICATE-----
Generated at Wed Apr 23 06:46:25 2025 by rpki-client