Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/CWHxDymFVk9yNXBnI0zMgZ-rj3o.roa
File: CWHxDymFVk9yNXBnI0zMgZ-rj3o.roa (raw, json)
Hash identifier: CFhY4w9ZEXAzA0VMEyNbqHAwyUmrnEuujXQ1cFCqaQ8=
Subject key identifier: 09:61:F1:0F:29:85:56:4F:72:35:70:67:23:4C:CC:81:9F:AB:8F:7A
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B1A25F05A2AB6143B8E3E670DD546F6CE
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/CWHxDymFVk9yNXBnI0zMgZ-rj3o.roa
Signing time: Tue 10 Oct 2023 15:12:55 +0000
ROA not before: Tue 10 Oct 2023 15:12:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1a:25:f0:5a:2a:b6:14:3b:8e:3e:67:0d:d5:46:f6:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 10 15:12:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0961f10f2985564f72357067234ccc819fab8f7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:e7:74:1d:88:60:22:54:52:6d:6e:1d:61:56:
13:ae:b7:71:bc:8c:32:19:0a:14:a3:62:2b:5f:ba:
1f:8a:8d:80:b3:93:4f:01:9d:18:86:ab:b6:fb:f1:
98:b0:27:d4:ae:04:d1:70:33:e5:4b:82:32:2a:0b:
ce:1a:43:cc:da:0c:46:55:30:78:00:b3:da:00:87:
c8:d1:21:68:39:85:fe:df:d6:84:cc:a6:3b:c0:f7:
49:83:1d:b5:ff:7f:a1:00:1a:49:ba:1b:01:ae:b7:
74:ec:2b:c8:61:27:dd:48:92:98:d2:66:81:8a:b2:
32:2e:66:a2:97:3a:aa:fe:38:06:3c:cb:bf:79:e3:
12:ac:f6:05:b7:2f:a8:c5:2c:46:12:36:b4:c9:71:
f8:0f:09:04:e4:64:b1:39:13:72:75:95:b7:03:39:
a9:73:ee:b7:3e:27:46:62:3c:0b:e5:cf:85:7a:7f:
09:2e:da:83:5c:6c:c1:2d:52:10:90:6f:d0:5d:cd:
bc:3f:31:d9:3e:ba:72:ab:26:1b:9d:64:92:47:6f:
25:24:12:40:ae:3b:b9:6c:f8:d6:52:e7:1a:78:ec:
0e:bb:ab:86:37:af:da:43:2c:02:6d:8b:d7:54:fa:
84:b2:af:03:d3:65:84:a8:43:ec:96:6e:c5:de:34:
20:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:61:F1:0F:29:85:56:4F:72:35:70:67:23:4C:CC:81:9F:AB:8F:7A
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/CWHxDymFVk9yNXBnI0zMgZ-rj3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8e:39:da:f4:de:6a:b8:40:4a:3b:ae:b7:0a:e0:88:b2:3b:36:
91:30:70:4c:b4:d9:91:7f:d3:5e:2f:aa:ff:be:00:0f:cc:2c:
6a:ca:97:3c:0a:14:51:6b:ba:2a:ce:78:ff:33:b3:23:71:9a:
2b:c5:88:0a:73:66:73:9c:e1:dc:bf:8d:09:b9:89:ae:d3:d0:
1d:25:f7:a0:85:a5:28:01:17:52:f2:6c:82:36:ed:6e:00:25:
7f:0f:03:c9:76:46:86:4a:4a:e6:74:20:8b:2b:bd:e5:d8:7f:
5f:7a:97:de:0d:49:ad:95:20:32:95:54:b2:f2:cf:5f:a1:b6:
ed:70:b6:d7:32:44:99:d4:9b:3f:22:d4:d5:cc:15:4a:28:73:
11:59:e8:d9:08:59:6b:e5:e1:68:1c:e8:86:01:ec:e5:6b:fa:
a6:73:86:05:f1:9f:c7:62:c9:20:b4:60:8d:48:e5:d4:f4:93:
d1:b5:bb:4f:7f:0d:b6:8a:1c:02:30:b7:5d:b8:12:52:bd:a9:
57:45:8e:52:c7:ba:dd:a1:23:b4:69:5f:4b:4c:f3:61:04:2c:
66:82:b1:ef:95:5c:e5:39:3b:a4:0b:ae:1f:9e:51:e0:15:c9:
28:55:3a:44:46:7d:8e:00:4b:4f:69:5a:09:77:1e:5a:e3:42:
99:25:7c:72
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsaJfBaKrYUO44+Zw3VRvbOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDEwMTUxMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTYxZjEwZjI5ODU1NjRmNzIzNTcwNjcyMzRjY2M4MTlmYWI4ZjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOd0HYhgIlRSbW4dYVYTrrdxvIwy
GQoUo2IrX7ofio2As5NPAZ0Yhqu2+/GYsCfUrgTRcDPlS4IyKgvOGkPM2gxGVTB4
ALPaAIfI0SFoOYX+39aEzKY7wPdJgx21/3+hABpJuhsBrrd07CvIYSfdSJKY0maB
irIyLmailzqq/jgGPMu/eeMSrPYFty+oxSxGEja0yXH4DwkE5GSxORNydZW3Azmp
c+63PidGYjwL5c+Fen8JLtqDXGzBLVIQkG/QXc28PzHZPrpyqyYbnWSSR28lJBJA
rju5bPjWUucaeOwOu6uGN6/aQywCbYvXVPqEsq8D02WEqEPslm7F3jQgzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAlh8Q8phVZPcjVwZyNMzIGfq496MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQ1dIeER5bUZWazl5TlhCbkkwek1nWi1yajNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI452vTearhASjuutwrg
iLI7NpEwcEy02ZF/014vqv++AA/MLGrKlzwKFFFruirOeP8zsyNxmivFiApzZnOc
4dy/jQm5ia7T0B0l96CFpSgBF1LybII27W4AJX8PA8l2RoZKSuZ0IIsrveXYf196
l94NSa2VIDKVVLLyz1+htu1wttcyRJnUmz8i1NXMFUoocxFZ6NkIWWvl4Wgc6IYB
7OVr+qZzhgXxn8diySC0YI1I5dT0k9G1u09/DbaKHAIwt124ElK9qVdFjlLHut2h
I7RpX0tM82EELGaCse+VXOU5O6QLrh+eUeAVyShVOkRGfY4AS09pWgl3HlrjQpkl
fHI=
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:54:58 2025 by rpki-client