Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/CkFVLn5LSPAReFc5lfu4EhR1QOM.roa
File: CkFVLn5LSPAReFc5lfu4EhR1QOM.roa (raw, json)
Hash identifier: OnQgqrsj36GM7D3c2FDQ5SWKwKqnAaEheIXD/lcQByE=
Subject key identifier: 0A:41:55:2E:7E:4B:48:F0:11:78:57:39:95:FB:B8:12:14:75:40:E3
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C345497041C693C0F454FCD72062DFFFB
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/CkFVLn5LSPAReFc5lfu4EhR1QOM.roa
Signing time: Mon 04 Dec 2023 10:16:48 +0000
ROA not before: Mon 04 Dec 2023 10:16:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:34:54:97:04:1c:69:3c:0f:45:4f:cd:72:06:2d:ff:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 4 10:16:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a41552e7e4b48f01178573995fbb812147540e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f7:11:1b:42:c7:2a:f8:82:d9:bf:1e:94:28:
2b:a9:41:2f:d5:9c:4e:a5:60:03:05:ff:a9:3f:36:
eb:b1:54:ef:99:eb:09:47:7b:ac:61:be:d7:c5:71:
30:99:61:5b:97:31:dc:58:45:56:ca:63:76:8c:5f:
c4:1e:49:78:9f:62:7c:1f:fe:16:ab:42:5a:1c:6b:
60:5f:e5:05:bb:9c:a0:f2:dc:b7:ea:a0:e1:36:9a:
8c:63:c2:cd:72:da:64:15:e0:79:de:f6:2f:68:6d:
00:b1:73:e0:38:0e:12:ec:00:2e:e1:04:09:d2:6a:
f9:8d:7f:6b:70:12:f0:e4:e3:03:c2:4e:4e:0c:09:
1b:0a:83:6f:ea:27:18:b8:29:33:db:67:b9:8e:73:
fa:2a:29:30:10:8a:c8:65:d7:11:52:33:2b:d0:7c:
94:30:11:3c:1f:e8:af:6f:32:eb:b7:ae:6c:d1:e0:
dc:2e:3e:d5:a1:60:0d:6a:7a:31:a3:bb:b7:1c:9e:
24:24:32:f2:3b:88:87:b6:e7:78:92:50:f3:3f:2f:
31:44:f4:1f:13:91:4f:c5:4e:a7:75:c9:0e:0c:7c:
7f:eb:eb:fc:06:97:ec:34:7f:c8:a1:2c:3c:26:24:
6c:78:eb:c8:58:fd:47:92:dd:cc:a7:f0:75:f7:89:
19:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:41:55:2E:7E:4B:48:F0:11:78:57:39:95:FB:B8:12:14:75:40:E3
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/CkFVLn5LSPAReFc5lfu4EhR1QOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
15:8e:81:4d:4c:fd:f3:b5:d5:c4:f6:ce:c2:1e:80:68:78:e9:
2a:fe:82:a3:a2:fd:f8:67:aa:f4:c0:78:cc:f3:6b:40:af:5e:
38:7f:d8:45:9a:83:07:ca:5b:0d:c2:43:6d:df:04:32:23:a2:
76:ae:d5:6b:0a:18:a5:ec:f6:96:bb:ff:cd:0d:a4:eb:0b:11:
d6:4e:0c:ef:3c:e5:6e:ca:72:93:11:8c:a8:a4:aa:0b:2a:8f:
3a:00:da:a6:1b:f5:60:55:f2:ae:a0:26:c3:2b:ef:79:1b:2f:
aa:9c:63:66:f2:5b:0a:d0:a0:07:51:69:31:17:3a:63:62:8c:
ef:9b:d9:c8:ea:d8:5e:35:60:94:09:1f:94:1b:0f:77:b7:c4:
97:9b:ec:19:f1:cd:a1:b1:f8:95:10:b4:44:02:84:91:8f:ad:
75:12:8e:8c:60:6f:e3:bf:e4:71:f0:36:bb:51:9b:b8:1a:34:
6d:5f:22:01:c2:ac:3e:10:5a:f4:c7:0b:9c:62:18:10:55:57:
01:2e:ba:45:43:90:08:27:e8:92:4e:0a:2d:24:88:95:3f:11:
e0:0d:39:bb:3f:e2:ed:cc:1c:02:55:2b:6f:1e:dc:e6:ad:9b:
96:2e:97:28:5d:66:ae:f5:11:af:e6:aa:e9:6b:36:16:9c:9d:
2a:f2:ce:ab
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYw0VJcEHGk8D0VPzXIGLf/7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA0MTAxNjQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTQxNTUyZTdlNGI0OGYwMTE3ODU3Mzk5NWZiYjgxMjE0NzU0MGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvcRG0LHKviC2b8elCgrqUEv1ZxO
pWADBf+pPzbrsVTvmesJR3usYb7XxXEwmWFblzHcWEVWymN2jF/EHkl4n2J8H/4W
q0JaHGtgX+UFu5yg8ty36qDhNpqMY8LNctpkFeB53vYvaG0AsXPgOA4S7AAu4QQJ
0mr5jX9rcBLw5OMDwk5ODAkbCoNv6icYuCkz22e5jnP6KikwEIrIZdcRUjMr0HyU
MBE8H+ivbzLrt65s0eDcLj7VoWANanoxo7u3HJ4kJDLyO4iHtud4klDzPy8xRPQf
E5FPxU6ndckODHx/6+v8BpfsNH/IoSw8JiRseOvIWP1Hkt3Mp/B194kZ+wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFApBVS5+S0jwEXhXOZX7uBIUdUDjMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQ2tGVkxuNUxTUEFSZUZjNWxmdTRFaFIxUU9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABWOgU1M/fO11cT2zsIe
gGh46Sr+gqOi/fhnqvTAeMzza0CvXjh/2EWagwfKWw3CQ23fBDIjonau1WsKGKXs
9pa7/80NpOsLEdZODO885W7KcpMRjKikqgsqjzoA2qYb9WBV8q6gJsMr73kbL6qc
Y2byWwrQoAdRaTEXOmNijO+b2cjq2F41YJQJH5QbD3e3xJeb7BnxzaGx+JUQtEQC
hJGPrXUSjoxgb+O/5HHwNrtRm7gaNG1fIgHCrD4QWvTHC5xiGBBVVwEuukVDkAgn
6JJOCi0kiJU/EeANObs/4u3MHAJVK28e3Oatm5YulyhdZq71Ea/mqulrNhacnSry
zqs=
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:35:27 2025 by rpki-client