Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/CkoEB_yIoG74HXo8FNSxlOsKyZA.roa
File: CkoEB_yIoG74HXo8FNSxlOsKyZA.roa (raw, json)
Hash identifier: y67P69X/piCxJg++0hkUaj9xwFJNFr2ccvlBtCKmT4w=
Subject key identifier: 0A:4A:04:07:FC:88:A0:6E:F8:1D:7A:3C:14:D4:B1:94:EB:0A:C9:90
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B4322F64EE2485DD05329BA5D9EA94723
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/CkoEB_yIoG74HXo8FNSxlOsKyZA.roa
Signing time: Wed 18 Oct 2023 14:14:06 +0000
ROA not before: Wed 18 Oct 2023 14:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:43:22:f6:4e:e2:48:5d:d0:53:29:ba:5d:9e:a9:47:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 18 14:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a4a0407fc88a06ef81d7a3c14d4b194eb0ac990
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:29:0f:1c:89:9b:6c:67:d2:42:c3:2d:b9:f6:
bc:b0:82:4f:48:25:94:bb:a5:5d:69:bd:fe:52:79:
96:fd:5f:a5:b4:6d:97:1f:11:62:17:cc:6a:9b:e1:
2b:27:84:dc:2a:48:cc:52:4b:94:38:2b:37:5a:b9:
07:8b:cf:d4:01:66:41:38:f1:82:d8:f9:11:b7:92:
93:4d:4f:b1:e9:98:a9:d6:10:a4:49:a2:9b:3d:69:
7e:bc:88:72:99:b8:dd:0b:46:2b:f5:82:66:8c:3e:
b6:24:16:af:fb:0a:83:c0:65:7d:8c:e0:c5:67:ba:
09:c0:7e:ae:73:33:37:19:fc:0c:6f:5b:59:9e:dd:
10:3f:fc:55:ce:8f:c6:5c:d8:b2:1c:e3:2c:a2:da:
50:83:ed:70:2c:c9:a9:f3:f4:6f:e1:ce:1c:85:e1:
af:8c:af:ef:a1:30:53:6e:53:63:5c:f6:d6:54:0e:
01:da:d4:9d:74:0e:92:de:11:64:50:a1:6f:4e:05:
de:8c:80:e0:36:f3:f2:f6:73:55:28:fb:cf:6c:74:
62:55:f3:ff:62:50:ac:9e:89:13:55:0a:74:5d:78:
81:f3:15:84:a0:2b:dd:a9:0e:a3:ee:c3:5a:7e:0e:
e6:8f:71:46:4a:34:e6:bb:80:8a:dc:a7:ef:78:28:
e0:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:4A:04:07:FC:88:A0:6E:F8:1D:7A:3C:14:D4:B1:94:EB:0A:C9:90
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/CkoEB_yIoG74HXo8FNSxlOsKyZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
d3:57:c0:81:b2:7b:ff:25:a5:e0:d6:8f:a4:50:44:c0:29:8e:
f2:be:4f:b2:b7:3d:57:15:3f:22:56:e2:93:c9:24:7f:15:2a:
94:75:79:2d:d2:b4:87:1f:c3:ca:4b:db:9b:f3:87:92:7c:e5:
fb:74:ee:e5:6e:8f:86:f2:4b:36:6c:4d:f8:31:34:58:55:9c:
d0:48:85:b2:b8:f1:b2:b8:6b:c5:f8:c5:0e:b1:de:36:e2:06:
00:ab:d7:f4:83:94:a1:60:b2:22:a5:26:2d:61:ec:56:aa:1d:
76:13:ce:07:51:47:24:10:8e:4c:2a:46:75:e5:0c:28:49:28:
6b:61:df:80:d2:29:15:ff:3a:63:ac:d1:10:c4:41:2b:66:e5:
be:79:7f:12:9a:eb:48:2f:bc:15:68:13:97:bc:13:fc:ae:d6:
10:57:be:ed:24:9e:25:de:42:ab:16:58:98:9d:12:00:d7:ee:
91:63:b7:16:d2:10:03:54:2e:83:78:73:62:a0:fa:9e:c7:0a:
81:2f:7d:4d:15:56:ca:a3:a1:7c:77:ca:99:2f:2b:89:eb:ab:
76:f6:05:b1:65:24:9f:7d:8f:36:71:63:f0:67:65:6a:79:b6:
2c:06:f1:49:6b:a2:ae:91:06:d4:a9:5e:6b:15:c0:72:11:31:
65:a4:5b:fa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtDIvZO4khd0FMpul2eqUcjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE4MTQxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTRhMDQwN2ZjODhhMDZlZjgxZDdhM2MxNGQ0YjE5NGViMGFjOTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtykPHImbbGfSQsMtufa8sIJPSCWU
u6Vdab3+UnmW/V+ltG2XHxFiF8xqm+ErJ4TcKkjMUkuUOCs3WrkHi8/UAWZBOPGC
2PkRt5KTTU+x6Zip1hCkSaKbPWl+vIhymbjdC0Yr9YJmjD62JBav+wqDwGV9jODF
Z7oJwH6uczM3GfwMb1tZnt0QP/xVzo/GXNiyHOMsotpQg+1wLMmp8/Rv4c4cheGv
jK/voTBTblNjXPbWVA4B2tSddA6S3hFkUKFvTgXejIDgNvPy9nNVKPvPbHRiVfP/
YlCsnokTVQp0XXiB8xWEoCvdqQ6j7sNafg7mj3FGSjTmu4CK3KfveCjgZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFApKBAf8iKBu+B16PBTUsZTrCsmQMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQ2tvRUJfeUlvRzc0SFhvOEZOU3hsT3NLeVpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBANNXwIGye/8lpeDWj6RQ
RMApjvK+T7K3PVcVPyJW4pPJJH8VKpR1eS3StIcfw8pL25vzh5J85ft07uVuj4by
SzZsTfgxNFhVnNBIhbK48bK4a8X4xQ6x3jbiBgCr1/SDlKFgsiKlJi1h7FaqHXYT
zgdRRyQQjkwqRnXlDChJKGth34DSKRX/OmOs0RDEQStm5b55fxKa60gvvBVoE5e8
E/yu1hBXvu0kniXeQqsWWJidEgDX7pFjtxbSEANULoN4c2Kg+p7HCoEvfU0VVsqj
oXx3ypkvK4nrq3b2BbFlJJ99jzZxY/BnZWp5tiwG8Ulroq6RBtSpXmsVwHIRMWWk
W/o=
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:35:23 2025 by rpki-client