Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ClE2-HN6B8zLliFT7lXpp_AIN00.roa
File: ClE2-HN6B8zLliFT7lXpp_AIN00.roa (raw, json)
Hash identifier: KiMPIpLrx2YLK6DuWb7kS5qn3zQO5axiILLufH3lZEQ=
Subject key identifier: 0A:51:36:F8:73:7A:07:CC:CB:96:21:53:EE:55:E9:A7:F0:08:37:4D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BD540851FAE46AF1680900ABE8B669375
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ClE2-HN6B8zLliFT7lXpp_AIN00.roa
Signing time: Wed 15 Nov 2023 23:10:57 +0000
ROA not before: Wed 15 Nov 2023 23:10:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d5:40:85:1f:ae:46:af:16:80:90:0a:be:8b:66:93:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 15 23:10:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a5136f8737a07cccb962153ee55e9a7f008374d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:97:26:a9:98:6c:a2:b8:88:3f:3f:3d:08:5c:
1d:2c:82:1b:86:34:fb:7a:fd:92:fb:dd:e4:9f:73:
76:6a:6d:b0:a3:b9:54:3e:51:63:03:3c:4c:46:40:
8d:0b:2f:87:82:3c:fb:ef:05:37:3a:a6:91:65:f0:
f5:f6:33:29:e6:13:d8:aa:ce:35:16:6c:a4:92:c8:
ee:c3:f2:9d:54:1b:9c:ba:d8:72:13:af:ae:71:9a:
fc:96:e3:1f:b9:26:6f:99:5c:0c:0d:dc:8a:90:e9:
49:45:0f:9c:f9:57:ac:5b:50:14:a3:14:09:ae:9d:
cd:2c:4e:59:c8:e2:80:23:37:bb:1c:67:70:36:23:
96:3d:31:59:05:93:bf:07:d3:6d:6a:a1:09:2f:98:
b1:a9:55:03:1f:ef:e4:d4:5d:0f:0a:03:1e:59:be:
fe:02:d1:73:0c:dc:2b:89:1c:5e:3d:45:62:b2:25:
8f:5f:27:8c:01:40:5f:ac:e4:23:d1:db:15:22:b9:
15:a0:11:b5:aa:1f:06:ff:7f:5f:12:3d:fb:95:2b:
87:df:d2:36:6d:c5:cc:ca:c7:66:53:93:52:44:80:
4b:8d:4f:95:35:72:14:c9:46:be:01:02:a5:58:13:
96:14:f1:08:7e:63:e5:05:cb:47:8a:61:6d:ae:15:
8f:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:51:36:F8:73:7A:07:CC:CB:96:21:53:EE:55:E9:A7:F0:08:37:4D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ClE2-HN6B8zLliFT7lXpp_AIN00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a8:6b:bf:57:2f:82:f8:8f:43:43:78:34:06:f7:22:fd:86:47:
24:1c:23:6d:19:47:00:e5:50:97:cc:6f:7c:d5:37:82:76:2d:
0a:c6:8b:ca:4a:c9:dd:cd:18:ef:bb:8a:fd:3c:b2:88:63:f3:
d6:e8:4c:cb:ee:5e:f1:a6:7c:cf:37:d5:84:8f:24:8d:87:70:
e5:e5:5b:81:a0:d3:dc:9b:85:b1:59:63:31:ee:cc:75:d8:56:
20:7f:51:cf:95:d9:d5:b5:f2:cf:b8:85:30:fd:61:ed:9c:62:
04:c2:d5:5b:0f:d2:b2:d8:88:b8:d7:dd:d7:51:02:f5:c8:fc:
d9:7e:04:1d:6f:e4:22:a7:45:15:51:56:33:1f:37:f8:d4:e5:
51:a4:3f:b0:4b:ac:4e:9e:9f:8c:6b:80:73:29:3b:99:75:57:
20:98:3b:01:c0:f3:7c:e7:5c:37:8f:55:be:d5:c3:7e:d9:6d:
5d:76:34:e0:18:2a:71:ac:83:4d:d7:fa:f5:cd:ba:8a:c1:56:
dc:03:7f:cf:53:bb:cf:69:62:e4:1d:fd:ee:68:90:b1:ea:b8:
c5:e7:c8:46:1d:5c:59:61:9d:58:58:7d:92:2b:10:15:21:a7:
9a:e7:fe:f9:61:72:4f:a2:03:08:57:ed:ca:d4:7d:b7:09:d0:
2f:59:d4:d1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvVQIUfrkavFoCQCr6LZpN1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTE1MjMxMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTUxMzZmODczN2EwN2NjY2I5NjIxNTNlZTU1ZTlhN2YwMDgzNzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5cmqZhsoriIPz89CFwdLIIbhjT7
ev2S+93kn3N2am2wo7lUPlFjAzxMRkCNCy+Hgjz77wU3OqaRZfD19jMp5hPYqs41
Fmykksjuw/KdVBucuthyE6+ucZr8luMfuSZvmVwMDdyKkOlJRQ+c+VesW1AUoxQJ
rp3NLE5ZyOKAIze7HGdwNiOWPTFZBZO/B9NtaqEJL5ixqVUDH+/k1F0PCgMeWb7+
AtFzDNwriRxePUVisiWPXyeMAUBfrOQj0dsVIrkVoBG1qh8G/39fEj37lSuH39I2
bcXMysdmU5NSRIBLjU+VNXIUyUa+AQKlWBOWFPEIfmPlBctHimFtrhWPrwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFApRNvhzegfMy5YhU+5V6afwCDdNMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQ2xFMi1ITjZCOHpMbGlGVDdsWHBwX0FJTjAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKhrv1cvgviPQ0N4NAb3
Iv2GRyQcI20ZRwDlUJfMb3zVN4J2LQrGi8pKyd3NGO+7iv08sohj89boTMvuXvGm
fM831YSPJI2HcOXlW4Gg09ybhbFZYzHuzHXYViB/Uc+V2dW18s+4hTD9Ye2cYgTC
1VsP0rLYiLjX3ddRAvXI/Nl+BB1v5CKnRRVRVjMfN/jU5VGkP7BLrE6en4xrgHMp
O5l1VyCYOwHA83znXDePVb7Vw37ZbV12NOAYKnGsg03X+vXNuorBVtwDf89Tu89p
YuQd/e5okLHquMXnyEYdXFlhnVhYfZIrEBUhp5rn/vlhck+iAwhX7crUfbcJ0C9Z
1NE=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:17:19 2025 by rpki-client