Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/CwJLV5Motw43jiWQ1a22HShV-i0.roa
File: CwJLV5Motw43jiWQ1a22HShV-i0.roa (raw, json)
Hash identifier: 6F5b22MLEl77JIpvE3C6ngLe7gzrWCnhoZQnQXUCfmU=
Subject key identifier: 0B:02:4B:57:93:28:B7:0E:37:8E:25:90:D5:AD:B6:1D:28:55:FA:2D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BC4B9DF03103826C8EC622A37B2B6625A
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/CwJLV5Motw43jiWQ1a22HShV-i0.roa
Signing time: Sun 12 Nov 2023 18:09:57 +0000
ROA not before: Sun 12 Nov 2023 18:09:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c4:b9:df:03:10:38:26:c8:ec:62:2a:37:b2:b6:62:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 12 18:09:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b024b579328b70e378e2590d5adb61d2855fa2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e7:d8:ba:17:07:13:d3:5e:c7:59:9e:32:5e:
1c:9c:97:da:b2:23:d3:22:85:3e:02:d7:bb:78:9a:
14:68:e9:49:92:c1:dc:de:e8:bd:94:4f:63:03:c2:
f8:9b:7a:d2:08:46:b7:71:7b:ac:9a:a3:52:8c:40:
bf:a5:d6:24:17:bc:c1:50:fd:63:2a:24:42:4e:9e:
e7:00:87:ee:d6:0c:47:37:bb:2d:e2:ba:70:4b:fc:
5a:c3:a2:1d:2b:52:14:a6:fb:ec:69:ae:7c:c5:b0:
50:f8:f8:69:47:96:bb:ab:c6:97:b0:9a:e6:6f:f5:
5a:0b:c4:70:d0:68:4f:4d:b5:c0:61:bc:26:88:b7:
1c:14:dc:f1:d0:89:4d:b5:11:25:9b:1c:aa:d3:30:
50:cb:11:d2:06:e0:21:26:37:26:6c:59:76:89:70:
1a:dc:16:a1:77:54:06:b5:40:f0:2e:bc:4f:55:d5:
bf:60:91:7b:b7:15:50:e4:28:32:c3:c0:1f:cb:4e:
8d:1d:26:71:19:05:ed:ab:c3:36:1c:83:7d:8e:30:
a2:51:bd:14:80:46:56:f8:ae:3a:46:9f:d7:fd:3f:
10:b2:0b:d2:20:da:67:ff:64:99:da:e6:a2:d0:7c:
50:a7:c4:ed:d4:45:e9:2e:42:f7:67:7c:64:8c:de:
fc:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:02:4B:57:93:28:B7:0E:37:8E:25:90:D5:AD:B6:1D:28:55:FA:2D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/CwJLV5Motw43jiWQ1a22HShV-i0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
d3:fd:0d:4c:2d:c4:72:f4:0f:39:af:24:5b:0d:33:68:5c:fd:
0e:95:61:ea:ec:cb:19:da:43:bf:a1:4b:02:19:21:f8:40:4b:
f5:c9:9c:bb:19:68:ed:b6:f5:ab:ba:2a:8a:9f:be:1e:c8:e8:
11:80:2a:8e:6f:c8:2e:05:51:fa:13:96:db:73:6f:4b:fd:4a:
81:5f:fb:7f:9c:80:3b:f6:a4:20:de:73:47:fc:13:12:5d:2e:
02:76:14:2a:a7:7d:fb:99:61:27:91:3b:74:cf:e5:96:5b:7e:
c3:7b:b7:1e:40:c0:18:0b:db:c8:dd:c4:d3:b9:17:42:5c:46:
6a:91:90:db:14:57:8f:8f:9c:7a:35:c4:b1:ee:d2:13:6d:7d:
79:27:be:0d:13:41:e2:e3:f6:7c:42:6b:63:93:61:a3:f9:b6:
ee:d4:7f:bd:cd:88:6b:c5:e0:53:b2:04:d4:b9:1c:9a:4a:d6:
aa:25:ee:c7:5a:57:63:7b:a2:a8:95:9b:8b:7b:96:85:69:27:
95:9f:44:55:e0:e7:e5:29:ce:24:5f:56:e1:04:c3:df:27:ec:
ee:c7:a8:1e:4b:a2:58:59:46:59:8c:d6:a7:ad:e5:16:b0:19:
46:db:6d:b8:a6:6b:3a:72:5d:d8:91:a5:54:76:0a:2f:6f:38:
12:82:04:21
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvEud8DEDgmyOxiKjeytmJaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTEyMTgwOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjAyNGI1NzkzMjhiNzBlMzc4ZTI1OTBkNWFkYjYxZDI4NTVmYTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOfYuhcHE9Nex1meMl4cnJfasiPT
IoU+Ate7eJoUaOlJksHc3ui9lE9jA8L4m3rSCEa3cXusmqNSjEC/pdYkF7zBUP1j
KiRCTp7nAIfu1gxHN7st4rpwS/xaw6IdK1IUpvvsaa58xbBQ+PhpR5a7q8aXsJrm
b/VaC8Rw0GhPTbXAYbwmiLccFNzx0IlNtRElmxyq0zBQyxHSBuAhJjcmbFl2iXAa
3Bahd1QGtUDwLrxPVdW/YJF7txVQ5Cgyw8Afy06NHSZxGQXtq8M2HIN9jjCiUb0U
gEZW+K46Rp/X/T8QsgvSINpn/2SZ2uai0HxQp8Tt1EXpLkL3Z3xkjN78nQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAsCS1eTKLcON44lkNWtth0oVfotMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQ3dKTFY1TW90dzQzamlXUTFhMjJIU2hWLWkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBANP9DUwtxHL0DzmvJFsN
M2hc/Q6VYersyxnaQ7+hSwIZIfhAS/XJnLsZaO229au6Koqfvh7I6BGAKo5vyC4F
UfoTlttzb0v9SoFf+3+cgDv2pCDec0f8ExJdLgJ2FCqnffuZYSeRO3TP5ZZbfsN7
tx5AwBgL28jdxNO5F0JcRmqRkNsUV4+PnHo1xLHu0hNtfXknvg0TQeLj9nxCa2OT
YaP5tu7Uf73NiGvF4FOyBNS5HJpK1qol7sdaV2N7oqiVm4t7loVpJ5WfRFXg5+Up
ziRfVuEEw98n7O7HqB5LolhZRlmM1qet5RawGUbbbbimazpyXdiRpVR2Ci9vOBKC
BCE=
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:48:41 2025 by rpki-client