Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/D3bO6jiI8CIhi07Lvm8iDsQyGTg.roa
File: D3bO6jiI8CIhi07Lvm8iDsQyGTg.roa (raw, json)
Hash identifier: QFtmlN72tpv9Ku+BvNFc+Y3poW5iYs6oD2/6juzn4PA=
Subject key identifier: 0F:76:CE:EA:38:88:F0:22:21:8B:4E:CB:BE:6F:22:0E:C4:32:19:38
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BF01860806996A597B62CD5F1D573A994
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/D3bO6jiI8CIhi07Lvm8iDsQyGTg.roa
Signing time: Tue 21 Nov 2023 04:16:51 +0000
ROA not before: Tue 21 Nov 2023 04:16:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f0:18:60:80:69:96:a5:97:b6:2c:d5:f1:d5:73:a9:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 21 04:16:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f76ceea3888f022218b4ecbbe6f220ec4321938
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:6f:41:77:e2:07:65:74:a8:4f:29:8e:d3:dd:
12:f6:1f:f4:ff:45:11:70:42:2d:9a:f0:53:47:0b:
62:a8:72:3f:16:62:23:38:fc:bc:08:c1:96:0c:28:
08:e2:bc:7f:67:94:8e:4f:e2:9e:e4:9b:74:5f:cf:
b5:67:f3:8b:1e:37:e5:2a:c1:87:d7:7a:a6:9a:fb:
c2:7c:f3:b8:a7:d1:50:43:83:40:9b:e5:c2:ef:56:
27:1e:d4:5e:78:1e:96:bb:7d:3b:6e:6c:97:38:a1:
1c:1e:a0:ee:4c:43:bf:fb:01:ec:a1:1a:23:ad:33:
e4:4d:3f:f1:6d:00:aa:2b:61:68:ee:5a:82:20:2a:
f6:27:46:2c:f8:86:3b:0f:99:55:b6:88:c5:d3:be:
90:85:9f:d3:e1:f9:f5:98:45:c8:14:9d:47:45:71:
b2:9e:f6:44:34:a8:bd:d0:e8:0a:24:6e:32:ef:6d:
4a:65:b1:48:db:70:75:50:9e:f1:a8:4f:09:cc:fb:
4e:2c:41:1a:cb:e0:d8:4d:8b:ec:63:96:52:05:fa:
c9:96:94:00:57:87:57:7f:28:5e:31:1e:ac:55:12:
b4:39:02:2c:f3:d4:b3:1c:aa:2b:e6:83:f9:79:21:
93:ef:94:3f:a9:07:aa:22:b9:9e:f9:e3:0d:68:f0:
24:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:76:CE:EA:38:88:F0:22:21:8B:4E:CB:BE:6F:22:0E:C4:32:19:38
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/D3bO6jiI8CIhi07Lvm8iDsQyGTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4a:ce:78:ff:19:ff:f9:f3:ef:29:fe:c7:56:fa:c0:aa:ac:cf:
7d:d3:17:d6:c3:e0:d2:10:28:ba:af:1a:65:ec:a5:00:57:e2:
d2:ff:cc:0a:e4:66:35:df:c1:9b:fe:a8:47:21:09:9e:53:8a:
bb:88:fe:ee:0a:b4:c2:65:a7:84:90:9e:dc:a4:6e:33:c2:d3:
21:f8:ec:b8:e4:f3:d2:8b:ae:53:5d:d1:83:05:02:a2:f6:06:
24:77:77:2b:54:b4:b8:b0:81:c1:6b:e4:24:fb:f0:ca:b6:76:
4b:f4:89:df:b2:23:90:3b:17:28:41:cc:96:b7:88:7d:bd:d5:
26:c0:db:25:c6:73:49:5e:55:4a:7e:1b:38:2d:9f:4b:ad:41:
2b:c7:7f:43:6a:bc:19:39:c7:62:ba:08:9a:e3:84:d2:5e:5e:
11:06:5c:4e:ba:e0:98:77:15:5d:5b:f6:50:75:06:af:0e:61:
90:55:50:38:c5:1c:d3:a0:f7:9a:74:3a:72:ab:43:66:13:80:
d2:e3:11:4d:24:83:80:13:c3:e9:3f:93:42:63:99:11:6c:86:
6f:3b:2d:14:10:3b:9f:0e:2c:4d:71:7f:e9:d2:6d:88:6b:0e:
d9:02:d5:82:c1:85:06:a2:cd:7d:f1:d7:de:34:5c:e3:51:6e:
e8:e5:78:34
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvwGGCAaZall7Ys1fHVc6mUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTIxMDQxNjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjc2Y2VlYTM4ODhmMDIyMjE4YjRlY2JiZTZmMjIwZWM0MzIxOTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkm9Bd+IHZXSoTymO090S9h/0/0UR
cEItmvBTRwtiqHI/FmIjOPy8CMGWDCgI4rx/Z5SOT+Ke5Jt0X8+1Z/OLHjflKsGH
13qmmvvCfPO4p9FQQ4NAm+XC71YnHtReeB6Wu307bmyXOKEcHqDuTEO/+wHsoRoj
rTPkTT/xbQCqK2Fo7lqCICr2J0Ys+IY7D5lVtojF076QhZ/T4fn1mEXIFJ1HRXGy
nvZENKi90OgKJG4y721KZbFI23B1UJ7xqE8JzPtOLEEay+DYTYvsY5ZSBfrJlpQA
V4dXfyheMR6sVRK0OQIs89SzHKor5oP5eSGT75Q/qQeqIrme+eMNaPAkzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA92zuo4iPAiIYtOy75vIg7EMhk4MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvRDNiTzZqaUk4Q0loaTA3THZtOGlEc1F5R1RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAErOeP8Z//nz7yn+x1b6
wKqsz33TF9bD4NIQKLqvGmXspQBX4tL/zArkZjXfwZv+qEchCZ5TiruI/u4KtMJl
p4SQntykbjPC0yH47Ljk89KLrlNd0YMFAqL2BiR3dytUtLiwgcFr5CT78Mq2dkv0
id+yI5A7FyhBzJa3iH291SbA2yXGc0leVUp+Gzgtn0utQSvHf0NqvBk5x2K6CJrj
hNJeXhEGXE664Jh3FV1b9lB1Bq8OYZBVUDjFHNOg95p0OnKrQ2YTgNLjEU0kg4AT
w+k/k0JjmRFshm87LRQQO58OLE1xf+nSbYhrDtkC1YLBhQaizX3x1940XONRbujl
eDQ=
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:10:37 2025 by rpki-client