Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Ed9dx4ZDAJhSWSawicUKEwcQxtI.roa
File: Ed9dx4ZDAJhSWSawicUKEwcQxtI.roa (raw, json)
Hash identifier: ZGRgItcu5i9a8ydIMPt193hAImaWg//kvFWIXOUgIt8=
Subject key identifier: 11:DF:5D:C7:86:43:00:98:52:59:26:B0:89:C5:0A:13:07:10:C6:D2
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AFFB9D66505400AF0F040570479442B6D
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Ed9dx4ZDAJhSWSawicUKEwcQxtI.roa
Signing time: Thu 05 Oct 2023 12:04:43 +0000
ROA not before: Thu 05 Oct 2023 12:04:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:ffb9:5e12/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ff:b9:d6:65:05:40:0a:f0:f0:40:57:04:79:44:2b:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 5 12:04:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=11df5dc786430098525926b089c50a130710c6d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:e4:da:23:6d:5b:d3:75:14:b3:72:be:bb:66:
e3:55:ef:f3:8b:43:af:1b:e2:3a:f9:bc:ad:f1:3f:
31:23:aa:1e:c5:85:f2:7a:4d:e8:e2:cd:18:45:d4:
11:47:c6:40:8e:51:76:3e:66:84:38:3d:e5:4b:88:
b1:5b:4b:a7:b0:cf:e0:8a:34:07:34:d6:91:53:bd:
b1:57:77:4a:b3:78:f8:e3:b8:98:c5:b0:73:61:ea:
64:4a:de:0f:aa:a1:d5:dd:c0:31:1d:0c:96:96:6e:
b0:f6:1b:d8:30:33:4f:e6:64:0d:4c:cb:6e:e8:cf:
06:7d:1b:96:d9:4e:25:ab:5a:00:56:9d:98:c3:d4:
ab:4c:88:ae:83:2f:e7:cb:e9:38:08:21:12:ab:49:
76:76:69:d9:20:83:70:5a:5c:ce:ed:8a:ff:55:2a:
46:e4:bc:b7:02:ac:4d:f1:6b:7f:fb:7a:2e:3a:20:
f8:3d:96:39:f7:d1:f8:25:fd:d3:5c:ed:2a:a3:70:
f7:af:bb:19:4a:63:0a:e4:52:c9:70:92:db:75:ad:
99:fb:42:1b:1b:ea:f5:1e:5c:e6:0f:0b:ef:ca:a7:
a5:16:64:a7:dc:6e:76:55:89:70:aa:91:92:1f:2b:
34:0f:3d:db:f0:34:b4:f8:4a:06:25:63:8c:50:59:
46:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:DF:5D:C7:86:43:00:98:52:59:26:B0:89:C5:0A:13:07:10:C6:D2
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Ed9dx4ZDAJhSWSawicUKEwcQxtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
08:61:50:15:62:c8:5b:a3:4c:26:db:cd:a6:14:da:dd:f4:c1:
8b:1e:0e:e9:c8:2c:b1:24:62:c7:af:62:0f:b2:c9:72:06:7d:
44:fe:63:c2:a1:6c:e6:9b:ce:6c:25:b9:40:f2:64:f7:91:c8:
20:24:70:24:a8:3f:81:57:7f:1e:46:19:af:67:05:49:be:73:
08:3b:4e:1e:8f:76:e0:06:67:81:00:ca:ff:7b:44:d7:64:1f:
a4:48:30:42:7f:8d:03:b7:70:35:26:29:ef:6d:20:26:8d:c1:
65:5c:5f:97:32:f2:93:b0:43:69:14:1e:e8:c9:48:29:44:f2:
db:05:a1:92:61:48:1e:e4:e0:26:eb:51:09:0a:dd:ce:5b:2d:
f3:15:b1:d4:7b:31:3d:c5:92:15:c8:09:cf:0f:d9:c7:ec:2b:
22:4c:49:8f:97:d8:24:fe:37:fe:47:1f:9e:ec:72:90:8b:d2:
93:73:f3:2f:4a:62:30:8f:c0:a9:c7:e4:4f:d4:81:63:e6:e4:
8e:62:c3:e4:46:af:65:8b:fe:3f:54:c1:65:52:25:66:0b:98:
b6:36:b9:9d:bc:f8:8e:6e:2b:7a:20:9c:9a:82:0c:55:eb:60:
a6:35:9e:3b:3c:c4:02:cb:e4:87:0d:be:6c:e2:39:73:bd:1d:
de:be:7b:a3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYr/udZlBUAK8PBAVwR5RCttMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA1MTIwNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWRmNWRjNzg2NDMwMDk4NTI1OTI2YjA4OWM1MGExMzA3MTBjNmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjeTaI21b03UUs3K+u2bjVe/zi0Ov
G+I6+byt8T8xI6oexYXyek3o4s0YRdQRR8ZAjlF2PmaEOD3lS4ixW0unsM/gijQH
NNaRU72xV3dKs3j447iYxbBzYepkSt4PqqHV3cAxHQyWlm6w9hvYMDNP5mQNTMtu
6M8GfRuW2U4lq1oAVp2Yw9SrTIiugy/ny+k4CCESq0l2dmnZIINwWlzO7Yr/VSpG
5Ly3AqxN8Wt/+3ouOiD4PZY599H4Jf3TXO0qo3D3r7sZSmMK5FLJcJLbda2Z+0Ib
G+r1HlzmDwvvyqelFmSn3G52VYlwqpGSHys0Dz3b8DS0+EoGJWOMUFlGkwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBHfXceGQwCYUlkmsInFChMHEMbSMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvRWQ5ZHg0WkRBSmhTV1Nhd2ljVUtFd2NReHRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAhhUBViyFujTCbbzaYU
2t30wYseDunILLEkYsevYg+yyXIGfUT+Y8KhbOabzmwluUDyZPeRyCAkcCSoP4FX
fx5GGa9nBUm+cwg7Th6PduAGZ4EAyv97RNdkH6RIMEJ/jQO3cDUmKe9tICaNwWVc
X5cy8pOwQ2kUHujJSClE8tsFoZJhSB7k4CbrUQkK3c5bLfMVsdR7MT3FkhXICc8P
2cfsKyJMSY+X2CT+N/5HH57scpCL0pNz8y9KYjCPwKnH5E/UgWPm5I5iw+RGr2WL
/j9UwWVSJWYLmLY2uZ28+I5uK3ognJqCDFXrYKY1njs8xALL5IcNvmziOXO9Hd6+
e6M=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:07:12 2025 by rpki-client