Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/II4wg8ylmQU_8w2pyzzjOI-uGvo.roa
File: II4wg8ylmQU_8w2pyzzjOI-uGvo.roa (raw, json)
Hash identifier: YKdY9rhs+TTNjxh9jj0CTMKn8phWybUiGzIOzhCeUFU=
Subject key identifier: 20:8E:30:83:CC:A5:99:05:3F:F3:0D:A9:CB:3C:E3:38:8F:AE:1A:FA
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B6FC139B37D79E37A9ED01E26AACAFCBE
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/II4wg8ylmQU_8w2pyzzjOI-uGvo.roa
Signing time: Fri 27 Oct 2023 06:10:15 +0000
ROA not before: Fri 27 Oct 2023 06:10:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6f:c1:39:b3:7d:79:e3:7a:9e:d0:1e:26:aa:ca:fc:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 27 06:10:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=208e3083cca599053ff30da9cb3ce3388fae1afa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:d6:e8:20:6a:2b:c4:14:e7:11:ab:7c:87:3d:
5b:10:49:1c:f3:6e:26:e9:ec:37:c6:4a:e5:87:3d:
e1:bc:1a:72:a0:d7:40:7b:8e:96:30:53:cb:8b:42:
a8:36:e9:46:c0:d6:32:e1:7f:89:61:5d:30:59:bd:
5f:b3:ad:64:61:da:20:f6:07:c3:cb:2f:7e:8a:0c:
d9:ce:c7:42:17:c0:d0:06:f3:23:08:10:be:6e:4e:
ba:cf:9f:5b:fc:69:93:56:d5:05:c8:d3:98:01:48:
9b:aa:de:93:dc:3a:89:22:42:f3:1b:67:d6:55:a1:
82:65:42:4d:10:c7:b8:9a:f6:47:58:53:11:a6:e3:
2d:98:0b:46:77:fc:ce:7b:33:0a:92:a5:4d:a7:fa:
bb:1f:4b:25:c4:7d:6c:26:c0:59:a4:68:5f:19:6c:
b9:d9:2c:d7:a0:a5:ca:89:a3:48:8e:5c:5f:bf:ce:
d6:e5:35:3d:51:4b:b5:a9:48:41:56:6f:5a:2a:87:
33:08:0e:3a:bd:7b:60:d0:7b:d4:f4:a3:ea:27:41:
dc:8e:d3:81:df:20:ba:99:44:31:d0:d3:b4:fb:84:
ed:f0:b1:7b:d3:15:db:b6:2b:b4:84:c2:f6:b2:51:
b8:13:90:ea:a1:e3:ee:89:1c:cc:e2:81:93:c8:df:
c4:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:8E:30:83:CC:A5:99:05:3F:F3:0D:A9:CB:3C:E3:38:8F:AE:1A:FA
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/II4wg8ylmQU_8w2pyzzjOI-uGvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a4:5e:dd:34:7d:f1:ab:f6:71:86:63:78:43:25:f0:13:6a:7b:
84:a8:ff:2f:3b:86:3f:93:ef:4e:ab:6a:a8:74:f3:26:6c:df:
64:0b:c6:6b:0f:54:90:9a:84:f4:37:ec:69:f1:9e:70:fd:5a:
f1:b6:8e:f9:14:95:4b:71:b3:f5:25:ea:9f:1c:58:17:f2:08:
11:f9:39:80:26:78:98:a0:5d:d7:7a:72:ea:b4:ec:47:80:ab:
a7:84:b4:5d:65:83:d2:95:5b:b8:9f:78:ae:a4:d4:84:e1:c9:
62:ec:c5:54:d9:63:b3:df:2c:0e:c8:dc:29:ca:17:e0:8d:0a:
c3:78:ca:48:56:0e:85:c8:0b:3a:84:8f:05:ec:74:ac:35:05:
5d:a2:91:c1:66:12:32:54:1d:a5:bc:6d:9e:93:9c:ba:e7:dc:
23:23:7b:c3:e8:63:02:83:ab:59:18:3a:28:ad:b9:98:ec:05:
3a:8e:50:71:3b:6d:ac:b5:82:4f:1a:8b:11:f3:58:c0:de:0b:
50:25:93:99:e4:a6:fe:f3:36:b6:8c:56:5e:12:2f:15:40:e7:
ca:aa:d0:dd:e9:11:55:eb:5b:b7:cc:46:fd:4e:da:8c:dc:d3:
5b:d9:73:99:d7:78:6d:8d:78:b9:0c:8a:99:72:e4:90:90:0c:
14:16:63:e3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtvwTmzfXnjep7QHiaqyvy+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI3MDYxMDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDhlMzA4M2NjYTU5OTA1M2ZmMzBkYTljYjNjZTMzODhmYWUxYWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdboIGorxBTnEat8hz1bEEkc824m
6ew3xkrlhz3hvBpyoNdAe46WMFPLi0KoNulGwNYy4X+JYV0wWb1fs61kYdog9gfD
yy9+igzZzsdCF8DQBvMjCBC+bk66z59b/GmTVtUFyNOYAUibqt6T3DqJIkLzG2fW
VaGCZUJNEMe4mvZHWFMRpuMtmAtGd/zOezMKkqVNp/q7H0slxH1sJsBZpGhfGWy5
2SzXoKXKiaNIjlxfv87W5TU9UUu1qUhBVm9aKoczCA46vXtg0HvU9KPqJ0HcjtOB
3yC6mUQx0NO0+4Tt8LF70xXbtiu0hML2slG4E5DqoePuiRzM4oGTyN/EtwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCCOMIPMpZkFP/MNqcs84ziPrhr6MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSUk0d2c4eWxtUVVfOHcycHl6empPSS11R3ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKRe3TR98av2cYZjeEMl
8BNqe4So/y87hj+T706raqh08yZs32QLxmsPVJCahPQ37GnxnnD9WvG2jvkUlUtx
s/Ul6p8cWBfyCBH5OYAmeJigXdd6cuq07EeAq6eEtF1lg9KVW7ifeK6k1IThyWLs
xVTZY7PfLA7I3CnKF+CNCsN4ykhWDoXICzqEjwXsdKw1BV2ikcFmEjJUHaW8bZ6T
nLrn3CMje8PoYwKDq1kYOiituZjsBTqOUHE7bay1gk8aixHzWMDeC1Alk5nkpv7z
NraMVl4SLxVA58qq0N3pEVXrW7fMRv1O2ozc01vZc5nXeG2NeLkMiply5JCQDBQW
Y+M=
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:22:11 2025 by rpki-client