Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/INt6sCMtL8-Nv5eOiT3pqMdPF0I.roa
File: INt6sCMtL8-Nv5eOiT3pqMdPF0I.roa (raw, json)
Hash identifier: 7ApZxJ+ixNmdn8yk8HrLoIZBzOTwnkR8WjSeGKG8ocY=
Subject key identifier: 20:DB:7A:B0:23:2D:2F:CF:8D:BF:97:8E:89:3D:E9:A8:C7:4F:17:42
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C11BE1F5B99AE7D314568D62FD6B1383E
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/INt6sCMtL8-Nv5eOiT3pqMdPF0I.roa
Signing time: Mon 27 Nov 2023 17:05:21 +0000
ROA not before: Mon 27 Nov 2023 17:05:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
2001:67c:64:ffff:0:18c:11bd:5b11/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:11:be:1f:5b:99:ae:7d:31:45:68:d6:2f:d6:b1:38:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 27 17:05:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20db7ab0232d2fcf8dbf978e893de9a8c74f1742
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:50:a8:f0:6b:6a:f5:00:4e:8f:e1:79:c6:4c:
eb:ef:59:69:5c:d6:30:28:a3:70:fe:7f:70:0c:02:
71:fa:0d:28:94:b2:d2:6b:1a:5c:54:74:a8:5f:9c:
b7:b3:86:18:b8:a8:c7:a0:2f:e0:ed:1d:ac:fa:c6:
24:47:33:85:71:9d:31:12:98:fd:da:f9:5b:35:4f:
ae:b7:b4:25:9b:90:dd:03:54:8a:c7:dd:ca:54:65:
5f:d3:77:2e:15:98:5d:cb:b1:52:2c:31:4a:2e:f9:
ce:0a:f2:46:fc:5b:1d:e1:26:c2:b8:b3:ff:6e:0e:
3b:b8:fe:72:62:3d:a1:67:09:95:a6:80:09:d8:4c:
83:2c:56:1c:d2:c3:36:3f:eb:c8:b2:9c:9b:e2:06:
de:b6:43:d3:0e:15:a8:5e:c4:4a:07:af:a2:57:96:
99:5c:44:3d:ed:dd:4c:c6:1f:f8:1b:d8:fc:2b:96:
9c:ad:16:af:2c:04:48:3d:13:94:db:c2:3b:a7:8b:
23:bd:5a:73:ae:aa:43:17:bd:7c:60:48:ed:48:83:
0d:0a:9f:3a:ae:c0:9f:81:ba:91:b6:16:46:54:83:
90:34:11:e1:c6:84:80:7e:72:ca:cd:90:e3:9b:75:
b7:cf:7d:fa:f1:4f:65:0b:15:27:60:11:ef:8e:41:
7d:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:DB:7A:B0:23:2D:2F:CF:8D:BF:97:8E:89:3D:E9:A8:C7:4F:17:42
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/INt6sCMtL8-Nv5eOiT3pqMdPF0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
11:eb:a3:a7:df:e7:7a:9b:c1:cb:36:df:fc:ae:4a:c5:6c:7a:
18:0a:f5:3b:ae:8a:56:d3:45:92:5a:73:48:54:9e:59:52:c2:
9f:d1:03:89:19:2e:5e:aa:77:d8:3d:50:ea:ac:46:0b:94:75:
d7:6e:9c:78:35:44:93:8a:73:18:0b:46:cc:e3:96:c1:89:10:
49:28:f2:b7:15:3c:60:0e:81:ad:69:f5:dc:bd:8e:0c:a8:0a:
01:28:ca:33:a2:7a:c9:15:b8:f8:e8:c1:2a:73:5a:a2:4e:20:
cb:1f:3c:59:eb:41:96:52:1d:1c:13:85:54:d8:fa:34:ed:44:
ff:7a:12:02:c3:bb:aa:09:5d:c4:f3:ee:3f:a0:f7:70:3d:21:
91:bf:e3:1e:a7:75:19:78:62:f8:af:11:67:fc:a7:f2:42:cd:
5d:7a:9f:f5:f1:af:11:d7:d6:99:c2:c6:f7:30:e9:b8:c6:51:
90:4c:26:0d:7e:6c:eb:90:ce:e5:0e:77:ae:60:23:23:12:6b:
c8:e4:78:dc:04:9d:b5:16:56:78:1d:73:db:07:c3:bb:fc:a2:
a1:3b:c9:3c:fb:57:41:18:96:1c:62:c5:12:08:8e:c3:57:63:
35:8b:cd:29:a6:0d:f8:aa:2c:ae:fd:1a:fe:fe:29:3d:e8:c5:
ed:14:6d:8c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwRvh9bma59MUVo1i/WsTg+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI3MTcwNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGRiN2FiMDIzMmQyZmNmOGRiZjk3OGU4OTNkZTlhOGM3NGYxNzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVCo8Gtq9QBOj+F5xkzr71lpXNYw
KKNw/n9wDAJx+g0olLLSaxpcVHSoX5y3s4YYuKjHoC/g7R2s+sYkRzOFcZ0xEpj9
2vlbNU+ut7Qlm5DdA1SKx93KVGVf03cuFZhdy7FSLDFKLvnOCvJG/Fsd4SbCuLP/
bg47uP5yYj2hZwmVpoAJ2EyDLFYc0sM2P+vIspyb4gbetkPTDhWoXsRKB6+iV5aZ
XEQ97d1Mxh/4G9j8K5acrRavLARIPROU28I7p4sjvVpzrqpDF718YEjtSIMNCp86
rsCfgbqRthZGVIOQNBHhxoSAfnLKzZDjm3W3z3368U9lCxUnYBHvjkF97QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCDberAjLS/Pjb+Xjok96ajHTxdCMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSU50NnNDTXRMOC1OdjVlT2lUM3BxTWRQRjBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABHro6ff53qbwcs23/yu
SsVsehgK9TuuilbTRZJac0hUnllSwp/RA4kZLl6qd9g9UOqsRguUdddunHg1RJOK
cxgLRszjlsGJEEko8rcVPGAOga1p9dy9jgyoCgEoyjOieskVuPjowSpzWqJOIMsf
PFnrQZZSHRwThVTY+jTtRP96EgLDu6oJXcTz7j+g93A9IZG/4x6ndRl4YvivEWf8
p/JCzV16n/XxrxHX1pnCxvcw6bjGUZBMJg1+bOuQzuUOd65gIyMSa8jkeNwEnbUW
Vngdc9sHw7v8oqE7yTz7V0EYlhxixRIIjsNXYzWLzSmmDfiqLK79Gv7+KT3oxe0U
bYw=
-----END CERTIFICATE-----
Generated at Sun Apr 20 20:04:16 2025 by rpki-client