Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Lds6nYvN4yhoWsx5jePMuYNhpCw.roa
File: Lds6nYvN4yhoWsx5jePMuYNhpCw.roa (raw, json)
Hash identifier: fSdgUhxnEQeiuS9obdYJkAgnNo2+LCHb4DWXLYvjTVU=
Subject key identifier: 2D:DB:3A:9D:8B:CD:E3:28:68:5A:CC:79:8D:E3:CC:B9:83:61:A4:2C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BAA21678EBC268A643F6A208F6621707D
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Lds6nYvN4yhoWsx5jePMuYNhpCw.roa
Signing time: Tue 07 Nov 2023 14:13:17 +0000
ROA not before: Tue 07 Nov 2023 14:13:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:aa:21:67:8e:bc:26:8a:64:3f:6a:20:8f:66:21:70:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 7 14:13:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ddb3a9d8bcde328685acc798de3ccb98361a42c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ca:3d:ec:06:7f:c8:3c:45:ba:0b:96:93:7d:
cc:1e:c6:a4:6e:32:cb:a4:a3:90:15:69:fa:77:2d:
4f:fc:db:85:17:b8:b3:3e:74:de:56:c5:b7:6f:d0:
12:8c:3f:cd:21:b9:5e:6c:23:9f:53:0b:ba:02:6e:
93:ae:fb:0c:75:12:74:1b:91:7d:a5:1d:19:56:f5:
f6:71:01:57:96:8b:1c:f8:85:cd:b8:81:42:7d:1c:
8a:07:c3:9b:3e:a7:51:de:ae:bb:17:93:11:e2:f8:
11:df:b1:63:82:ba:29:83:0a:a0:70:27:74:a3:41:
21:fa:b2:9a:ce:92:de:2b:8a:13:ee:d1:87:b5:bb:
c2:43:9e:1f:42:c2:b6:4c:b5:9d:9f:32:87:81:d2:
4f:93:8c:9d:ca:b6:99:1f:fe:43:54:1d:0d:0c:18:
89:ed:64:98:54:14:d5:5a:e5:56:b7:4a:5d:eb:7f:
06:74:e3:5f:da:79:d4:88:ce:ee:c9:29:99:c6:fe:
b4:50:75:3b:02:10:18:e7:5b:68:ee:78:23:21:96:
bd:d4:7d:5a:8c:ec:33:c9:4e:73:d9:cf:55:81:0f:
4f:3a:77:d9:d6:0a:e6:6d:c6:36:4c:a6:a7:9c:eb:
4e:95:5d:30:8b:b6:e8:d7:c6:aa:33:a5:4c:e4:c1:
58:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:DB:3A:9D:8B:CD:E3:28:68:5A:CC:79:8D:E3:CC:B9:83:61:A4:2C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Lds6nYvN4yhoWsx5jePMuYNhpCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8c:38:ca:c4:20:4d:5f:c8:df:7e:78:99:79:74:cf:78:2a:ca:
cb:5b:7a:ce:d4:b3:1a:94:2c:38:66:9c:18:74:ce:68:84:1a:
a3:35:72:58:b2:c2:02:02:c9:3b:85:24:17:82:96:13:00:7e:
2c:f9:80:28:65:6a:d3:32:6d:46:4d:88:cd:23:3d:17:48:4d:
f7:84:cd:6e:46:fc:91:a8:b4:aa:1b:f4:e7:13:78:26:7b:50:
26:15:77:40:a0:19:a4:ee:c3:38:17:26:bf:9b:a7:4e:ec:6b:
31:43:19:c0:18:7b:5d:6e:32:71:7d:d1:62:f6:b5:5c:16:f7:
97:2c:03:1b:1c:8b:08:81:24:7f:3d:5e:e0:3f:27:88:6a:55:
66:14:91:07:78:47:93:e7:42:7a:6d:91:4d:0f:22:4f:db:49:
37:d9:59:59:d1:d9:e4:3a:37:02:6d:1f:97:ac:a2:38:ac:b4:
70:de:dc:a6:ed:24:10:2b:ed:9a:04:1d:e4:d5:67:4d:b6:c6:
77:0b:a4:ab:e0:ef:66:a6:29:30:0e:3c:c9:c7:c7:6d:a4:5a:
b7:62:62:8f:60:9c:08:69:34:6c:96:e8:b4:0e:12:7d:a1:90:
33:f4:4c:78:5c:d9:65:46:1a:e0:e1:31:4d:67:c2:82:11:c3:
11:a9:4c:8e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuqIWeOvCaKZD9qII9mIXB9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA3MTQxMzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGRiM2E5ZDhiY2RlMzI4Njg1YWNjNzk4ZGUzY2NiOTgzNjFhNDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8o97AZ/yDxFuguWk33MHsakbjLL
pKOQFWn6dy1P/NuFF7izPnTeVsW3b9ASjD/NIblebCOfUwu6Am6TrvsMdRJ0G5F9
pR0ZVvX2cQFXlosc+IXNuIFCfRyKB8ObPqdR3q67F5MR4vgR37FjgropgwqgcCd0
o0Eh+rKazpLeK4oT7tGHtbvCQ54fQsK2TLWdnzKHgdJPk4ydyraZH/5DVB0NDBiJ
7WSYVBTVWuVWt0pd638GdONf2nnUiM7uySmZxv60UHU7AhAY51to7ngjIZa91H1a
jOwzyU5z2c9VgQ9POnfZ1grmbcY2TKannOtOlV0wi7bo18aqM6VM5MFYkQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC3bOp2LzeMoaFrMeY3jzLmDYaQsMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvTGRzNm5Zdk40eWhvV3N4NWplUE11WU5ocEN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIw4ysQgTV/I3354mXl0
z3gqystbes7UsxqULDhmnBh0zmiEGqM1cliywgICyTuFJBeClhMAfiz5gChlatMy
bUZNiM0jPRdITfeEzW5G/JGotKob9OcTeCZ7UCYVd0CgGaTuwzgXJr+bp07sazFD
GcAYe11uMnF90WL2tVwW95csAxsciwiBJH89XuA/J4hqVWYUkQd4R5PnQnptkU0P
Ik/bSTfZWVnR2eQ6NwJtH5esojistHDe3KbtJBAr7ZoEHeTVZ022xncLpKvg72am
KTAOPMnHx22kWrdiYo9gnAhpNGyW6LQOEn2hkDP0THhc2WVGGuDhMU1nwoIRwxGp
TI4=
-----END CERTIFICATE-----
Generated at Sun Apr 20 21:54:42 2025 by rpki-client