Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Ll_tKQc21m3NIU_xlKGXu7L44Ig.roa
File: Ll_tKQc21m3NIU_xlKGXu7L44Ig.roa (raw, json)
Hash identifier: hSIInvw1cfWKyPUZ+wKoWtX8wHUbmIIEJOKIZIqzz1E=
Subject key identifier: 2E:5F:ED:29:07:36:D6:6D:CD:21:4F:F1:94:A1:97:BB:B2:F8:E0:88
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C006749674B728C08B17CB0B10E3EB948
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Ll_tKQc21m3NIU_xlKGXu7L44Ig.roa
Signing time: Fri 24 Nov 2023 08:16:58 +0000
ROA not before: Fri 24 Nov 2023 08:16:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:00:67:49:67:4b:72:8c:08:b1:7c:b0:b1:0e:3e:b9:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 24 08:16:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e5fed290736d66dcd214ff194a197bbb2f8e088
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:0b:98:17:3d:72:0f:1e:5d:28:73:74:ba:0a:
49:38:19:35:ed:cb:4f:ad:eb:58:f7:63:65:df:fd:
fe:81:d0:ad:09:56:d3:0e:84:1b:cc:d8:c0:50:20:
b5:95:07:42:42:7f:34:f7:f8:c0:c9:45:c3:ad:e3:
30:dd:d7:c0:fc:b4:c4:35:91:f2:b7:b7:ed:d7:76:
2d:36:cb:87:9e:91:1a:32:07:6f:1b:8e:29:db:77:
54:b8:09:ad:fd:11:eb:0a:3e:23:ef:a8:fe:e4:1d:
72:19:dc:bc:7b:1f:7c:cc:56:5b:6c:99:b2:f8:98:
b5:ac:23:ad:75:60:37:a9:84:fe:b6:36:98:4d:d7:
d9:4d:1c:00:32:db:bf:b9:c4:be:af:e8:57:90:6e:
79:1b:42:67:ab:b8:9e:fc:bf:9c:a4:27:ed:40:af:
9c:d7:b0:f6:4a:0c:aa:51:76:dd:52:41:4d:eb:9d:
50:34:8a:2d:4c:5b:69:f5:f4:cd:ce:f9:05:b0:39:
c4:98:f7:b4:38:89:aa:42:c2:18:93:d7:1c:e1:5e:
df:7b:05:b1:a8:a0:aa:8c:aa:5c:ec:ca:5d:e4:6d:
06:25:c8:12:1e:a0:a1:a0:ef:cf:2a:0b:cc:d8:72:
d1:a1:48:cf:60:6d:7e:b3:e4:80:0c:e0:d6:7a:e2:
13:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:5F:ED:29:07:36:D6:6D:CD:21:4F:F1:94:A1:97:BB:B2:F8:E0:88
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Ll_tKQc21m3NIU_xlKGXu7L44Ig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c3:53:3e:67:bc:24:20:fa:9f:b4:2c:c5:74:72:92:7b:98:07:
f2:bc:3b:d9:f3:cb:c8:63:16:3a:2a:d0:60:ed:5a:a4:8e:6c:
51:a0:9e:27:5e:a9:11:df:a2:7f:da:7b:9e:bf:3b:41:61:d3:
40:1b:19:f4:1f:87:60:c6:82:a1:51:de:06:fc:0d:4b:0a:7f:
ea:dc:b1:e5:1d:e6:eb:ed:67:eb:30:fe:71:3c:04:17:a2:f7:
bc:85:73:ac:f9:df:80:83:42:fb:16:11:4e:5d:0a:67:06:22:
40:ae:9c:02:b4:11:dc:56:e5:7c:55:df:75:74:4c:70:61:9f:
76:52:77:dc:66:04:54:2f:87:95:9b:25:3d:1e:d9:b0:22:83:
b5:b3:4c:05:7e:f5:d0:b6:77:80:22:74:0f:13:36:be:cd:f1:
39:de:fd:6c:31:f7:28:54:9d:4b:95:82:8e:37:05:7a:13:c0:
a0:37:bf:e5:62:bf:10:2a:d5:67:7c:f7:15:dc:49:22:ae:ac:
47:aa:2a:98:41:5a:7a:8d:1a:30:7c:cc:48:30:b6:9b:c2:2b:
c7:e1:62:f9:d6:2f:fc:41:0b:ec:c6:36:6a:1e:fa:c7:f9:9b:
21:9d:0b:50:dd:48:60:aa:18:3f:2c:2d:54:ba:c0:2f:8c:78:
e9:35:65:ff
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwAZ0lnS3KMCLF8sLEOPrlIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI0MDgxNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTVmZWQyOTA3MzZkNjZkY2QyMTRmZjE5NGExOTdiYmIyZjhlMDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwuYFz1yDx5dKHN0ugpJOBk17ctP
retY92Nl3/3+gdCtCVbTDoQbzNjAUCC1lQdCQn809/jAyUXDreMw3dfA/LTENZHy
t7ft13YtNsuHnpEaMgdvG44p23dUuAmt/RHrCj4j76j+5B1yGdy8ex98zFZbbJmy
+Ji1rCOtdWA3qYT+tjaYTdfZTRwAMtu/ucS+r+hXkG55G0Jnq7ie/L+cpCftQK+c
17D2SgyqUXbdUkFN651QNIotTFtp9fTNzvkFsDnEmPe0OImqQsIYk9cc4V7fewWx
qKCqjKpc7Mpd5G0GJcgSHqChoO/PKgvM2HLRoUjPYG1+s+SADODWeuITnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC5f7SkHNtZtzSFP8ZShl7uy+OCIMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvTGxfdEtRYzIxbTNOSVVfeGxLR1h1N0w0NElnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMNTPme8JCD6n7QsxXRy
knuYB/K8O9nzy8hjFjoq0GDtWqSObFGgnideqRHfon/ae56/O0Fh00AbGfQfh2DG
gqFR3gb8DUsKf+rcseUd5uvtZ+sw/nE8BBei97yFc6z534CDQvsWEU5dCmcGIkCu
nAK0EdxW5XxV33V0THBhn3ZSd9xmBFQvh5WbJT0e2bAig7WzTAV+9dC2d4AidA8T
Nr7N8Tne/Wwx9yhUnUuVgo43BXoTwKA3v+VivxAq1Wd89xXcSSKurEeqKphBWnqN
GjB8zEgwtpvCK8fhYvnWL/xBC+zGNmoe+sf5myGdC1DdSGCqGD8sLVS6wC+MeOk1
Zf8=
-----END CERTIFICATE-----
Generated at Sun Apr 20 19:35:46 2025 by rpki-client