Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Ls5YGkPVs35ITUVr-PmTF7Q0ZHs.roa
File: Ls5YGkPVs35ITUVr-PmTF7Q0ZHs.roa (raw, json)
Hash identifier: FGEWoagewhoUYmy9U06hkYUBehfx+xGCzqYjbs2vHVQ=
Subject key identifier: 2E:CE:58:1A:43:D5:B3:7E:48:4D:45:6B:F8:F9:93:17:B4:34:64:7B
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AAD3E36469E846C9A5BC056EA86DCA83F
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Ls5YGkPVs35ITUVr-PmTF7Q0ZHs.roa
Signing time: Tue 19 Sep 2023 11:40:50 +0000
ROA not before: Tue 19 Sep 2023 11:40:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ad:3e:36:46:9e:84:6c:9a:5b:c0:56:ea:86:dc:a8:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 19 11:40:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ece581a43d5b37e484d456bf8f99317b434647b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:95:91:45:f3:69:81:01:a5:6a:a6:c7:07:d6:
7c:65:fa:2c:f1:26:50:6b:03:1b:b6:81:27:88:22:
29:89:14:94:de:d4:b0:19:9b:6b:e6:8c:1a:ab:64:
27:5b:96:d0:7d:84:21:c4:03:0b:49:b6:8b:a8:18:
c8:11:f0:58:e5:91:8a:7b:57:34:b4:78:5e:0e:be:
d7:58:84:41:0d:a3:af:2d:db:05:4b:b6:ac:1e:6d:
de:98:c8:69:cb:77:dc:f5:59:16:00:59:61:e1:10:
46:a1:c8:bc:5c:aa:ed:81:c2:8f:9f:ae:13:5e:ee:
35:ac:6c:d1:55:45:ed:32:c6:42:cf:07:59:e1:0b:
47:bf:b5:52:0f:ab:5f:3c:98:18:f4:dd:4d:7f:65:
68:3e:0e:2a:cb:38:74:2b:18:e8:82:94:f4:0c:c0:
6b:1a:4f:a2:aa:62:0d:07:54:b4:c8:06:b8:42:3d:
68:55:2d:e1:b6:a9:74:9a:c6:46:7a:66:ce:2f:9b:
08:9a:86:c6:f6:76:f0:bd:a6:41:d1:ee:ee:e0:50:
2d:69:0e:b7:7b:bb:2e:c0:04:bc:5b:ba:58:b1:bb:
31:20:1e:3b:03:8a:19:8c:26:c4:1d:28:21:b2:72:
9d:b2:e8:7f:29:60:6f:0b:00:20:9d:f0:13:14:0e:
45:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:CE:58:1A:43:D5:B3:7E:48:4D:45:6B:F8:F9:93:17:B4:34:64:7B
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Ls5YGkPVs35ITUVr-PmTF7Q0ZHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
62:1c:be:b0:77:e6:67:0a:b9:37:bc:2f:1e:39:9b:32:31:ca:
da:c5:2d:a3:7e:cb:db:48:aa:c6:c9:54:c7:96:a0:b9:d8:f3:
21:77:94:59:58:05:60:48:b9:84:1a:3e:e1:6f:28:df:5e:85:
ea:5a:de:f5:0b:7b:6b:57:c4:4d:66:3b:2a:20:a2:e0:83:bf:
32:09:6c:07:1f:9e:1a:33:31:cc:1a:6f:e0:c8:f7:10:00:c2:
8d:b5:43:0f:09:99:04:60:36:26:d6:e4:6a:33:2e:1b:d9:ff:
4c:46:eb:2d:7b:17:69:d8:f2:82:eb:73:ff:13:1c:c3:aa:6d:
21:55:a9:39:e2:96:59:1c:37:8f:40:9d:5f:ac:bd:66:7d:5e:
14:95:e2:18:da:fb:5c:62:70:24:a5:4f:e7:b3:16:14:a6:28:
9e:1f:75:1c:e4:43:22:39:c8:b4:b3:37:7e:50:b1:95:c2:73:
6c:0d:bd:e5:8a:be:b1:4e:5b:e6:18:b0:ac:99:a3:01:29:8b:
2b:a7:58:97:89:8e:9b:1a:05:47:bf:c0:f8:93:fa:e3:7f:ec:
5e:99:33:ca:61:ce:98:7b:2b:ba:91:df:f8:68:9c:a3:ab:04:
88:6f:de:c2:af:02:51:41:ce:4e:c9:02:49:51:75:55:57:a1:
e6:5b:3a:d7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqtPjZGnoRsmlvAVuqG3Kg/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTE5MTE0MDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWNlNTgxYTQzZDViMzdlNDg0ZDQ1NmJmOGY5OTMxN2I0MzQ2NDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZWRRfNpgQGlaqbHB9Z8Zfos8SZQ
awMbtoEniCIpiRSU3tSwGZtr5owaq2QnW5bQfYQhxAMLSbaLqBjIEfBY5ZGKe1c0
tHheDr7XWIRBDaOvLdsFS7asHm3emMhpy3fc9VkWAFlh4RBGoci8XKrtgcKPn64T
Xu41rGzRVUXtMsZCzwdZ4QtHv7VSD6tfPJgY9N1Nf2VoPg4qyzh0KxjogpT0DMBr
Gk+iqmINB1S0yAa4Qj1oVS3htql0msZGembOL5sImobG9nbwvaZB0e7u4FAtaQ63
e7suwAS8W7pYsbsxIB47A4oZjCbEHSghsnKdsuh/KWBvCwAgnfATFA5FrQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC7OWBpD1bN+SE1Fa/j5kxe0NGR7MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvTHM1WUdrUFZzMzVJVFVWci1QbVRGN1EwWkhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGIcvrB35mcKuTe8Lx45
mzIxytrFLaN+y9tIqsbJVMeWoLnY8yF3lFlYBWBIuYQaPuFvKN9ehepa3vULe2tX
xE1mOyogouCDvzIJbAcfnhozMcwab+DI9xAAwo21Qw8JmQRgNibW5GozLhvZ/0xG
6y17F2nY8oLrc/8THMOqbSFVqTnillkcN49AnV+svWZ9XhSV4hja+1xicCSlT+ez
FhSmKJ4fdRzkQyI5yLSzN35QsZXCc2wNveWKvrFOW+YYsKyZowEpiyunWJeJjpsa
BUe/wPiT+uN/7F6ZM8phzph7K7qR3/honKOrBIhv3sKvAlFBzk7JAklRdVVXoeZb
Otc=
-----END CERTIFICATE-----
Generated at Tue May 6 00:00:10 2025 by rpki-client