Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/M19YpYHygKUA_3b6ANMAb7GhIjE.roa
File: M19YpYHygKUA_3b6ANMAb7GhIjE.roa (raw, json)
Hash identifier: hQQaMkif/RJIPTrvrfp1TtGDhic95VHgknDv6B8CyU4=
Subject key identifier: 33:5F:58:A5:81:F2:80:A5:00:FF:76:FA:00:D3:00:6F:B1:A1:22:31
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C1B70D14093E8CB5FBDD66D1968AC3081
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/M19YpYHygKUA_3b6ANMAb7GhIjE.roa
Signing time: Wed 29 Nov 2023 14:17:07 +0000
ROA not before: Wed 29 Nov 2023 14:17:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1b:70:d1:40:93:e8:cb:5f:bd:d6:6d:19:68:ac:30:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 29 14:17:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=335f58a581f280a500ff76fa00d3006fb1a12231
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:fa:be:e6:35:81:0d:77:0f:81:bf:e1:05:ae:
e8:76:49:8f:8e:87:54:ee:a1:54:75:7d:72:4a:72:
30:0b:88:4d:03:3b:63:be:68:b0:df:ca:93:93:03:
ef:5e:6f:01:61:38:74:e8:50:c3:de:39:79:c2:81:
68:90:36:d6:4b:d9:22:7e:88:35:a6:57:82:b5:43:
c9:66:b0:ae:a9:64:06:f0:4b:75:de:3d:32:10:16:
e1:35:57:3a:2b:5f:97:0b:ab:b1:a6:20:34:ee:cd:
ba:b3:55:fb:d5:a1:09:d6:ce:2d:0a:ad:dd:1f:e8:
80:20:ad:14:53:8e:c1:a2:b4:0b:2d:f6:02:1e:4a:
af:b9:ab:58:58:bd:e0:23:dd:8f:52:28:93:f3:8b:
61:dd:7f:45:19:45:72:59:e4:6a:1f:e0:36:1b:14:
11:61:3d:56:0f:d9:1f:4a:ef:08:93:aa:84:52:9a:
19:2b:c2:b4:22:ec:e9:2b:b9:b2:83:b3:28:e4:b7:
75:cd:45:32:81:9a:02:6b:fe:1a:d3:76:2f:a4:0d:
e1:ff:be:71:9b:13:5e:73:db:0f:78:0d:a7:f9:62:
d2:fd:83:30:24:cf:16:ed:10:22:54:84:a2:ec:7a:
fd:a9:e0:4b:54:e5:f7:89:bc:cf:62:74:19:9e:b9:
0b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:5F:58:A5:81:F2:80:A5:00:FF:76:FA:00:D3:00:6F:B1:A1:22:31
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/M19YpYHygKUA_3b6ANMAb7GhIjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
99:ad:65:63:6a:a7:f4:58:8e:9a:1d:95:6b:f3:8f:d4:08:76:
ed:11:44:65:61:f0:b8:6a:0a:e3:55:f6:75:ef:16:6b:28:0f:
04:df:1a:34:98:8f:42:c5:08:a2:c0:e7:c5:75:51:95:54:29:
b2:f7:2f:8d:1c:33:f6:80:f2:f8:06:8f:a6:14:86:e7:76:96:
c6:84:40:52:ed:af:6f:81:be:ad:13:16:43:ba:8e:08:d9:73:
22:27:1a:a5:a3:6e:dc:a1:6f:17:2e:89:27:39:fa:ed:04:83:
03:42:59:64:64:6d:67:b4:43:98:71:f2:41:7a:90:88:58:69:
7b:75:e4:83:0c:ce:81:6d:86:24:61:3a:65:19:b0:b9:b4:0c:
86:1e:54:66:a2:00:8a:b4:5e:3d:e5:fb:d2:7f:a0:58:06:91:
11:14:ad:1b:a8:0f:03:da:82:24:e6:e1:13:84:94:79:76:06:
ed:5e:c9:c2:bf:54:48:a1:0d:f8:cd:1a:63:68:1c:df:a6:8a:
62:60:0c:2b:93:d3:4d:51:70:05:fd:26:38:63:c4:c4:c8:db:
4d:c8:b2:ed:66:4a:f6:a6:1c:71:e5:6e:80:f3:f0:ae:b7:b4:
9d:f7:07:40:81:26:e3:9b:7d:01:89:84:2b:c2:a6:33:fa:79:
5a:b1:c2:cb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwbcNFAk+jLX73WbRlorDCBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI5MTQxNzA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzVmNThhNTgxZjI4MGE1MDBmZjc2ZmEwMGQzMDA2ZmIxYTEyMjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPq+5jWBDXcPgb/hBa7odkmPjodU
7qFUdX1ySnIwC4hNAztjvmiw38qTkwPvXm8BYTh06FDD3jl5woFokDbWS9kifog1
pleCtUPJZrCuqWQG8Et13j0yEBbhNVc6K1+XC6uxpiA07s26s1X71aEJ1s4tCq3d
H+iAIK0UU47BorQLLfYCHkqvuatYWL3gI92PUiiT84th3X9FGUVyWeRqH+A2GxQR
YT1WD9kfSu8Ik6qEUpoZK8K0IuzpK7myg7Mo5Ld1zUUygZoCa/4a03YvpA3h/75x
mxNec9sPeA2n+WLS/YMwJM8W7RAiVISi7Hr9qeBLVOX3ibzPYnQZnrkLfwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDNfWKWB8oClAP92+gDTAG+xoSIxMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvTTE5WXBZSHlnS1VBXzNiNkFOTUFiN0doSWpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJmtZWNqp/RYjpodlWvz
j9QIdu0RRGVh8LhqCuNV9nXvFmsoDwTfGjSYj0LFCKLA58V1UZVUKbL3L40cM/aA
8vgGj6YUhud2lsaEQFLtr2+Bvq0TFkO6jgjZcyInGqWjbtyhbxcuiSc5+u0EgwNC
WWRkbWe0Q5hx8kF6kIhYaXt15IMMzoFthiRhOmUZsLm0DIYeVGaiAIq0Xj3l+9J/
oFgGkREUrRuoDwPagiTm4ROElHl2Bu1eycK/VEihDfjNGmNoHN+mimJgDCuT001R
cAX9JjhjxMTI203Isu1mSvamHHHlboDz8K63tJ33B0CBJuObfQGJhCvCpjP6eVqx
wss=
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:10:06 2025 by rpki-client