Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PaACB8DYwGih8b72Xef_rmB_cPQ.roa
File: PaACB8DYwGih8b72Xef_rmB_cPQ.roa (raw, json)
Hash identifier: Zq10wbxrDC7ishJNyumkC3VCIgbFeB+eGuAgyeaF/qY=
Subject key identifier: 3D:A0:02:07:C0:D8:C0:68:A1:F1:BE:F6:5D:E7:FF:AE:60:7F:70:F4
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BB848C124C8DF3EBA5CA44E0F88A1D4B0
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PaACB8DYwGih8b72Xef_rmB_cPQ.roa
Signing time: Fri 10 Nov 2023 08:10:57 +0000
ROA not before: Fri 10 Nov 2023 08:10:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b8:48:c1:24:c8:df:3e:ba:5c:a4:4e:0f:88:a1:d4:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 10 08:10:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3da00207c0d8c068a1f1bef65de7ffae607f70f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:8b:75:ab:17:9a:a3:bb:0d:42:ae:8b:d8:13:
57:ed:fb:02:47:06:55:49:0c:54:56:b3:0c:bd:0c:
f0:1c:d1:e6:92:cf:a2:18:be:5d:ce:15:06:5e:91:
90:77:67:f9:9f:f4:bb:3f:48:ab:7d:00:64:df:b4:
7d:d8:bb:36:a1:c1:3a:94:f5:10:0a:e8:40:7b:9f:
d5:af:1e:9b:59:5f:ab:4a:48:c6:9d:cc:e6:ad:17:
d3:fe:3c:74:c5:5f:27:75:5e:2d:41:15:ba:99:5c:
df:20:eb:9f:7f:a8:1f:9d:a7:af:fd:32:77:cc:a3:
9a:ec:3a:bf:4e:60:11:54:b5:51:78:53:39:54:76:
fe:89:2b:4a:36:16:0a:4d:a5:0d:b4:f7:60:c4:10:
82:40:50:90:ce:ce:80:22:95:fe:8f:69:32:57:a5:
21:e2:24:17:0c:76:44:ef:72:dc:da:e1:ba:aa:39:
88:32:5b:48:bb:ba:ca:22:70:77:08:a0:bc:2a:68:
a1:6c:d8:b4:ed:6b:0c:6d:a1:4a:d6:43:60:9c:3a:
63:41:8c:3e:8e:a0:af:68:82:f4:e0:e4:4a:9e:64:
ac:30:8b:8c:13:a4:f9:6b:43:4c:ed:a7:fd:5a:dd:
a6:80:74:3e:b2:f5:bf:f7:34:f9:07:63:a9:e2:6d:
27:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:A0:02:07:C0:D8:C0:68:A1:F1:BE:F6:5D:E7:FF:AE:60:7F:70:F4
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PaACB8DYwGih8b72Xef_rmB_cPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
bf:e9:d2:2d:c1:45:7c:49:84:b3:44:93:7b:b7:56:dc:30:d6:
19:27:7d:7a:a0:c5:26:16:ad:c0:92:48:bd:e9:41:5f:80:08:
dd:2d:2f:17:4b:4b:88:ed:b3:bc:22:34:54:43:b9:76:75:5c:
14:e8:70:6f:6f:9b:81:7d:72:65:a0:a5:45:e3:2d:8d:3f:ba:
ba:c4:96:ec:39:d2:18:14:d2:7c:14:ff:da:c2:d1:56:09:3d:
a2:a5:b2:13:f1:3f:09:47:76:3a:73:83:a7:65:66:4f:4e:dc:
61:28:77:0b:ab:2c:4b:aa:b0:c8:f4:94:20:c4:fc:ed:d8:c5:
9f:99:d6:4c:b4:e3:f0:26:48:98:3b:e7:36:4a:ba:d9:ee:00:
3e:5b:5a:7b:07:1b:3b:be:3f:cb:c7:2f:91:84:90:4d:1c:15:
e5:df:35:19:20:93:a4:6a:e6:56:34:fa:f7:86:f0:ff:d6:f6:
3f:5f:34:45:37:0b:a9:68:eb:59:b6:48:9b:0c:d2:52:bc:38:
59:2a:9c:49:f9:25:bd:a1:54:7e:50:14:de:5a:8c:4f:d1:a7:
8d:2a:a5:97:8b:17:65:a8:9a:ac:ab:19:26:db:03:95:1e:6b:
c8:9b:68:5e:03:d1:27:c7:54:35:1d:49:81:63:b1:76:0f:38:
1e:93:a2:0d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYu4SMEkyN8+ulykTg+IodSwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTEwMDgxMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGEwMDIwN2MwZDhjMDY4YTFmMWJlZjY1ZGU3ZmZhZTYwN2Y3MGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYt1qxeao7sNQq6L2BNX7fsCRwZV
SQxUVrMMvQzwHNHmks+iGL5dzhUGXpGQd2f5n/S7P0irfQBk37R92Ls2ocE6lPUQ
CuhAe5/Vrx6bWV+rSkjGnczmrRfT/jx0xV8ndV4tQRW6mVzfIOuff6gfnaev/TJ3
zKOa7Dq/TmARVLVReFM5VHb+iStKNhYKTaUNtPdgxBCCQFCQzs6AIpX+j2kyV6Uh
4iQXDHZE73Lc2uG6qjmIMltIu7rKInB3CKC8KmihbNi07WsMbaFK1kNgnDpjQYw+
jqCvaIL04ORKnmSsMIuME6T5a0NM7af9Wt2mgHQ+svW/9zT5B2Op4m0n2wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD2gAgfA2MBoofG+9l3n/65gf3D0MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUGFBQ0I4RFl3R2loOGI3MlhlZl9ybUJfY1BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAL/p0i3BRXxJhLNEk3u3
Vtww1hknfXqgxSYWrcCSSL3pQV+ACN0tLxdLS4jts7wiNFRDuXZ1XBTocG9vm4F9
cmWgpUXjLY0/urrEluw50hgU0nwU/9rC0VYJPaKlshPxPwlHdjpzg6dlZk9O3GEo
dwurLEuqsMj0lCDE/O3YxZ+Z1ky04/AmSJg75zZKutnuAD5bWnsHGzu+P8vHL5GE
kE0cFeXfNRkgk6Rq5lY0+veG8P/W9j9fNEU3C6lo61m2SJsM0lK8OFkqnEn5Jb2h
VH5QFN5ajE/Rp40qpZeLF2WomqyrGSbbA5Uea8ibaF4D0SfHVDUdSYFjsXYPOB6T
og0=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:11:58 2025 by rpki-client