Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Pcq42MmWLuqIzgiSfiTUXov5N3Q.roa
File: Pcq42MmWLuqIzgiSfiTUXov5N3Q.roa (raw, json)
Hash identifier: 5ftRdz1x3HXrctkbmqhbuLf0qWhwo1FnXhvwxiw54pE=
Subject key identifier: 3D:CA:B8:D8:C9:96:2E:EA:88:CE:08:92:7E:24:D4:5E:8B:F9:37:74
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BB737010BBAAA2077886B733E43F8D52E
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Pcq42MmWLuqIzgiSfiTUXov5N3Q.roa
Signing time: Fri 10 Nov 2023 03:11:57 +0000
ROA not before: Fri 10 Nov 2023 03:11:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b7:37:01:0b:ba:aa:20:77:88:6b:73:3e:43:f8:d5:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 10 03:11:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3dcab8d8c9962eea88ce08927e24d45e8bf93774
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:6a:07:13:fd:2b:0a:1e:7c:cb:f5:dd:80:4f:
3c:b6:b3:6e:c7:64:38:d1:70:02:a3:04:0d:e5:80:
94:81:eb:52:9d:f4:9d:6d:fc:b2:cc:29:b8:ef:37:
f5:48:9a:9a:42:8d:f2:c8:c7:34:0a:c9:3b:2e:38:
7e:30:b5:ad:f3:06:0d:66:f6:82:36:e9:36:5b:0c:
6f:84:ef:56:8b:cb:3b:f8:22:1e:6f:63:1d:27:58:
09:5e:8e:28:c1:19:a2:a3:b7:a1:f9:eb:4a:f1:db:
3a:fe:a3:0d:7a:f1:45:e0:87:16:95:72:7d:ff:db:
ce:60:a6:1a:5e:02:81:77:fb:5c:2d:a5:6e:14:af:
ef:76:0d:bd:eb:ed:0e:91:a2:55:19:59:fd:4b:99:
b6:13:9c:f8:36:e9:0b:f5:35:36:5d:0b:81:76:fd:
91:4d:ed:a6:98:c0:8b:cf:99:da:0c:a8:5f:6b:b7:
4e:e9:35:f9:2e:5d:9a:7a:e9:fc:52:81:a9:4d:ba:
7d:08:4b:aa:02:6b:20:81:23:cd:79:17:f3:7b:04:
e9:16:49:c2:0e:5f:fd:a3:1c:57:eb:a9:29:23:0b:
cb:ed:22:bb:18:d9:c4:14:cd:ff:e9:d2:f5:9b:7a:
a1:4d:d1:d7:64:35:57:3b:48:bc:54:d9:c7:18:25:
23:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:CA:B8:D8:C9:96:2E:EA:88:CE:08:92:7E:24:D4:5E:8B:F9:37:74
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Pcq42MmWLuqIzgiSfiTUXov5N3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
73:92:57:99:f2:63:3d:af:28:8f:52:40:6a:0d:e5:84:a1:30:
d2:01:fd:4a:12:73:dc:f9:8f:37:62:1c:64:20:22:42:46:a8:
cb:69:66:f1:95:6e:27:35:f0:ab:42:74:4d:57:de:ad:a7:30:
a7:ce:e5:9a:8c:6c:9d:90:77:c5:02:40:bd:3d:6e:a7:6d:c7:
4b:c8:a4:95:e8:2e:bc:77:09:11:10:8e:cb:2e:2a:50:2a:39:
7a:9f:53:ed:6c:fc:5a:ef:d8:91:e0:1b:4f:98:c5:2d:23:bd:
00:8d:81:a5:17:1b:d4:5e:ce:a3:1d:e1:c9:aa:de:8c:a6:cd:
1c:b7:77:48:c6:60:4c:9c:7b:c0:5c:b3:1f:76:63:11:a6:4e:
de:11:77:0f:be:34:aa:ca:46:36:8f:13:c2:f4:7d:45:7d:a5:
3e:ec:12:30:51:f2:c3:fe:a9:51:b2:70:d8:d3:78:45:84:f0:
94:8d:93:fa:b3:cb:b7:2a:08:f2:ff:40:64:00:44:92:d7:e6:
c4:4c:3f:cc:9c:90:21:be:87:6f:de:6f:b8:a0:57:a3:b5:c5:
cd:81:a6:1f:80:2a:e8:06:05:9d:cc:bc:cd:ac:b8:5f:5b:3e:
f4:6b:14:df:4f:9a:95:09:a7:bc:25:8e:4f:a8:a3:c0:5b:c9:
42:08:86:21
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYu3NwELuqogd4hrcz5D+NUuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTEwMDMxMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGNhYjhkOGM5OTYyZWVhODhjZTA4OTI3ZTI0ZDQ1ZThiZjkzNzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGoHE/0rCh58y/XdgE88trNux2Q4
0XACowQN5YCUgetSnfSdbfyyzCm47zf1SJqaQo3yyMc0Csk7Ljh+MLWt8wYNZvaC
Nuk2WwxvhO9Wi8s7+CIeb2MdJ1gJXo4owRmio7eh+etK8ds6/qMNevFF4IcWlXJ9
/9vOYKYaXgKBd/tcLaVuFK/vdg296+0OkaJVGVn9S5m2E5z4NukL9TU2XQuBdv2R
Te2mmMCLz5naDKhfa7dO6TX5Ll2aeun8UoGpTbp9CEuqAmsggSPNeRfzewTpFknC
Dl/9oxxX66kpIwvL7SK7GNnEFM3/6dL1m3qhTdHXZDVXO0i8VNnHGCUjXQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD3KuNjJli7qiM4Ikn4k1F6L+Td0MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUGNxNDJNbVdMdXFJemdpU2ZpVFVYb3Y1TjNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHOSV5nyYz2vKI9SQGoN
5YShMNIB/UoSc9z5jzdiHGQgIkJGqMtpZvGVbic18KtCdE1X3q2nMKfO5ZqMbJ2Q
d8UCQL09bqdtx0vIpJXoLrx3CREQjssuKlAqOXqfU+1s/Frv2JHgG0+YxS0jvQCN
gaUXG9RezqMd4cmq3oymzRy3d0jGYEyce8Bcsx92YxGmTt4Rdw++NKrKRjaPE8L0
fUV9pT7sEjBR8sP+qVGycNjTeEWE8JSNk/qzy7cqCPL/QGQARJLX5sRMP8yckCG+
h2/eb7igV6O1xc2Bph+AKugGBZ3MvM2suF9bPvRrFN9PmpUJp7wljk+oo8BbyUII
hiE=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:25:31 2025 by rpki-client