Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PeKm8KfmkhY3BeBZCOaXCpm1BD8.roa
File: PeKm8KfmkhY3BeBZCOaXCpm1BD8.roa (raw, json)
Hash identifier: PtT0C0zSjX/lc/obkpqiNf2HfBzEytNydRjXi06pSxo=
Subject key identifier: 3D:E2:A6:F0:A7:E6:92:16:37:05:E0:59:08:E6:97:0A:99:B5:04:3F
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B0584FE91A61C695FD87D2E366EE5100A
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PeKm8KfmkhY3BeBZCOaXCpm1BD8.roa
Signing time: Fri 06 Oct 2023 15:04:43 +0000
ROA not before: Fri 06 Oct 2023 15:04:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:584:76ab/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:05:84:fe:91:a6:1c:69:5f:d8:7d:2e:36:6e:e5:10:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 6 15:04:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3de2a6f0a7e692163705e05908e6970a99b5043f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:52:d1:ee:55:05:85:b9:b8:bb:44:5f:19:29:
8e:74:9d:df:42:33:c4:20:02:46:91:52:f9:14:5c:
a0:54:fa:f7:cb:0a:dd:39:66:50:ff:ee:09:df:9c:
bd:a1:86:95:f5:ef:74:14:9e:3e:42:2e:f1:d0:69:
f3:78:a8:d9:39:cb:60:c2:14:a4:fa:fb:14:e6:00:
d6:57:ab:03:8d:9a:11:28:1f:96:f5:5b:56:48:cc:
8a:6d:91:c5:89:ce:df:0a:9d:ea:4a:91:e2:2f:d5:
fb:22:1f:3c:7d:1b:36:21:f2:3b:06:bb:3c:26:82:
af:47:7a:ca:53:21:c4:fd:f9:f3:8f:42:ce:d2:dc:
57:db:49:9e:a5:c5:73:67:53:30:26:1c:56:0c:48:
dd:89:fe:ec:a9:37:3b:20:a8:ab:5c:4b:ef:c8:21:
b4:1a:c1:d4:36:41:8f:da:f6:65:ea:71:41:d5:c9:
1a:ef:6a:5b:65:9e:d9:d7:e8:01:f0:fe:0e:da:d5:
c0:b3:63:e1:8b:98:5b:d3:71:14:9a:54:a6:53:86:
b6:3f:5a:7c:a2:7c:1a:47:ba:ce:90:80:12:91:d0:
be:55:30:56:5d:e7:e1:3c:56:71:cf:74:e3:32:cb:
75:44:32:df:47:93:fe:a7:84:f5:d8:f2:38:9e:27:
b7:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:E2:A6:F0:A7:E6:92:16:37:05:E0:59:08:E6:97:0A:99:B5:04:3F
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PeKm8KfmkhY3BeBZCOaXCpm1BD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ab:95:9e:d6:49:c2:76:c5:0f:f0:36:87:02:92:51:c5:16:ab:
ab:6b:94:72:db:73:d5:8f:0e:23:eb:70:f2:7b:2d:77:46:f4:
82:3b:05:39:6a:40:fc:0a:0d:60:d6:a8:db:08:de:46:05:13:
6a:8b:84:49:20:d4:ac:29:10:86:98:e4:23:f1:89:d0:95:00:
74:f9:51:cd:a1:fd:8c:25:cd:a8:be:d7:be:6a:0f:99:9b:17:
7e:98:11:a9:1b:66:49:5b:9c:ba:37:c4:1c:ea:76:94:27:25:
00:4d:1b:5d:21:f8:f4:2d:dc:b7:d0:f5:ef:44:1d:ab:d0:e0:
4c:9d:41:1a:3b:d0:8b:cb:07:a4:30:bf:b2:e0:98:34:4d:35:
85:b4:4a:80:8a:a4:7c:29:63:4c:9d:66:45:fc:a8:04:df:a4:
8d:64:33:51:8d:10:d5:d3:88:51:91:64:ae:d9:1f:5a:17:92:
2c:41:b6:85:21:0b:d9:02:2e:0a:41:91:64:df:b3:8a:18:5b:
3d:a3:1c:99:bd:a2:60:8e:1b:16:93:22:52:37:e2:2c:29:98:
f4:f9:99:79:56:45:bb:ce:64:36:d7:18:4c:8d:47:e5:27:4c:
4b:4d:2a:dc:d4:d2:07:9a:7e:5f:5c:c9:c7:15:66:e0:8b:a4:
94:77:1c:8a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsFhP6RphxpX9h9LjZu5RAKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA2MTUwNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGUyYTZmMGE3ZTY5MjE2MzcwNWUwNTkwOGU2OTcwYTk5YjUwNDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA41LR7lUFhbm4u0RfGSmOdJ3fQjPE
IAJGkVL5FFygVPr3ywrdOWZQ/+4J35y9oYaV9e90FJ4+Qi7x0GnzeKjZOctgwhSk
+vsU5gDWV6sDjZoRKB+W9VtWSMyKbZHFic7fCp3qSpHiL9X7Ih88fRs2IfI7Brs8
JoKvR3rKUyHE/fnzj0LO0txX20mepcVzZ1MwJhxWDEjdif7sqTc7IKirXEvvyCG0
GsHUNkGP2vZl6nFB1cka72pbZZ7Z1+gB8P4O2tXAs2Phi5hb03EUmlSmU4a2P1p8
onwaR7rOkIASkdC+VTBWXefhPFZxz3TjMst1RDLfR5P+p4T12PI4nie3FwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD3ipvCn5pIWNwXgWQjmlwqZtQQ/MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUGVLbThLZm1raFkzQmVCWkNPYVhDcG0xQkQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKuVntZJwnbFD/A2hwKS
UcUWq6trlHLbc9WPDiPrcPJ7LXdG9II7BTlqQPwKDWDWqNsI3kYFE2qLhEkg1Kwp
EIaY5CPxidCVAHT5Uc2h/Ywlzai+175qD5mbF36YEakbZklbnLo3xBzqdpQnJQBN
G10h+PQt3LfQ9e9EHavQ4EydQRo70IvLB6Qwv7LgmDRNNYW0SoCKpHwpY0ydZkX8
qATfpI1kM1GNENXTiFGRZK7ZH1oXkixBtoUhC9kCLgpBkWTfs4oYWz2jHJm9omCO
GxaTIlI34iwpmPT5mXlWRbvOZDbXGEyNR+UnTEtNKtzU0geafl9cyccVZuCLpJR3
HIo=
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:36:16 2025 by rpki-client