Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PkEsfKOX6P9bN6VXPdgsF23rOj0.roa
File: PkEsfKOX6P9bN6VXPdgsF23rOj0.roa (raw, json)
Hash identifier: 1kqkB7rgWLvZ9OR5VPBSQi2njE1hPUkAaj53wRS1vt4=
Subject key identifier: 3E:41:2C:7C:A3:97:E8:FF:5B:37:A5:57:3D:D8:2C:17:6D:EB:3A:3D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B9F329BBD62D2FCC9778EB85FD47BBEE9
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PkEsfKOX6P9bN6VXPdgsF23rOj0.roa
Signing time: Sun 05 Nov 2023 11:16:15 +0000
ROA not before: Sun 05 Nov 2023 11:16:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:9f:32:9b:bd:62:d2:fc:c9:77:8e:b8:5f:d4:7b:be:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 5 11:16:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e412c7ca397e8ff5b37a5573dd82c176deb3a3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ec:32:0d:52:46:98:db:b5:10:3e:f3:48:98:
bc:68:6d:b2:24:35:bd:d2:fe:2e:af:86:1b:1e:c9:
0e:07:a6:f6:85:ac:ea:68:98:62:ae:8a:20:69:03:
2d:c6:cf:0a:d4:e9:31:6a:29:3f:fa:84:65:a1:9c:
3e:7a:0e:4d:d0:20:d3:32:34:f7:08:36:2d:05:65:
73:e4:36:f7:22:3b:ad:0e:59:6f:41:e5:b9:9d:00:
9c:a3:b4:2c:e2:fb:15:25:4b:c6:67:d1:4e:51:fb:
33:15:4e:56:db:27:2f:c1:15:91:19:68:d4:14:a0:
c6:ec:66:60:bc:ce:4f:53:d9:15:e1:d7:d6:7b:36:
df:dd:d9:23:19:c3:db:df:fa:9e:92:95:6f:ce:66:
e8:0e:13:ad:1e:00:be:49:88:f6:e8:f8:a3:10:ea:
c4:47:83:64:a9:53:f4:94:69:33:31:d0:bb:f2:2f:
98:74:ad:c9:61:14:f2:fc:28:de:23:fb:a4:50:63:
6f:7a:fe:8f:90:63:e0:64:d5:a6:c8:2e:b2:18:b5:
9b:f4:cf:7b:08:3c:49:0f:16:ee:55:52:34:9c:5f:
f9:ed:b5:bb:ff:fa:5d:99:35:95:dc:cd:96:cb:a1:
e9:a3:f9:03:73:05:96:b5:61:67:3b:d8:b0:ec:5e:
b6:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:41:2C:7C:A3:97:E8:FF:5B:37:A5:57:3D:D8:2C:17:6D:EB:3A:3D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PkEsfKOX6P9bN6VXPdgsF23rOj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0c:a7:cf:86:88:64:97:f5:e0:f8:29:50:1f:4d:11:0d:f9:37:
0b:91:1c:9d:25:cc:86:74:21:d4:ed:89:fe:8d:76:7d:ce:fa:
b8:99:36:f6:90:21:4f:59:db:12:9e:f0:bd:ac:db:50:ed:11:
48:8a:a7:b3:f5:29:5a:6d:7a:08:5f:de:73:c9:53:3a:e3:9e:
85:d5:b9:06:cd:8a:28:12:55:f3:9e:73:42:1e:23:35:65:ae:
f2:ef:4d:31:7d:50:1f:94:99:5c:35:bf:fa:24:1c:48:f6:d9:
f8:6d:de:6e:04:3e:d6:50:a5:63:c7:dc:b8:2e:44:92:69:9a:
a3:6a:55:ee:fc:be:64:e2:b3:94:ec:f2:34:ff:11:59:c8:2d:
7b:06:58:e7:f3:24:ef:15:50:5d:ea:c0:11:67:8f:99:28:63:
96:f9:c0:6c:9c:5c:c2:7b:1e:db:5b:fa:b4:b5:97:80:78:35:
31:57:a1:3b:24:c4:4e:e5:4d:7c:dd:ad:63:8a:07:a2:cf:9f:
41:7c:25:06:e0:01:3e:59:92:1f:5b:b9:77:b8:1e:54:d2:0a:
88:99:73:5e:bd:ee:83:19:3c:ba:c8:77:fd:79:78:67:2c:79:
ba:6a:dd:cf:6e:3b:cc:3d:95:7e:dd:d1:0a:a4:41:61:43:02:
c2:18:25:ba
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYufMpu9YtL8yXeOuF/Ue77pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA1MTExNjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTQxMmM3Y2EzOTdlOGZmNWIzN2E1NTczZGQ4MmMxNzZkZWIzYTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+wyDVJGmNu1ED7zSJi8aG2yJDW9
0v4ur4YbHskOB6b2hazqaJhiroogaQMtxs8K1Okxaik/+oRloZw+eg5N0CDTMjT3
CDYtBWVz5Db3IjutDllvQeW5nQCco7Qs4vsVJUvGZ9FOUfszFU5W2ycvwRWRGWjU
FKDG7GZgvM5PU9kV4dfWezbf3dkjGcPb3/qekpVvzmboDhOtHgC+SYj26PijEOrE
R4NkqVP0lGkzMdC78i+YdK3JYRTy/CjeI/ukUGNvev6PkGPgZNWmyC6yGLWb9M97
CDxJDxbuVVI0nF/57bW7//pdmTWV3M2Wy6Hpo/kDcwWWtWFnO9iw7F62CwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD5BLHyjl+j/WzelVz3YLBdt6zo9MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUGtFc2ZLT1g2UDliTjZWWFBkZ3NGMjNyT2owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAynz4aIZJf14PgpUB9N
EQ35NwuRHJ0lzIZ0IdTtif6Ndn3O+riZNvaQIU9Z2xKe8L2s21DtEUiKp7P1KVpt
eghf3nPJUzrjnoXVuQbNiigSVfOec0IeIzVlrvLvTTF9UB+UmVw1v/okHEj22fht
3m4EPtZQpWPH3LguRJJpmqNqVe78vmTis5Ts8jT/EVnILXsGWOfzJO8VUF3qwBFn
j5koY5b5wGycXMJ7Httb+rS1l4B4NTFXoTskxE7lTXzdrWOKB6LPn0F8JQbgAT5Z
kh9buXe4HlTSCoiZc1697oMZPLrId/15eGcsebpq3c9uO8w9lX7d0QqkQWFDAsIY
Jbo=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:55:23 2025 by rpki-client