Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PkUyTYcEv5B-HACUn0YtPPIgVzc.roa
File: PkUyTYcEv5B-HACUn0YtPPIgVzc.roa (raw, json)
Hash identifier: /uX5+DD/1objsKJfwC2Lx1P0pSR54EDyiY/3D3lDVAI=
Subject key identifier: 3E:45:32:4D:87:04:BF:90:7E:1C:00:94:9F:46:2D:3C:F2:20:57:37
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B4F8CE6A96F1BA89F3253FE2FC801A030
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PkUyTYcEv5B-HACUn0YtPPIgVzc.roa
Signing time: Sat 21 Oct 2023 00:05:15 +0000
ROA not before: Sat 21 Oct 2023 00:05:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:4f8c:d2d6/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4f:8c:e6:a9:6f:1b:a8:9f:32:53:fe:2f:c8:01:a0:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 21 00:05:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e45324d8704bf907e1c00949f462d3cf2205737
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e9:18:e8:23:9f:e9:8d:51:c3:3b:4e:0a:6f:
06:91:4e:64:17:d2:25:e5:af:03:bc:fb:51:38:d7:
0f:72:89:24:b9:c6:c9:2e:46:46:d6:77:fb:6e:34:
d0:ad:f1:54:43:96:2d:fd:7a:44:09:e4:a1:02:3e:
5d:b7:1c:2e:72:63:9c:8b:27:dc:43:e1:6a:ab:4e:
64:dc:bf:00:04:a1:a9:75:2f:9c:b0:3b:59:0c:95:
00:26:3f:39:c8:91:87:43:97:73:f0:f9:0f:f4:9b:
8c:75:96:bc:02:3a:04:78:fb:2f:13:28:8a:10:c6:
8c:a8:83:1a:36:08:b7:03:1e:4f:3b:69:81:d1:6a:
84:43:ad:f4:95:32:ed:b1:34:df:4c:12:b5:3a:6d:
69:58:f6:85:32:25:0c:bb:f4:18:07:63:91:da:6f:
6b:79:9f:eb:b6:88:c0:55:4b:15:2c:de:9b:d6:97:
b2:9c:02:a3:aa:0f:7b:dc:b1:9a:fd:b5:d5:0c:c1:
e7:e0:b7:8a:cd:b6:7e:bf:4b:a1:91:03:4f:c3:ce:
65:6c:4c:b7:b7:f6:2a:8e:f0:09:f3:af:0e:91:0e:
58:80:e8:78:55:ed:22:0f:d5:ff:d8:4f:68:bf:17:
9f:48:81:56:4b:2b:28:73:91:0b:74:4e:f5:e7:81:
75:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:45:32:4D:87:04:BF:90:7E:1C:00:94:9F:46:2D:3C:F2:20:57:37
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PkUyTYcEv5B-HACUn0YtPPIgVzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a2:80:11:4d:2c:21:a9:57:5c:bf:63:75:36:0e:52:b4:7c:2b:
01:43:94:26:09:72:65:75:76:c5:03:24:aa:92:22:d3:c7:24:
3e:aa:45:ae:75:4e:8e:f3:a7:bd:ad:c0:80:6f:00:fa:aa:6b:
4d:43:91:d1:9b:55:3a:0b:35:b7:0d:79:a3:51:41:7d:43:c1:
e5:a3:b7:d4:da:a4:0c:a9:17:89:64:c8:1d:40:7d:49:eb:29:
f3:23:64:43:8f:93:7a:71:e5:50:f6:16:83:db:e9:c9:99:b8:
a8:03:57:d9:f3:6a:c2:df:7e:f3:11:db:ab:61:2d:37:37:d9:
ae:11:46:c7:75:c6:08:61:e4:6b:30:34:3e:0a:60:49:77:af:
b1:4a:be:02:99:ee:af:20:30:e6:76:32:b4:8a:49:84:e7:ce:
8e:84:cf:e6:1e:a0:b2:dd:15:2d:2f:44:09:81:8a:89:96:b6:
d4:c0:57:a2:da:83:cb:9f:b2:12:1d:18:74:18:bd:0b:40:e3:
fa:d3:71:fe:90:51:ff:10:9b:83:2a:77:57:a2:a4:ea:e8:b5:
72:34:11:9b:22:16:55:14:33:14:0b:5f:e2:4d:82:3e:81:77:
89:a2:c7:60:d3:6f:57:b1:b3:27:c1:83:c9:45:96:d9:14:d5:
a8:ad:16:23
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtPjOapbxuonzJT/i/IAaAwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIxMDAwNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTQ1MzI0ZDg3MDRiZjkwN2UxYzAwOTQ5ZjQ2MmQzY2YyMjA1NzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoukY6COf6Y1RwztOCm8GkU5kF9Il
5a8DvPtRONcPcokkucbJLkZG1nf7bjTQrfFUQ5Yt/XpECeShAj5dtxwucmOciyfc
Q+Fqq05k3L8ABKGpdS+csDtZDJUAJj85yJGHQ5dz8PkP9JuMdZa8AjoEePsvEyiK
EMaMqIMaNgi3Ax5PO2mB0WqEQ630lTLtsTTfTBK1Om1pWPaFMiUMu/QYB2OR2m9r
eZ/rtojAVUsVLN6b1peynAKjqg973LGa/bXVDMHn4LeKzbZ+v0uhkQNPw85lbEy3
t/YqjvAJ868OkQ5YgOh4Ve0iD9X/2E9ovxefSIFWSysoc5ELdE7154F1wwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD5FMk2HBL+QfhwAlJ9GLTzyIFc3MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUGtVeVRZY0V2NUItSEFDVW4wWXRQUElnVnpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKKAEU0sIalXXL9jdTYO
UrR8KwFDlCYJcmV1dsUDJKqSItPHJD6qRa51To7zp72twIBvAPqqa01DkdGbVToL
NbcNeaNRQX1DweWjt9TapAypF4lkyB1AfUnrKfMjZEOPk3px5VD2FoPb6cmZuKgD
V9nzasLffvMR26thLTc32a4RRsd1xghh5GswND4KYEl3r7FKvgKZ7q8gMOZ2MrSK
SYTnzo6Ez+YeoLLdFS0vRAmBiomWttTAV6Lag8ufshIdGHQYvQtA4/rTcf6QUf8Q
m4Mqd1eipOrotXI0EZsiFlUUMxQLX+JNgj6Bd4mix2DTb1exsyfBg8lFltkU1ait
FiM=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:22:54 2025 by rpki-client