Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PlL9s4cDYadOAWNYa6svKqNY0WM.roa
File: PlL9s4cDYadOAWNYa6svKqNY0WM.roa (raw, json)
Hash identifier: CMMQbuBzHI6D5PLfqOnKm/B7XTH7cG2t8IBxajFTH3o=
Subject key identifier: 3E:52:FD:B3:87:03:61:A7:4E:01:63:58:6B:AB:2F:2A:A3:58:D1:63
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B18DD4338187438AD4142C2DD9E7344AA
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PlL9s4cDYadOAWNYa6svKqNY0WM.roa
Signing time: Tue 10 Oct 2023 09:13:55 +0000
ROA not before: Tue 10 Oct 2023 09:13:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:18:dd:43:38:18:74:38:ad:41:42:c2:dd:9e:73:44:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 10 09:13:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e52fdb3870361a74e0163586bab2f2aa358d163
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:92:db:9e:89:30:19:4a:31:88:52:d1:d2:f7:
79:c8:12:4f:0d:4d:d4:49:e6:98:49:5d:f8:49:a0:
e1:12:2d:78:a8:0c:b5:43:89:28:85:0f:e1:eb:8b:
4d:d5:9b:94:be:33:b7:58:6a:f5:60:1d:c1:7d:32:
59:c1:2c:0d:d6:0e:08:61:9e:ec:d3:b0:8c:f0:55:
c8:f8:a6:f8:8f:de:4b:cf:20:54:bf:d1:a5:86:01:
0b:ed:7e:82:21:5c:13:c4:87:5c:fd:8d:f8:c9:49:
e8:85:34:2a:c9:c6:bb:a1:71:e1:0a:e6:92:03:3b:
68:dd:f5:a4:04:ed:62:23:72:7f:56:fb:c7:f5:37:
37:c3:e4:7c:4b:e3:0a:a5:a1:8d:2c:8f:e4:2e:b8:
85:5a:da:d9:d3:8b:da:b7:b2:eb:68:3f:15:b7:b6:
20:ee:47:a8:ed:8e:be:50:b1:dc:07:93:4b:c7:f3:
41:b1:e6:0d:2f:11:a2:52:3d:1b:08:a8:7b:50:25:
d1:d7:67:9d:cf:1c:ba:5d:04:2f:08:fc:92:09:9d:
9d:09:9f:f1:df:7a:a1:16:6d:b1:54:6d:70:aa:7d:
bc:d6:0f:12:ce:db:26:3b:8a:88:b7:fa:9c:bf:3a:
5e:a3:d1:8b:3d:ae:1a:82:40:7d:92:44:8d:e8:7a:
ec:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:52:FD:B3:87:03:61:A7:4E:01:63:58:6B:AB:2F:2A:A3:58:D1:63
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PlL9s4cDYadOAWNYa6svKqNY0WM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b5:68:95:64:29:9b:35:e6:9a:41:5f:ea:6f:4e:71:1c:33:f1:
0d:93:50:6d:75:54:66:d7:59:76:d2:37:27:75:3c:e1:b6:ce:
de:11:c0:f0:2a:e5:e2:67:05:8f:5c:f0:db:20:a0:9a:96:33:
77:b8:a9:4f:9b:ec:59:a3:0f:37:67:7a:66:13:49:47:90:4b:
67:f5:0b:8d:44:71:cf:55:20:b4:e2:86:10:3b:83:be:e0:69:
1f:64:63:66:db:81:43:23:7f:55:1a:cb:4c:1e:09:ad:b6:8a:
0c:b0:cc:e0:aa:25:81:f6:d3:f4:06:9f:c4:21:7f:d0:34:18:
1d:1c:6e:78:5b:a0:59:68:a6:7f:5a:a4:3c:1a:66:22:da:12:
c7:59:71:7c:41:f7:f8:f6:b1:18:c2:2e:d8:0d:8a:04:e9:87:
37:de:20:44:40:b4:63:e4:31:b3:28:00:0b:67:76:46:f9:b0:
84:84:39:81:3f:63:51:57:28:df:65:d6:d2:de:ee:4e:cb:98:
5b:8a:43:09:51:09:35:0f:e4:a3:86:bd:81:dd:92:0c:e2:98:
31:6b:a9:b8:f7:7a:09:83:d0:26:fe:28:33:20:f6:ef:13:de:
b9:f8:89:bc:bf:91:9f:3a:e0:a3:c5:d9:63:f8:bc:c7:99:73:
ad:4e:25:84
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsY3UM4GHQ4rUFCwt2ec0SqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDEwMDkxMzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTUyZmRiMzg3MDM2MWE3NGUwMTYzNTg2YmFiMmYyYWEzNThkMTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpLbnokwGUoxiFLR0vd5yBJPDU3U
SeaYSV34SaDhEi14qAy1Q4kohQ/h64tN1ZuUvjO3WGr1YB3BfTJZwSwN1g4IYZ7s
07CM8FXI+Kb4j95LzyBUv9GlhgEL7X6CIVwTxIdc/Y34yUnohTQqyca7oXHhCuaS
Azto3fWkBO1iI3J/VvvH9Tc3w+R8S+MKpaGNLI/kLriFWtrZ04vat7LraD8Vt7Yg
7keo7Y6+ULHcB5NLx/NBseYNLxGiUj0bCKh7UCXR12edzxy6XQQvCPySCZ2dCZ/x
33qhFm2xVG1wqn281g8SztsmO4qIt/qcvzpeo9GLPa4agkB9kkSN6Hrs2wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD5S/bOHA2GnTgFjWGurLyqjWNFjMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUGxMOXM0Y0RZYWRPQVdOWWE2c3ZLcU5ZMFdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALVolWQpmzXmmkFf6m9O
cRwz8Q2TUG11VGbXWXbSNyd1POG2zt4RwPAq5eJnBY9c8NsgoJqWM3e4qU+b7Fmj
DzdnemYTSUeQS2f1C41Ecc9VILTihhA7g77gaR9kY2bbgUMjf1Uay0weCa22igyw
zOCqJYH20/QGn8Qhf9A0GB0cbnhboFlopn9apDwaZiLaEsdZcXxB9/j2sRjCLtgN
igTphzfeIERAtGPkMbMoAAtndkb5sISEOYE/Y1FXKN9l1tLe7k7LmFuKQwlRCTUP
5KOGvYHdkgzimDFrqbj3egmD0Cb+KDMg9u8T3rn4iby/kZ864KPF2WP4vMeZc61O
JYQ=
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:04:04 2025 by rpki-client