Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Pozi20jbsmq8rId6fXn8EomMmFk.roa
File: Pozi20jbsmq8rId6fXn8EomMmFk.roa (raw, json)
Hash identifier: Jtuk5AtjeFAR4Ta+NksEWST33p1Vk4AZlPSwHD6LGYM=
Subject key identifier: 3E:8C:E2:DB:48:DB:B2:6A:BC:AC:87:7A:7D:79:FC:12:89:8C:98:59
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B837FDA3ECCCB599E3D2AD6331D4077E6
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Pozi20jbsmq8rId6fXn8EomMmFk.roa
Signing time: Tue 31 Oct 2023 02:11:16 +0000
ROA not before: Tue 31 Oct 2023 02:11:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:83:7f:da:3e:cc:cb:59:9e:3d:2a:d6:33:1d:40:77:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 31 02:11:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e8ce2db48dbb26abcac877a7d79fc12898c9859
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e4:e4:0b:47:c0:71:79:b6:66:4d:a4:a1:f2:
e2:d7:e3:76:aa:3b:d7:e8:ec:5d:b2:1d:18:1f:7d:
e7:42:d7:89:75:a0:55:dd:3c:62:97:5e:10:f6:19:
a5:08:83:f5:5e:9d:2c:29:3b:e6:19:36:c8:94:7b:
6a:2a:3f:02:8a:44:9a:4b:7a:08:61:08:4b:cf:26:
07:f3:15:aa:a2:a1:69:5e:75:d5:6b:fa:05:4d:df:
d2:0d:38:ae:23:ab:f6:9b:e4:c1:ef:c5:10:c0:b1:
c5:9c:e7:5c:bd:8b:55:b4:da:3f:cd:3d:3f:4d:7e:
52:42:0c:f8:d7:73:79:aa:58:91:a5:cc:fb:ee:a8:
a4:78:5a:f7:83:60:16:ea:da:c5:53:16:6e:7e:22:
9c:01:e1:c7:31:ba:27:4a:31:3c:09:a0:c9:3e:45:
89:bb:f2:15:7e:c0:c5:50:2f:1f:16:8b:c6:6c:bb:
ac:cf:fc:df:93:de:fc:c3:31:bd:86:5f:3d:4b:d9:
58:54:0a:3e:49:85:2c:73:e4:2e:3e:f8:eb:78:19:
0d:a0:d9:dd:3e:40:b0:b6:8f:70:76:71:47:10:14:
2f:72:e9:98:06:07:0b:54:46:14:61:18:09:2c:2f:
89:48:9a:cd:bb:60:76:08:17:ce:9a:6c:36:37:57:
2d:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:8C:E2:DB:48:DB:B2:6A:BC:AC:87:7A:7D:79:FC:12:89:8C:98:59
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Pozi20jbsmq8rId6fXn8EomMmFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b4:0a:09:b6:08:dc:70:b6:b0:db:d0:da:ed:de:19:61:bc:9e:
86:e6:b2:81:a2:12:6f:2d:f4:86:34:9a:d5:5d:23:ac:42:4d:
69:07:be:97:33:35:55:bc:76:ad:f2:54:dc:10:7f:7f:22:c0:
0a:cc:1d:4f:fc:76:85:d2:55:9d:9a:81:71:6e:bf:c3:02:f4:
de:8d:99:6d:05:35:87:e0:c7:08:da:39:7d:7e:40:62:60:71:
6d:db:17:c9:b4:e8:c3:a3:72:22:00:ad:df:05:c3:dd:9f:a9:
6e:60:52:15:47:fe:1a:c4:b3:4e:a2:a1:31:25:49:3a:33:d4:
7d:5b:64:cc:5e:42:9f:5a:da:27:fc:e2:14:05:a5:8d:79:f2:
fb:fa:d9:65:13:e3:9a:78:f1:ea:de:2e:fe:3c:23:f2:d1:f3:
44:a5:60:65:8d:0f:fd:9f:67:48:93:34:ee:e3:85:9a:f4:ca:
12:44:5c:a6:f2:55:d9:95:d2:b6:47:84:d1:86:34:b5:fc:b6:
aa:a2:07:0a:97:90:2c:be:70:8f:f5:ae:fe:3e:6c:e7:0e:1b:
17:26:02:48:4d:dc:1c:6f:74:52:7e:ba:40:46:57:b3:ef:8e:
43:07:d1:89:71:80:c5:8e:72:92:df:44:7c:91:f0:8b:7f:05:
31:ae:1b:84
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuDf9o+zMtZnj0q1jMdQHfmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDMxMDIxMTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZThjZTJkYjQ4ZGJiMjZhYmNhYzg3N2E3ZDc5ZmMxMjg5OGM5ODU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+TkC0fAcXm2Zk2kofLi1+N2qjvX
6Oxdsh0YH33nQteJdaBV3Txil14Q9hmlCIP1Xp0sKTvmGTbIlHtqKj8CikSaS3oI
YQhLzyYH8xWqoqFpXnXVa/oFTd/SDTiuI6v2m+TB78UQwLHFnOdcvYtVtNo/zT0/
TX5SQgz413N5qliRpcz77qikeFr3g2AW6trFUxZufiKcAeHHMbonSjE8CaDJPkWJ
u/IVfsDFUC8fFovGbLusz/zfk978wzG9hl89S9lYVAo+SYUsc+QuPvjreBkNoNnd
PkCwto9wdnFHEBQvcumYBgcLVEYUYRgJLC+JSJrNu2B2CBfOmmw2N1ctzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD6M4ttI27JqvKyHen15/BKJjJhZMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUG96aTIwamJzbXE4cklkNmZYbjhFb21NbUZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALQKCbYI3HC2sNvQ2u3e
GWG8nobmsoGiEm8t9IY0mtVdI6xCTWkHvpczNVW8dq3yVNwQf38iwArMHU/8doXS
VZ2agXFuv8MC9N6NmW0FNYfgxwjaOX1+QGJgcW3bF8m06MOjciIArd8Fw92fqW5g
UhVH/hrEs06ioTElSToz1H1bZMxeQp9a2if84hQFpY158vv62WUT45p48ereLv48
I/LR80SlYGWND/2fZ0iTNO7jhZr0yhJEXKbyVdmV0rZHhNGGNLX8tqqiBwqXkCy+
cI/1rv4+bOcOGxcmAkhN3BxvdFJ+ukBGV7PvjkMH0YlxgMWOcpLfRHyR8It/BTGu
G4Q=
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:55:18 2025 by rpki-client