Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Pr8yhxFacWclyAmp72JYyV99wA8.roa
File: Pr8yhxFacWclyAmp72JYyV99wA8.roa (raw, json)
Hash identifier: cSUnXQBKjhzgYLOfcW78aVVNhsP33J+5ZkL79RnsUeY=
Subject key identifier: 3E:BF:32:87:11:5A:71:67:25:C8:09:A9:EF:62:58:C9:5F:7D:C0:0F
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BC25E8B3010830E55B54ECD52CB69BA69
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Pr8yhxFacWclyAmp72JYyV99wA8.roa
Signing time: Sun 12 Nov 2023 07:10:57 +0000
ROA not before: Sun 12 Nov 2023 07:10:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c2:5e:8b:30:10:83:0e:55:b5:4e:cd:52:cb:69:ba:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 12 07:10:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ebf3287115a716725c809a9ef6258c95f7dc00f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:fb:87:71:03:38:b1:9a:65:66:e6:1b:42:6a:
19:bb:82:77:99:ea:0f:cc:ea:af:40:b5:65:2a:25:
5e:ec:d2:0a:fa:a1:44:c7:cd:6f:22:f8:4e:3a:ee:
fb:c2:2f:44:e8:20:2b:7c:7b:ea:9e:54:e8:ad:1d:
b8:30:7d:a5:dc:38:bc:76:f4:1d:a9:3f:75:2e:3a:
49:91:7d:94:c8:bb:19:96:1f:96:50:2d:d5:c1:63:
3e:18:c1:fe:2b:55:8a:4f:44:3e:5a:dd:3c:ed:8b:
6a:0e:7c:32:3d:b8:5e:f8:bc:92:71:51:05:aa:49:
ec:35:fd:8d:b0:4d:9f:8f:f8:39:47:3f:c8:79:4f:
c8:54:76:0b:22:dd:4d:5b:9b:ac:9c:7f:8c:9b:4f:
f0:56:51:0f:00:7c:da:57:43:9f:d8:6b:66:7c:bf:
7b:e9:12:ff:10:44:66:c6:b2:09:9e:b6:e1:fb:b5:
6f:f3:7a:8e:16:5f:83:dd:84:6f:94:d8:fb:ae:ef:
3c:cb:00:7c:55:fc:55:67:7f:8c:c0:28:61:e7:79:
e1:4e:40:3b:cf:d3:a3:06:73:61:43:3d:6d:fd:a7:
f5:ad:2c:71:ef:e7:be:1f:9e:e2:ee:4c:e0:79:e6:
56:20:14:0f:00:00:ee:f9:51:1d:0d:45:3f:c0:1d:
50:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:BF:32:87:11:5A:71:67:25:C8:09:A9:EF:62:58:C9:5F:7D:C0:0F
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Pr8yhxFacWclyAmp72JYyV99wA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
85:cc:ad:93:14:66:14:82:bb:dd:78:a6:b1:41:8c:64:1d:c8:
fb:30:d2:63:11:9d:1f:d1:a0:ea:5b:37:96:1b:b3:f0:c5:d5:
66:31:2d:85:06:8c:a8:77:c4:6c:51:96:78:91:ff:ae:ba:de:
0c:25:02:0d:91:75:b5:5f:1c:b6:66:46:64:0a:1b:39:ba:54:
fe:2b:b4:b3:17:e7:ee:5c:9a:80:9e:b0:85:91:50:7c:34:7a:
d3:83:21:06:e0:8b:65:0c:8a:2d:40:17:8d:8c:8a:1e:08:a5:
44:e5:77:a2:5d:d0:3e:b8:7a:a6:f9:c0:7b:47:06:45:2c:e8:
9f:5c:1f:f1:e9:ba:e8:c3:cf:24:ce:4c:0f:a7:37:62:92:55:
07:98:fc:12:a2:ff:e6:e0:9b:8d:d0:7a:dd:80:a8:e5:2d:1c:
fe:6e:51:80:ff:b5:82:2e:02:f0:e3:ed:53:58:85:60:bb:27:
21:24:08:63:7e:ec:8d:59:3b:30:f8:d9:9c:c7:68:b4:05:9e:
a4:a8:1a:f9:c5:88:0d:72:fc:02:d5:2f:ac:d6:4a:53:04:6a:
c4:f3:dc:ae:12:46:13:0b:93:27:17:96:b1:98:dd:37:52:99:
32:86:58:ac:83:80:47:96:de:b8:e0:7d:58:c0:61:37:ea:b0:
e6:99:26:d6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvCXoswEIMOVbVOzVLLabppMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTEyMDcxMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWJmMzI4NzExNWE3MTY3MjVjODA5YTllZjYyNThjOTVmN2RjMDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPuHcQM4sZplZuYbQmoZu4J3meoP
zOqvQLVlKiVe7NIK+qFEx81vIvhOOu77wi9E6CArfHvqnlTorR24MH2l3Di8dvQd
qT91LjpJkX2UyLsZlh+WUC3VwWM+GMH+K1WKT0Q+Wt087YtqDnwyPbhe+LyScVEF
qknsNf2NsE2fj/g5Rz/IeU/IVHYLIt1NW5usnH+Mm0/wVlEPAHzaV0Of2GtmfL97
6RL/EERmxrIJnrbh+7Vv83qOFl+D3YRvlNj7ru88ywB8VfxVZ3+MwChh53nhTkA7
z9OjBnNhQz1t/af1rSxx7+e+H57i7kzgeeZWIBQPAADu+VEdDUU/wB1QqwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD6/MocRWnFnJcgJqe9iWMlffcAPMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUHI4eWh4RmFjV2NseUFtcDcySll5Vjk5d0E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIXMrZMUZhSCu914prFB
jGQdyPsw0mMRnR/RoOpbN5Ybs/DF1WYxLYUGjKh3xGxRlniR/6663gwlAg2RdbVf
HLZmRmQKGzm6VP4rtLMX5+5cmoCesIWRUHw0etODIQbgi2UMii1AF42Mih4IpUTl
d6Jd0D64eqb5wHtHBkUs6J9cH/HpuujDzyTOTA+nN2KSVQeY/BKi/+bgm43Qet2A
qOUtHP5uUYD/tYIuAvDj7VNYhWC7JyEkCGN+7I1ZOzD42ZzHaLQFnqSoGvnFiA1y
/ALVL6zWSlMEasTz3K4SRhMLkycXlrGY3TdSmTKGWKyDgEeW3rjgfVjAYTfqsOaZ
JtY=
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:50:36 2025 by rpki-client