Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PtyfFWQCvbJQguwUww1sGFA549g.roa
File: PtyfFWQCvbJQguwUww1sGFA549g.roa (raw, json)
Hash identifier: bfOLH9x6PHVgqelWqoGRa3qRYHhyMda5cJ8TrUS1lp0=
Subject key identifier: 3E:DC:9F:15:64:02:BD:B2:50:82:EC:14:C3:0D:6C:18:50:39:E3:D8
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C5603D42BAB8F741091A67B3D2A1299F4
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PtyfFWQCvbJQguwUww1sGFA549g.roa
Signing time: Sun 10 Dec 2023 23:15:40 +0000
ROA not before: Sun 10 Dec 2023 23:15:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:56:03:d4:2b:ab:8f:74:10:91:a6:7b:3d:2a:12:99:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 10 23:15:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3edc9f156402bdb25082ec14c30d6c185039e3d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:3a:b2:7c:eb:d8:aa:b4:eb:2f:17:a6:2b:f2:
45:40:3c:c4:17:f9:6b:a8:35:a8:98:17:58:63:72:
65:06:a8:15:6b:1b:c4:52:a2:b3:d9:8d:1e:51:1b:
f7:5c:65:69:be:49:bf:02:7f:19:6f:17:70:32:b6:
86:30:ae:2b:08:43:8a:4d:7a:33:e1:f1:a8:78:37:
92:22:30:17:91:8c:b1:27:1a:38:2f:82:fc:a6:c4:
d7:b0:83:68:26:ef:c3:4f:3a:2b:45:db:82:ab:af:
a8:a4:4f:ba:8e:5f:25:6d:a0:6d:0a:e0:86:1f:9f:
cf:e7:a5:54:d9:4e:5c:32:ef:b6:34:b5:6b:4d:10:
47:c1:4f:40:b4:20:bb:36:92:de:03:a4:c7:dc:ef:
43:7d:51:46:cc:aa:9e:66:4b:6b:11:88:d8:e5:e6:
06:3b:7c:cf:d1:ab:87:6a:86:a6:8f:c0:b1:37:52:
5e:eb:07:47:ed:fa:06:74:1e:75:96:6c:ed:60:af:
1f:69:15:24:9f:f6:a3:2b:df:d4:86:0a:0b:62:8b:
c1:ac:31:7f:eb:ab:37:78:9d:30:cd:f7:01:ac:0b:
00:ac:f0:f1:7e:4c:05:65:b6:a9:1b:78:23:47:50:
c1:4d:b0:2d:94:7e:45:52:7c:2c:92:b0:74:3c:ce:
a3:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:DC:9F:15:64:02:BD:B2:50:82:EC:14:C3:0D:6C:18:50:39:E3:D8
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PtyfFWQCvbJQguwUww1sGFA549g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
15:c1:f1:b9:82:28:28:c9:bc:30:8a:38:e5:e8:bf:0e:ab:ee:
46:b2:9f:b2:72:2e:2b:ad:81:65:0e:23:ae:18:14:4b:97:8d:
cf:4c:26:72:7c:d4:e8:87:d6:13:1f:79:36:7d:73:01:cc:91:
67:a7:6a:03:50:b8:95:eb:c9:35:19:dd:d0:b6:90:47:91:cb:
75:13:41:19:17:3d:18:ab:5f:25:c8:ff:cb:df:24:d7:47:4b:
ee:a4:e0:70:77:7a:60:3a:ce:ee:ed:38:96:0a:52:bb:1c:5e:
23:ff:82:be:50:0a:13:81:41:6e:07:b1:5b:24:71:4b:6b:87:
94:e2:7e:fb:b0:a3:fa:9d:f1:82:e8:9a:e3:85:75:c4:e6:1a:
ba:cd:a3:f8:51:fb:e6:af:b9:61:c6:b4:fc:73:d8:79:56:cb:
49:21:28:35:38:9e:84:d1:ed:37:64:a9:9b:dc:96:a3:bf:53:
19:4b:6d:f5:ee:3e:12:dd:50:20:3d:01:eb:01:65:1b:22:01:
b3:4a:bd:f6:8f:e8:0f:98:b0:69:92:22:db:80:f9:63:d4:92:
53:e3:32:03:bf:0c:38:cf:1d:66:d8:02:b1:4e:37:f2:91:d9:
2d:36:99:d1:00:c5:a4:88:b3:9c:db:ee:45:f4:cc:6b:06:a7:
86:a3:a9:46
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxWA9Qrq490EJGmez0qEpn0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjEwMjMxNTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWRjOWYxNTY0MDJiZGIyNTA4MmVjMTRjMzBkNmMxODUwMzllM2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8DqyfOvYqrTrLxemK/JFQDzEF/lr
qDWomBdYY3JlBqgVaxvEUqKz2Y0eURv3XGVpvkm/An8ZbxdwMraGMK4rCEOKTXoz
4fGoeDeSIjAXkYyxJxo4L4L8psTXsINoJu/DTzorRduCq6+opE+6jl8lbaBtCuCG
H5/P56VU2U5cMu+2NLVrTRBHwU9AtCC7NpLeA6TH3O9DfVFGzKqeZktrEYjY5eYG
O3zP0auHaoamj8CxN1Je6wdH7foGdB51lmztYK8faRUkn/ajK9/UhgoLYovBrDF/
66s3eJ0wzfcBrAsArPDxfkwFZbapG3gjR1DBTbAtlH5FUnwskrB0PM6jpwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD7cnxVkAr2yUILsFMMNbBhQOePYMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUHR5ZkZXUUN2YkpRZ3V3VXd3MXNHRkE1NDlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABXB8bmCKCjJvDCKOOXo
vw6r7kayn7JyLiutgWUOI64YFEuXjc9MJnJ81OiH1hMfeTZ9cwHMkWenagNQuJXr
yTUZ3dC2kEeRy3UTQRkXPRirXyXI/8vfJNdHS+6k4HB3emA6zu7tOJYKUrscXiP/
gr5QChOBQW4HsVskcUtrh5Tifvuwo/qd8YLomuOFdcTmGrrNo/hR++avuWHGtPxz
2HlWy0khKDU4noTR7TdkqZvclqO/UxlLbfXuPhLdUCA9AesBZRsiAbNKvfaP6A+Y
sGmSItuA+WPUklPjMgO/DDjPHWbYArFON/KR2S02mdEAxaSIs5zb7kX0zGsGp4aj
qUY=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:03:54 2025 by rpki-client