Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PuqTCIehzerxzxPYd_Fz8FhAMr0.roa
File: PuqTCIehzerxzxPYd_Fz8FhAMr0.roa (raw, json)
Hash identifier: 0/6DEXN7xLJOsAjxU0miPcaAfTfISYxB819MYOIDB5g=
Subject key identifier: 3E:EA:93:08:87:A1:CD:EA:F1:CF:13:D8:77:F1:73:F0:58:40:32:BD
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AE44B1305C408084F600C328D6D36A4F7
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PuqTCIehzerxzxPYd_Fz8FhAMr0.roa
Signing time: Sat 30 Sep 2023 04:13:59 +0000
ROA not before: Sat 30 Sep 2023 04:13:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e4:4b:13:05:c4:08:08:4f:60:0c:32:8d:6d:36:a4:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 30 04:13:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3eea930887a1cdeaf1cf13d877f173f0584032bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:c9:f0:60:cc:dd:52:fe:91:3e:25:6c:57:91:
e0:82:c6:ea:2d:7b:ba:b6:fd:9c:39:9b:6e:c1:4d:
e3:86:54:b6:26:12:ee:56:fc:b7:f4:6b:c1:56:41:
dc:9b:a8:d8:5e:9d:26:cc:5e:91:3a:08:f0:7a:5e:
6b:ba:f0:eb:4d:bc:00:fb:27:eb:43:df:82:86:e3:
1d:5e:30:10:a0:d7:51:0a:36:c5:87:16:b3:e5:aa:
32:0d:ea:37:09:f2:14:6a:23:4b:00:48:0f:26:b3:
dc:8e:31:cb:8e:50:4e:af:56:fa:ca:59:80:9c:78:
1f:5e:74:23:f8:a4:34:cb:1e:93:b3:4e:18:9b:3b:
ed:66:0d:2e:e1:84:b1:4e:bc:fb:2d:3f:58:29:94:
b4:f8:e8:c3:a0:5a:db:82:dc:31:69:80:1a:49:4f:
6c:1f:55:ec:43:a7:ec:a8:85:4a:04:7b:b1:27:85:
85:dc:96:6a:29:c3:ba:fb:9e:2a:30:1c:8c:5d:03:
34:94:66:5e:28:a1:32:4b:ab:f8:c1:7f:93:50:c0:
7d:8e:0e:8a:f4:5f:4d:6f:3b:c5:2d:5d:01:8b:71:
b4:fe:09:4b:c2:b8:b9:11:4d:ac:e5:1b:53:7d:9f:
29:79:40:1d:22:2e:d6:9c:b3:62:24:a8:73:f2:a3:
40:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:EA:93:08:87:A1:CD:EA:F1:CF:13:D8:77:F1:73:F0:58:40:32:BD
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PuqTCIehzerxzxPYd_Fz8FhAMr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a1:3e:87:d8:5d:e7:35:3b:b2:1c:4e:f4:59:42:d2:23:4c:87:
e6:c1:0e:b4:63:5a:20:e6:47:a2:1d:57:fb:e6:00:ca:b7:2c:
68:4a:76:50:0c:c9:c6:8c:46:38:61:03:97:93:db:df:97:00:
ff:d0:ad:ed:cf:bc:35:4a:ae:69:e8:ad:67:0a:bb:a1:e0:d4:
18:a1:b0:e1:7e:f3:98:39:e4:40:ff:63:60:5f:8e:b9:9a:38:
af:d9:12:49:9e:a9:14:4c:42:ab:2a:80:99:87:92:52:74:22:
2b:09:19:69:0c:b0:f3:b1:18:ff:1b:eb:e4:01:77:52:07:b6:
df:ad:96:b7:84:3f:b3:e4:71:ed:f9:78:3f:bd:12:47:53:fa:
cb:1b:19:a6:18:57:a0:ab:cd:1f:e5:2b:f7:ca:0b:fd:96:24:
e7:d7:a0:4a:f3:94:b4:da:6b:b9:f9:df:23:95:83:c1:c3:28:
31:8e:b6:4e:14:f7:9d:91:73:24:dd:d1:f4:41:89:bb:aa:41:
77:25:1f:57:4f:bc:66:ae:8f:18:9d:79:8f:44:16:65:14:eb:
89:13:b1:9e:97:29:fd:3a:69:65:2e:37:a5:0e:69:81:30:14:
1e:27:f6:96:ed:cf:cb:82:58:b4:b9:3d:6f:47:08:0c:dd:f6:
7c:91:4e:ca
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrkSxMFxAgIT2AMMo1tNqT3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTMwMDQxMzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWVhOTMwODg3YTFjZGVhZjFjZjEzZDg3N2YxNzNmMDU4NDAzMmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAisnwYMzdUv6RPiVsV5HggsbqLXu6
tv2cOZtuwU3jhlS2JhLuVvy39GvBVkHcm6jYXp0mzF6ROgjwel5ruvDrTbwA+yfr
Q9+ChuMdXjAQoNdRCjbFhxaz5aoyDeo3CfIUaiNLAEgPJrPcjjHLjlBOr1b6ylmA
nHgfXnQj+KQ0yx6Ts04YmzvtZg0u4YSxTrz7LT9YKZS0+OjDoFrbgtwxaYAaSU9s
H1XsQ6fsqIVKBHuxJ4WF3JZqKcO6+54qMByMXQM0lGZeKKEyS6v4wX+TUMB9jg6K
9F9NbzvFLV0Bi3G0/glLwri5EU2s5RtTfZ8peUAdIi7WnLNiJKhz8qNAPwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD7qkwiHoc3q8c8T2Hfxc/BYQDK9MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUHVxVENJZWh6ZXJ4enhQWWRfRno4RmhBTXIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKE+h9hd5zU7shxO9FlC
0iNMh+bBDrRjWiDmR6IdV/vmAMq3LGhKdlAMycaMRjhhA5eT29+XAP/Qre3PvDVK
rmnorWcKu6Hg1BihsOF+85g55ED/Y2BfjrmaOK/ZEkmeqRRMQqsqgJmHklJ0IisJ
GWkMsPOxGP8b6+QBd1IHtt+tlreEP7Pkce35eD+9EkdT+ssbGaYYV6CrzR/lK/fK
C/2WJOfXoErzlLTaa7n53yOVg8HDKDGOtk4U952RcyTd0fRBibuqQXclH1dPvGau
jxideY9EFmUU64kTsZ6XKf06aWUuN6UOaYEwFB4n9pbtz8uCWLS5PW9HCAzd9nyR
Tso=
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:24:47 2025 by rpki-client