Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/S-u4GHZiXSpWt3do_kbKHV6Nnwc.roa
File: S-u4GHZiXSpWt3do_kbKHV6Nnwc.roa (raw, json)
Hash identifier: h8mBUpXZnNhzseqa5ujbEopKY0W5dKIgZliyDjYBnrI=
Subject key identifier: 4B:EB:B8:18:76:62:5D:2A:56:B7:77:68:FE:46:CA:1D:5E:8D:9F:07
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BC334C6733511C57458A7BC9E42635E36
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/S-u4GHZiXSpWt3do_kbKHV6Nnwc.roa
Signing time: Sun 12 Nov 2023 11:04:57 +0000
ROA not before: Sun 12 Nov 2023 11:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64:ffff:0:18b:c334:3977/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c3:34:c6:73:35:11:c5:74:58:a7:bc:9e:42:63:5e:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 12 11:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4bebb81876625d2a56b77768fe46ca1d5e8d9f07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:15:dd:ef:93:4e:96:c9:d0:9d:b9:b2:b8:bd:
15:96:ca:d1:4d:e1:02:46:f4:68:ce:f5:3e:f5:87:
80:60:a7:a1:37:23:33:2b:1e:0b:19:6a:79:eb:65:
0e:3d:f2:38:0d:02:dd:47:e5:83:8c:6e:51:70:57:
47:c2:eb:ed:e0:bb:6e:4c:b7:c3:8d:b3:3d:ee:6e:
b1:8a:f3:e7:59:7b:92:b8:b3:7a:75:65:0f:15:96:
48:b4:ee:0e:7f:53:2f:c7:4e:8a:49:77:15:a9:60:
7b:55:4c:cc:a7:b6:cf:c3:fe:6f:48:03:a0:51:bd:
7a:69:94:9b:1b:f2:8f:34:ff:e7:71:ad:a3:67:71:
34:03:f4:8a:cb:64:aa:28:0e:e7:98:d0:2c:2e:36:
6c:f8:a5:67:c2:b1:d8:1b:2b:12:90:d2:c6:1c:42:
3b:52:13:98:48:50:ae:53:03:8e:63:94:bf:ad:9f:
fb:74:c8:53:1d:c3:f4:2f:a0:72:b9:6c:9c:54:92:
e2:99:06:0e:6e:55:39:19:62:47:04:e4:ee:56:62:
1e:e7:8a:e5:ef:e7:77:e0:6e:3c:d7:ec:7a:e3:2f:
5b:9b:0f:56:d1:13:ca:ef:1b:78:25:48:51:2e:55:
92:7e:f3:e9:b7:3a:b5:3a:d6:29:1c:23:4d:c0:f6:
27:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:EB:B8:18:76:62:5D:2A:56:B7:77:68:FE:46:CA:1D:5E:8D:9F:07
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/S-u4GHZiXSpWt3do_kbKHV6Nnwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
99:64:e0:5c:ac:73:ba:97:cb:40:83:86:1d:d4:94:f1:5a:0a:
21:84:73:8a:66:02:2b:03:64:a5:5a:6d:6b:63:f8:70:6b:f9:
45:51:a5:24:a8:7f:08:39:2c:f8:b6:42:85:f3:a8:60:62:bc:
51:9e:58:56:0c:6b:fa:b6:9f:79:e4:26:94:8d:6d:95:49:af:
8b:e5:7f:2f:9a:65:b1:6c:d3:aa:84:63:4f:07:0c:8f:e8:ac:
68:e7:a4:5e:00:be:06:5d:4a:2a:5f:43:22:9a:49:0d:f6:ad:
52:76:b6:27:4d:19:87:0d:6b:56:f4:58:91:e7:78:88:d2:92:
69:ce:98:03:ef:c1:dd:41:cc:b2:38:6f:9f:31:ab:26:4f:5f:
51:bd:25:07:a6:de:5d:de:25:69:fd:8e:54:03:c3:36:95:fa:
cb:cb:c3:fa:46:16:ea:83:97:e8:60:0f:ff:92:44:06:e3:82:
33:60:55:17:d7:9c:17:f3:85:64:21:c5:49:b0:0c:4b:02:5e:
f4:9f:7c:45:2e:fb:6f:22:9a:5d:ba:ed:3e:a2:e8:a4:d3:13:
23:67:e6:65:36:0a:06:21:89:44:bc:3b:30:b1:2d:e7:4b:02:
24:0e:23:02:2f:97:b1:c2:74:15:77:29:a7:90:4b:a7:d0:c0:
9e:9e:e5:9e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvDNMZzNRHFdFinvJ5CY142MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTEyMTEwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmViYjgxODc2NjI1ZDJhNTZiNzc3NjhmZTQ2Y2ExZDVlOGQ5ZjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxXd75NOlsnQnbmyuL0VlsrRTeEC
RvRozvU+9YeAYKehNyMzKx4LGWp562UOPfI4DQLdR+WDjG5RcFdHwuvt4LtuTLfD
jbM97m6xivPnWXuSuLN6dWUPFZZItO4Of1Mvx06KSXcVqWB7VUzMp7bPw/5vSAOg
Ub16aZSbG/KPNP/nca2jZ3E0A/SKy2SqKA7nmNAsLjZs+KVnwrHYGysSkNLGHEI7
UhOYSFCuUwOOY5S/rZ/7dMhTHcP0L6ByuWycVJLimQYOblU5GWJHBOTuVmIe54rl
7+d34G481+x64y9bmw9W0RPK7xt4JUhRLlWSfvPptzq1OtYpHCNNwPYn/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEvruBh2Yl0qVrd3aP5Gyh1ejZ8HMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUy11NEdIWmlYU3BXdDNkb19rYktIVjZObndjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJlk4Fysc7qXy0CDhh3U
lPFaCiGEc4pmAisDZKVabWtj+HBr+UVRpSSofwg5LPi2QoXzqGBivFGeWFYMa/q2
n3nkJpSNbZVJr4vlfy+aZbFs06qEY08HDI/orGjnpF4AvgZdSipfQyKaSQ32rVJ2
tidNGYcNa1b0WJHneIjSkmnOmAPvwd1BzLI4b58xqyZPX1G9JQem3l3eJWn9jlQD
wzaV+svLw/pGFuqDl+hgD/+SRAbjgjNgVRfXnBfzhWQhxUmwDEsCXvSffEUu+28i
ml267T6i6KTTEyNn5mU2CgYhiUS8OzCxLedLAiQOIwIvl7HCdBV3KaeQS6fQwJ6e
5Z4=
-----END CERTIFICATE-----
Generated at Sun Apr 20 20:03:28 2025 by rpki-client