Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/S5EzI5YCUFfp_4Sp-uYUSf1myx0.roa
File: S5EzI5YCUFfp_4Sp-uYUSf1myx0.roa (raw, json)
Hash identifier: 4BeLjl0ugIKPIlpEy0xuI0qGYWHH9v0bLNwQsA1Bw9Q=
Subject key identifier: 4B:91:33:23:96:02:50:57:E9:FF:84:A9:FA:E6:14:49:FD:66:CB:1D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C37BFEF6B42E526FFBCFE6663600CEF7B
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/S5EzI5YCUFfp_4Sp-uYUSf1myx0.roa
Signing time: Tue 05 Dec 2023 02:12:54 +0000
ROA not before: Tue 05 Dec 2023 02:12:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:37:bf:ef:6b:42:e5:26:ff:bc:fe:66:63:60:0c:ef:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 5 02:12:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b91332396025057e9ff84a9fae61449fd66cb1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:04:c8:4d:f1:2a:a2:65:11:4f:c0:d7:1b:07:
11:b2:ee:23:29:1b:15:97:47:96:3f:9d:8a:94:48:
53:23:25:b1:5a:68:35:09:03:a1:eb:bd:7b:5d:20:
31:bf:01:c1:ef:73:3b:ad:c3:ef:e5:a6:39:02:d4:
2f:7b:0c:b4:7d:ae:22:c8:da:88:33:cf:32:62:d3:
e6:40:0b:cd:31:d8:65:41:3f:2e:37:0d:af:1b:7f:
2d:09:24:3a:b4:67:81:36:d9:55:0e:c7:44:b9:99:
03:38:e8:f6:36:f1:03:77:a3:ad:47:7b:8d:86:8c:
4b:bd:01:84:e0:ed:04:9d:73:3f:e6:ce:a3:6c:4e:
c1:e6:ec:bd:79:c7:ab:03:7d:ff:45:f7:32:10:98:
f0:52:a2:1e:de:4f:47:4e:f0:f1:80:95:7b:37:01:
f9:9b:19:73:90:41:66:e0:17:77:fe:95:46:33:dd:
97:21:b9:5e:e5:ad:90:ce:05:a8:c8:03:44:96:34:
c6:2f:e4:32:c3:20:30:92:78:87:97:09:b8:64:41:
20:25:e1:f2:73:b7:69:62:cf:89:2f:f3:33:e2:01:
cd:f1:94:80:f4:78:cd:ec:e9:ee:0f:6c:1e:11:49:
57:e4:64:74:5c:a5:77:38:76:04:35:f8:33:77:b6:
db:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:91:33:23:96:02:50:57:E9:FF:84:A9:FA:E6:14:49:FD:66:CB:1D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/S5EzI5YCUFfp_4Sp-uYUSf1myx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
27:58:e3:07:93:c8:8f:38:ce:c7:bc:13:96:12:8e:f5:4e:81:
a6:3a:5e:39:bf:26:70:9d:f7:78:29:08:ff:09:b4:bf:14:ae:
ef:c2:01:dc:61:8e:93:dd:92:b5:f0:90:c5:ea:1b:b7:ac:3a:
d5:ee:76:dc:85:44:87:d9:74:79:ff:5f:ca:73:33:d5:51:e2:
13:4e:e4:32:95:4f:82:a7:87:c8:04:87:7e:fd:d3:dd:99:23:
a4:08:65:ea:3a:b0:01:15:60:d1:08:a1:c5:a5:91:7b:15:b8:
45:5f:eb:0d:e9:1a:dc:89:4c:b8:04:f8:eb:41:a6:8f:e3:30:
99:1a:df:55:62:c7:5e:74:84:d7:10:41:70:37:49:7b:4a:13:
79:4e:66:e0:f4:71:fe:04:48:14:eb:1b:15:43:ea:a3:28:e8:
db:6a:a7:a4:65:5c:fa:51:d7:8c:95:47:ee:99:2e:c2:a4:ad:
12:41:89:47:b5:6f:97:5b:3e:11:a4:e3:f6:ac:a4:d7:bb:6b:
af:a0:15:b0:4b:7e:48:e3:6b:92:6b:6a:5d:08:4d:24:ca:65:
2c:62:4c:a5:c0:af:af:60:f0:97:0d:a5:f9:91:4f:ab:7a:16:
24:2b:8b:d9:bb:4a:40:f1:0e:4a:b9:d7:8b:ec:9e:fa:b0:9e:
d8:f2:90:0c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYw3v+9rQuUm/7z+ZmNgDO97MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA1MDIxMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjkxMzMyMzk2MDI1MDU3ZTlmZjg0YTlmYWU2MTQ0OWZkNjZjYjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQTITfEqomURT8DXGwcRsu4jKRsV
l0eWP52KlEhTIyWxWmg1CQOh6717XSAxvwHB73M7rcPv5aY5AtQvewy0fa4iyNqI
M88yYtPmQAvNMdhlQT8uNw2vG38tCSQ6tGeBNtlVDsdEuZkDOOj2NvEDd6OtR3uN
hoxLvQGE4O0EnXM/5s6jbE7B5uy9ecerA33/RfcyEJjwUqIe3k9HTvDxgJV7NwH5
mxlzkEFm4Bd3/pVGM92XIble5a2QzgWoyANEljTGL+QywyAwkniHlwm4ZEEgJeHy
c7dpYs+JL/Mz4gHN8ZSA9HjN7OnuD2weEUlX5GR0XKV3OHYENfgzd7bbEwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEuRMyOWAlBX6f+EqfrmFEn9ZssdMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUzVFekk1WUNVRmZwXzRTcC11WVVTZjFteXgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACdY4weTyI84zse8E5YS
jvVOgaY6Xjm/JnCd93gpCP8JtL8Uru/CAdxhjpPdkrXwkMXqG7esOtXudtyFRIfZ
dHn/X8pzM9VR4hNO5DKVT4Knh8gEh379092ZI6QIZeo6sAEVYNEIocWlkXsVuEVf
6w3pGtyJTLgE+OtBpo/jMJka31Vix150hNcQQXA3SXtKE3lOZuD0cf4ESBTrGxVD
6qMo6Ntqp6RlXPpR14yVR+6ZLsKkrRJBiUe1b5dbPhGk4/aspNe7a6+gFbBLfkjj
a5Jral0ITSTKZSxiTKXAr69g8JcNpfmRT6t6FiQri9m7SkDxDkq514vsnvqwntjy
kAw=
-----END CERTIFICATE-----
Generated at Sun Apr 20 17:32:13 2025 by rpki-client