Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/SD7NEgt1Lbad2SJr9_ZWuhe1Jxw.roa
File: SD7NEgt1Lbad2SJr9_ZWuhe1Jxw.roa (raw, json)
Hash identifier: hghEJUtQ8ToISWYqhViSqTSRh1jMTNFDvCfJ5CpuHwg=
Subject key identifier: 48:3E:CD:12:0B:75:2D:B6:9D:D9:22:6B:F7:F6:56:BA:17:B5:27:1C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B94E7B927B5221A4762396197B63901DD
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/SD7NEgt1Lbad2SJr9_ZWuhe1Jxw.roa
Signing time: Fri 03 Nov 2023 11:18:16 +0000
ROA not before: Fri 03 Nov 2023 11:18:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:94:e7:b9:27:b5:22:1a:47:62:39:61:97:b6:39:01:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 3 11:18:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=483ecd120b752db69dd9226bf7f656ba17b5271c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:36:f8:ef:2d:84:db:cc:55:dc:81:0d:05:a2:
00:df:37:b3:71:61:34:6a:c9:90:50:9e:98:dd:b8:
ca:e1:ca:dc:b6:6b:a1:f8:c9:2a:ea:36:0f:99:4d:
6a:60:d9:2c:a2:8d:00:84:cc:eb:fb:a8:39:d1:4d:
9c:00:2c:6d:bb:82:c0:b3:90:ff:2d:90:d3:49:70:
46:fb:29:7c:d2:50:61:5c:cf:ec:38:70:e6:8f:b2:
b1:ad:49:1b:52:70:70:ff:24:a2:7d:47:4d:e6:9a:
fe:43:18:6f:03:ae:43:b7:fe:e0:5c:99:fa:8e:50:
16:61:f4:5e:0e:c0:b0:e0:71:3e:a2:5c:82:41:b9:
be:ab:07:c7:b9:8f:38:1d:7f:5c:f4:ba:73:0e:b1:
62:c2:97:fe:d8:11:81:1a:5d:d9:10:4d:c3:61:d2:
fe:e5:c6:5e:27:3a:00:dd:df:3a:e8:0d:cb:3b:a4:
58:40:01:d2:51:99:94:97:14:ee:f4:a0:9b:bc:c2:
11:b9:d9:e4:10:99:8d:6d:86:61:ab:e8:25:8b:8c:
0e:1f:84:61:44:a6:e4:16:ee:ba:51:2a:99:bf:80:
08:dc:7a:7f:41:31:d4:e8:f0:bb:d4:ed:34:5e:ae:
4b:54:db:18:c6:10:6b:ef:e6:e4:cb:bc:b7:2f:25:
45:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:3E:CD:12:0B:75:2D:B6:9D:D9:22:6B:F7:F6:56:BA:17:B5:27:1C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/SD7NEgt1Lbad2SJr9_ZWuhe1Jxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
61:2b:06:c5:4e:68:88:1e:4a:a9:35:49:c1:1c:a3:ce:a9:e0:
bd:6c:02:a8:f3:f3:c6:d3:6b:5f:50:68:8e:f7:c7:15:2f:ab:
ae:13:85:30:eb:2d:cd:a6:80:41:36:ee:f1:e0:a5:01:35:fe:
57:53:9d:d0:d2:9f:b2:05:13:76:e4:b4:6d:d8:a5:65:86:6a:
9b:82:c3:08:51:b1:f5:b2:b2:78:e8:31:eb:8b:b4:e0:f3:05:
fe:c2:19:4f:b4:58:cf:1f:6a:71:06:80:fe:fc:99:b4:94:a6:
34:25:a4:dc:6a:12:bb:34:bd:f2:b4:c2:93:56:6f:23:44:c5:
6e:22:cf:e6:2a:87:5b:da:44:d1:28:2e:aa:a4:96:65:a9:17:
cd:02:8c:68:ca:cf:88:df:65:3b:1e:c1:cb:6e:26:36:7b:00:
de:18:dd:49:c8:c5:56:ab:76:5d:a8:db:0a:e3:56:65:6e:1e:
85:92:b8:64:79:42:70:4c:22:8e:ec:c4:42:0f:f8:00:a0:e9:
36:fd:93:a7:f8:bf:f3:fd:a9:9b:20:0f:3f:d1:50:a6:45:b6:
29:be:99:48:27:e9:93:68:3a:a0:0b:c6:18:34:c4:18:88:e9:
11:5e:e1:00:e3:14:fd:87:e0:09:a0:25:f3:63:d8:58:4c:dd:
e0:ac:52:3c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuU57kntSIaR2I5YZe2OQHdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTAzMTExODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODNlY2QxMjBiNzUyZGI2OWRkOTIyNmJmN2Y2NTZiYTE3YjUyNzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDb47y2E28xV3IENBaIA3zezcWE0
asmQUJ6Y3bjK4crctmuh+Mkq6jYPmU1qYNksoo0AhMzr+6g50U2cACxtu4LAs5D/
LZDTSXBG+yl80lBhXM/sOHDmj7KxrUkbUnBw/ySifUdN5pr+QxhvA65Dt/7gXJn6
jlAWYfReDsCw4HE+olyCQbm+qwfHuY84HX9c9LpzDrFiwpf+2BGBGl3ZEE3DYdL+
5cZeJzoA3d866A3LO6RYQAHSUZmUlxTu9KCbvMIRudnkEJmNbYZhq+gli4wOH4Rh
RKbkFu66USqZv4AI3Hp/QTHU6PC71O00Xq5LVNsYxhBr7+bky7y3LyVFsQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEg+zRILdS22ndkia/f2VroXtSccMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvU0Q3TkVndDFMYmFkMlNKcjlfWld1aGUxSnh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGErBsVOaIgeSqk1ScEc
o86p4L1sAqjz88bTa19QaI73xxUvq64ThTDrLc2mgEE27vHgpQE1/ldTndDSn7IF
E3bktG3YpWWGapuCwwhRsfWysnjoMeuLtODzBf7CGU+0WM8fanEGgP78mbSUpjQl
pNxqErs0vfK0wpNWbyNExW4iz+Yqh1vaRNEoLqqklmWpF80CjGjKz4jfZTsewctu
JjZ7AN4Y3UnIxVardl2o2wrjVmVuHoWSuGR5QnBMIo7sxEIP+ACg6Tb9k6f4v/P9
qZsgDz/RUKZFtim+mUgn6ZNoOqALxhg0xBiI6RFe4QDjFP2H4AmgJfNj2FhM3eCs
Ujw=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:05:10 2025 by rpki-client