Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/SEMb4sqnLcDh_lHgXQQ1QXvalek.roa
File: SEMb4sqnLcDh_lHgXQQ1QXvalek.roa (raw, json)
Hash identifier: EXihkR7jkECH/I9wq5nEar4bwgBcbRGCWkKYZa/pjnw=
Subject key identifier: 48:43:1B:E2:CA:A7:2D:C0:E1:FE:51:E0:5D:04:35:41:7B:DA:95:E9
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BEDF3171562C54EE2528D60F88AEAF381
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/SEMb4sqnLcDh_lHgXQQ1QXvalek.roa
Signing time: Mon 20 Nov 2023 18:16:53 +0000
ROA not before: Mon 20 Nov 2023 18:16:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ed:f3:17:15:62:c5:4e:e2:52:8d:60:f8:8a:ea:f3:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 20 18:16:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48431be2caa72dc0e1fe51e05d0435417bda95e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:06:3c:32:5e:ec:08:b6:e8:54:18:6f:98:09:
ed:c7:f5:3b:34:2d:b3:58:f9:e6:ec:5f:8d:fd:87:
c5:c3:9d:14:1a:e3:9c:f1:26:5c:94:13:90:04:5f:
f9:8f:86:c3:6f:ca:7f:60:4d:1b:6c:a6:61:04:38:
35:54:31:2b:e3:a4:b9:f1:f7:3b:d4:5c:91:49:b0:
c1:74:cd:a1:af:25:95:80:18:aa:33:22:e0:5d:d8:
4c:22:d4:d6:90:96:d7:80:3f:9d:30:43:3a:73:67:
1f:aa:29:86:dc:f4:ce:37:99:d0:4b:6f:5b:67:f2:
a6:8e:ac:1e:d5:47:4b:7f:25:ff:ed:85:43:a4:08:
82:97:90:0c:e3:ec:f9:ba:6c:0d:d4:9b:3d:c5:50:
38:13:e2:58:91:67:aa:8f:58:0b:d2:03:50:fd:7d:
84:00:8c:3e:41:b9:0d:6c:00:d8:04:06:ac:e9:6b:
70:a6:a3:50:10:63:80:d6:80:57:f1:13:6d:e1:52:
39:bb:52:0a:e3:62:46:29:0c:1f:ee:6c:e7:96:68:
6a:05:a5:7f:36:9d:c1:07:bb:41:b6:29:71:a3:84:
70:2c:88:2a:1f:03:e0:06:d8:18:8c:65:36:98:f0:
2c:95:46:e8:4b:0e:08:62:c5:1f:ba:25:77:02:d0:
56:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:43:1B:E2:CA:A7:2D:C0:E1:FE:51:E0:5D:04:35:41:7B:DA:95:E9
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/SEMb4sqnLcDh_lHgXQQ1QXvalek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
88:04:4e:ac:3c:77:c0:3f:ad:f6:16:74:b6:d1:b7:4e:e8:85:
80:79:f5:85:6d:79:5f:86:fa:7e:e6:e8:43:f9:c5:14:e7:98:
55:7b:4b:e6:1f:81:47:66:33:b7:09:6d:12:bd:20:69:20:d0:
51:18:26:7f:9b:38:7d:29:2f:ee:17:c6:e0:26:29:41:a0:a9:
f5:c2:5d:57:fc:0c:81:5b:d6:fa:8f:79:7f:b0:26:77:62:ab:
98:88:52:5c:55:de:55:f5:40:a3:ff:1d:ba:d4:da:91:01:80:
62:4f:38:2d:3d:4b:c8:0f:83:5c:08:d6:40:e6:8e:1a:45:7a:
18:e3:bf:39:50:84:81:18:7d:a5:9d:92:50:f2:12:d1:0f:66:
1a:bc:42:46:1f:e0:e3:ba:6e:f6:b9:e0:10:93:6e:5a:46:c6:
81:82:6f:a6:6e:c6:1b:44:5d:9a:96:14:38:95:2f:09:e7:91:
8d:fa:97:0b:e9:38:4b:5b:ea:3d:e2:ad:92:bd:7f:d9:cf:a8:
7d:5f:84:f5:c6:a5:9c:4a:d3:15:5b:c3:6e:18:3e:38:cb:23:
df:8a:dc:9d:6c:0f:38:01:34:c4:4a:cc:5e:54:75:d7:6b:22:
c8:a8:f0:17:0c:7d:ab:56:04:f7:5f:d6:f6:49:f4:f6:bd:37:
21:31:99:c3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvt8xcVYsVO4lKNYPiK6vOBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTIwMTgxNjUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODQzMWJlMmNhYTcyZGMwZTFmZTUxZTA1ZDA0MzU0MTdiZGE5NWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAY8Ml7sCLboVBhvmAntx/U7NC2z
WPnm7F+N/YfFw50UGuOc8SZclBOQBF/5j4bDb8p/YE0bbKZhBDg1VDEr46S58fc7
1FyRSbDBdM2hryWVgBiqMyLgXdhMItTWkJbXgD+dMEM6c2cfqimG3PTON5nQS29b
Z/Kmjqwe1UdLfyX/7YVDpAiCl5AM4+z5umwN1Js9xVA4E+JYkWeqj1gL0gNQ/X2E
AIw+QbkNbADYBAas6WtwpqNQEGOA1oBX8RNt4VI5u1IK42JGKQwf7mznlmhqBaV/
Np3BB7tBtilxo4RwLIgqHwPgBtgYjGU2mPAslUboSw4IYsUfuiV3AtBWqwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEhDG+LKpy3A4f5R4F0ENUF72pXpMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvU0VNYjRzcW5MY0RoX2xIZ1hRUTFRWHZhbGVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIgETqw8d8A/rfYWdLbR
t07ohYB59YVteV+G+n7m6EP5xRTnmFV7S+YfgUdmM7cJbRK9IGkg0FEYJn+bOH0p
L+4XxuAmKUGgqfXCXVf8DIFb1vqPeX+wJndiq5iIUlxV3lX1QKP/HbrU2pEBgGJP
OC09S8gPg1wI1kDmjhpFehjjvzlQhIEYfaWdklDyEtEPZhq8QkYf4OO6bva54BCT
blpGxoGCb6ZuxhtEXZqWFDiVLwnnkY36lwvpOEtb6j3irZK9f9nPqH1fhPXGpZxK
0xVbw24YPjjLI9+K3J1sDzgBNMRKzF5UdddrIsio8BcMfatWBPdf1vZJ9Pa9NyEx
mcM=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:53:22 2025 by rpki-client