Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/So3aqj_YK1pEKw3DET8Yf4inNiY.roa
File: So3aqj_YK1pEKw3DET8Yf4inNiY.roa (raw, json)
Hash identifier: rX9i1UECaiIYU/mK3IkGpbFqyBY7iWmq69nDUNRK4Wo=
Subject key identifier: 4A:8D:DA:AA:3F:D8:2B:5A:44:2B:0D:C3:11:3F:18:7F:88:A7:36:26
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ABF6451441FA2E450689DA364A332EBD0
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/So3aqj_YK1pEKw3DET8Yf4inNiY.roa
Signing time: Sat 23 Sep 2023 00:15:37 +0000
ROA not before: Sat 23 Sep 2023 00:15:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bf:64:51:44:1f:a2:e4:50:68:9d:a3:64:a3:32:eb:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 23 00:15:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a8ddaaa3fd82b5a442b0dc3113f187f88a73626
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c0:dc:53:d4:c2:3a:b9:ff:20:64:de:d6:53:
3c:5c:a9:37:7e:0e:d2:f4:af:e5:9b:26:97:5f:55:
f0:8d:b9:18:b3:c5:dd:b5:f6:1b:75:f8:7e:33:5d:
51:ce:ab:39:06:8d:e8:cd:5f:8e:e8:f8:18:6f:f5:
11:dc:f4:fc:0f:6e:bb:1b:f3:61:78:0d:30:2c:53:
a4:a7:dc:45:7e:10:bb:46:73:a7:36:7b:c2:c9:d4:
6b:a1:6e:2a:76:de:77:33:e1:64:64:5e:af:18:93:
be:a0:4d:d5:e4:46:1c:29:18:dc:33:86:d2:2f:22:
a9:9f:38:a3:a8:a8:20:8d:10:40:4c:10:8e:43:68:
a2:79:cc:a8:7c:31:02:3f:8d:5b:25:45:23:0c:87:
3f:3e:e5:00:23:b2:70:4c:a2:f5:f9:e0:82:b4:5b:
f6:f2:0d:15:11:64:e8:b0:6a:ee:9b:f5:e1:d5:89:
0a:14:3f:14:e2:69:de:4a:40:7e:9e:0b:f7:a9:74:
0d:c1:03:c6:6a:62:f3:d2:60:6c:44:b6:31:a4:1c:
cb:07:64:a6:ac:53:d1:88:94:2e:3a:42:5e:3f:dd:
cd:51:62:69:71:a3:6d:d0:a6:c7:a4:70:d1:a8:ac:
cf:ed:a6:08:c0:cc:91:5f:10:20:39:9d:5b:04:2c:
31:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:8D:DA:AA:3F:D8:2B:5A:44:2B:0D:C3:11:3F:18:7F:88:A7:36:26
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/So3aqj_YK1pEKw3DET8Yf4inNiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4b:2c:33:8f:81:4d:6d:92:02:46:80:c5:65:84:7f:6e:b8:23:
76:f4:01:89:4d:1b:b4:5d:45:b3:19:5a:ee:93:4c:09:6d:a1:
34:70:0a:e7:bd:b6:a1:68:d4:8a:61:62:9a:9b:86:1c:42:18:
fb:25:2c:a6:a6:54:5d:a4:e7:f3:1a:23:3c:8f:b5:9d:b0:95:
32:d1:96:66:bb:26:2e:4b:13:7e:29:de:d9:09:0f:e0:f4:f1:
a4:bd:be:a6:08:a2:59:de:0c:5a:f6:9e:fc:05:62:cb:05:82:
db:b1:3d:98:95:85:69:94:bb:39:a3:4e:12:dc:c1:3b:b9:93:
03:e0:ef:cc:2a:bf:2a:90:f0:13:c6:94:e5:fc:b3:e7:eb:d8:
06:cb:e0:53:04:50:38:7a:35:15:69:5f:78:d0:8a:78:e5:d1:
c4:8c:df:f1:93:97:9e:d1:3e:78:85:36:b8:cd:63:5e:10:4d:
a1:c9:4f:b3:e7:92:82:5d:01:d4:d4:34:ae:f1:7c:6d:e5:1b:
35:5a:8f:71:c4:78:3e:57:25:29:22:b3:70:31:47:a8:d3:8b:
a1:2a:7d:a8:74:2f:64:a7:65:05:fa:07:e2:f9:6d:f1:ce:8c:
7f:17:07:c0:1c:b2:ba:d7:9d:9d:83:b1:83:f5:f6:ec:54:e2:
7c:28:43:2a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYq/ZFFEH6LkUGido2SjMuvQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIzMDAxNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YThkZGFhYTNmZDgyYjVhNDQyYjBkYzMxMTNmMTg3Zjg4YTczNjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMDcU9TCOrn/IGTe1lM8XKk3fg7S
9K/lmyaXX1XwjbkYs8XdtfYbdfh+M11Rzqs5Bo3ozV+O6PgYb/UR3PT8D267G/Nh
eA0wLFOkp9xFfhC7RnOnNnvCydRroW4qdt53M+FkZF6vGJO+oE3V5EYcKRjcM4bS
LyKpnzijqKggjRBATBCOQ2iiecyofDECP41bJUUjDIc/PuUAI7JwTKL1+eCCtFv2
8g0VEWTosGrum/Xh1YkKFD8U4mneSkB+ngv3qXQNwQPGamLz0mBsRLYxpBzLB2Sm
rFPRiJQuOkJeP93NUWJpcaNt0KbHpHDRqKzP7aYIwMyRXxAgOZ1bBCwxUwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEqN2qo/2CtaRCsNwxE/GH+IpzYmMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvU28zYXFqX1lLMXBFS3czREVUOFlmNGluTmlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEssM4+BTW2SAkaAxWWE
f264I3b0AYlNG7RdRbMZWu6TTAltoTRwCue9tqFo1IphYpqbhhxCGPslLKamVF2k
5/MaIzyPtZ2wlTLRlma7Ji5LE34p3tkJD+D08aS9vqYIolneDFr2nvwFYssFgtux
PZiVhWmUuzmjThLcwTu5kwPg78wqvyqQ8BPGlOX8s+fr2AbL4FMEUDh6NRVpX3jQ
injl0cSM3/GTl57RPniFNrjNY14QTaHJT7PnkoJdAdTUNK7xfG3lGzVaj3HEeD5X
JSkis3AxR6jTi6Eqfah0L2SnZQX6B+L5bfHOjH8XB8AcsrrXnZ2DsYP19uxU4nwo
Qyo=
-----END CERTIFICATE-----
Generated at Wed Apr 23 03:53:33 2025 by rpki-client