Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/T1gI0zXP57uNm6vVXaRvgd_AbO4.roa
File: T1gI0zXP57uNm6vVXaRvgd_AbO4.roa (raw, json)
Hash identifier: KptjGzn4iVu/Vi/05sr7psiRwSTOjwhenquXogiJK84=
Subject key identifier: 4F:58:08:D3:35:CF:E7:BB:8D:9B:AB:D5:5D:A4:6F:81:DF:C0:6C:EE
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C51B67357BEA375C321F2AB3792B3F6B6
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/T1gI0zXP57uNm6vVXaRvgd_AbO4.roa
Signing time: Sun 10 Dec 2023 03:12:40 +0000
ROA not before: Sun 10 Dec 2023 03:12:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:51:b6:73:57:be:a3:75:c3:21:f2:ab:37:92:b3:f6:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 10 03:12:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f5808d335cfe7bb8d9babd55da46f81dfc06cee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:21:cd:f5:09:dd:97:f8:ad:da:6c:b8:a3:da:
a9:fd:9e:e6:52:56:1f:ae:70:13:81:fe:43:d4:38:
44:5a:92:0f:57:3e:e3:4a:cc:21:83:ea:20:2a:17:
c9:b1:ef:3e:43:19:3a:60:ce:21:07:42:b4:c1:fe:
3a:f6:50:9c:94:40:9f:c2:cf:18:15:ef:c4:7f:99:
84:a2:80:f7:e5:23:ff:dd:0c:9f:4f:62:3f:6f:1b:
e9:95:38:c7:af:a8:76:a7:29:64:31:f6:ec:77:fb:
a6:40:ed:2b:61:c4:eb:0f:10:3c:03:ca:7e:be:46:
fd:1e:99:32:15:65:41:5b:0d:32:21:83:ba:13:ff:
08:fe:9f:48:02:38:42:c5:53:dd:ed:ba:4b:27:e9:
7f:00:5b:b6:06:6c:38:d3:dc:e2:a1:e6:38:23:08:
26:42:cd:f1:4e:ae:36:c8:0b:92:3f:3d:0e:89:3e:
23:22:16:66:1d:1f:ab:68:d8:ad:a8:27:22:97:12:
81:60:94:b1:4c:07:f7:20:7f:8f:e4:fb:4e:9b:8b:
f4:d5:fa:36:bb:54:3a:47:fb:b7:83:5f:08:00:0b:
60:a4:b6:2d:e4:b8:1a:6f:f4:ca:6b:7d:39:bf:52:
4b:ef:d5:1c:f0:54:83:9e:f0:ec:7b:58:d1:ca:ee:
89:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:58:08:D3:35:CF:E7:BB:8D:9B:AB:D5:5D:A4:6F:81:DF:C0:6C:EE
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/T1gI0zXP57uNm6vVXaRvgd_AbO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
69:5e:c5:8a:f6:67:8f:b0:e2:18:77:68:ab:24:be:4d:c2:16:
8a:11:4d:e3:aa:a3:ec:5d:45:b7:90:c1:47:8e:41:7b:f9:a0:
72:32:e8:5c:d5:db:54:13:c4:cb:ba:4e:91:77:8d:b8:14:47:
3c:01:9e:ea:84:0a:16:d7:21:78:4d:ce:77:ab:77:28:d9:b6:
2e:7b:1a:85:74:3a:f6:8e:63:53:38:c8:d2:95:d0:fc:aa:88:
fd:3f:50:97:fb:8c:20:56:a2:b5:bf:b3:3a:34:77:4a:3a:c1:
5d:23:ad:d6:8b:9b:4f:81:06:19:5c:04:c2:73:44:ae:fd:c9:
36:d0:68:75:44:8e:47:b3:e1:3f:d4:07:3a:03:94:6b:56:ed:
d4:d6:76:27:07:45:9a:dd:b1:f3:4b:13:5e:bb:9d:d7:f6:99:
ef:7c:89:7d:4e:3d:19:84:0f:82:99:76:ad:ea:ec:0b:33:1c:
07:e1:19:8c:db:41:3e:4f:c3:4e:b1:36:50:86:f3:27:59:8c:
c8:66:d8:db:7d:38:7b:d1:72:8d:a9:04:78:c3:19:a0:9c:35:
32:50:b5:24:38:6b:f6:11:8a:af:8b:95:b5:2d:bb:35:87:0b:
6a:1e:01:f4:0b:d7:ef:1d:04:8f:55:63:f9:6a:99:57:48:ba:
a6:e6:21:7c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxRtnNXvqN1wyHyqzeSs/a2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjEwMDMxMjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjU4MDhkMzM1Y2ZlN2JiOGQ5YmFiZDU1ZGE0NmY4MWRmYzA2Y2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6yHN9Qndl/it2my4o9qp/Z7mUlYf
rnATgf5D1DhEWpIPVz7jSswhg+ogKhfJse8+Qxk6YM4hB0K0wf469lCclECfws8Y
Fe/Ef5mEooD35SP/3QyfT2I/bxvplTjHr6h2pylkMfbsd/umQO0rYcTrDxA8A8p+
vkb9HpkyFWVBWw0yIYO6E/8I/p9IAjhCxVPd7bpLJ+l/AFu2Bmw409zioeY4Iwgm
Qs3xTq42yAuSPz0OiT4jIhZmHR+raNitqCcilxKBYJSxTAf3IH+P5PtOm4v01fo2
u1Q6R/u3g18IAAtgpLYt5Lgab/TKa305v1JL79Uc8FSDnvDse1jRyu6JhQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE9YCNM1z+e7jZur1V2kb4HfwGzuMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVDFnSTB6WFA1N3VObTZ2VlhhUnZnZF9BYk80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGlexYr2Z4+w4hh3aKsk
vk3CFooRTeOqo+xdRbeQwUeOQXv5oHIy6FzV21QTxMu6TpF3jbgURzwBnuqEChbX
IXhNznerdyjZti57GoV0OvaOY1M4yNKV0PyqiP0/UJf7jCBWorW/szo0d0o6wV0j
rdaLm0+BBhlcBMJzRK79yTbQaHVEjkez4T/UBzoDlGtW7dTWdicHRZrdsfNLE167
ndf2me98iX1OPRmED4KZdq3q7AszHAfhGYzbQT5Pw06xNlCG8ydZjMhm2Nt9OHvR
co2pBHjDGaCcNTJQtSQ4a/YRiq+LlbUtuzWHC2oeAfQL1+8dBI9VY/lqmVdIuqbm
IXw=
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:47:11 2025 by rpki-client