Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TK27ziD9wWdoR-83UMQTEQ5pmnY.roa
File: TK27ziD9wWdoR-83UMQTEQ5pmnY.roa (raw, json)
Hash identifier: jrd4GgFASg4hg9m0FRWnbiuLZazeSQIYl6/sgePRL0Y=
Subject key identifier: 4C:AD:BB:CE:20:FD:C1:67:68:47:EF:37:50:C4:13:11:0E:69:9A:76
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C582924E2E87CB2A1AD7DD1555D6691C0
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TK27ziD9wWdoR-83UMQTEQ5pmnY.roa
Signing time: Mon 11 Dec 2023 09:15:40 +0000
ROA not before: Mon 11 Dec 2023 09:15:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:58:29:24:e2:e8:7c:b2:a1:ad:7d:d1:55:5d:66:91:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 11 09:15:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4cadbbce20fdc1676847ef3750c413110e699a76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a4:fd:7b:ea:24:f0:8c:41:67:a4:d8:19:2a:
68:f8:bc:23:4a:e7:f5:88:39:33:fa:a2:74:e0:9a:
2d:bd:ea:0b:82:49:6c:74:3b:73:b4:0a:1c:63:c3:
cf:7f:2d:c6:40:14:01:f7:5f:b9:d0:ad:e3:84:d9:
c6:dc:ef:ef:7f:4d:10:88:83:8d:c6:76:32:c2:a4:
7b:da:c6:e3:a7:73:d0:6e:f6:1e:c7:8e:5a:55:7f:
d6:94:f7:15:89:ec:fc:5d:b6:4d:17:d7:14:d4:5a:
cb:f0:6a:cf:59:42:91:58:7d:23:7e:88:51:0f:79:
24:c5:88:f4:64:6e:aa:5a:62:0a:0a:5b:2a:f4:11:
56:97:06:63:90:c0:92:f0:37:4c:fd:ea:04:3f:bb:
ee:5a:71:a9:c7:24:9f:d5:0e:fe:2f:27:38:5c:f9:
a8:de:48:0f:d7:cb:19:dc:68:08:90:2a:19:d3:dd:
88:26:be:87:46:4a:0b:7c:0a:0c:c1:13:a6:f9:5d:
d1:8c:86:47:d3:f0:8e:5a:b7:ec:a5:88:43:26:57:
bd:a8:cd:b2:19:1f:03:81:11:57:a8:67:e7:06:25:
7d:44:e0:58:12:a7:e0:6c:aa:98:65:81:df:a0:77:
ba:dd:34:64:37:ea:28:a1:bf:2a:0b:1d:7d:b2:7c:
0c:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:AD:BB:CE:20:FD:C1:67:68:47:EF:37:50:C4:13:11:0E:69:9A:76
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TK27ziD9wWdoR-83UMQTEQ5pmnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
26:9e:e5:39:50:ab:e6:9f:6d:e5:00:1b:16:37:82:9e:2c:ec:
fc:ad:50:47:5b:1f:0f:c4:6a:71:67:f8:4a:ce:08:eb:2b:e9:
46:b4:24:0f:0f:6a:5b:f0:79:1e:05:71:5c:37:92:76:f1:fc:
dc:e3:4e:1c:0a:d5:02:8f:80:e6:37:85:01:6d:ec:11:07:a5:
ae:80:5e:17:9b:0e:89:be:48:a3:78:e1:84:04:ea:06:3b:12:
0f:61:a7:f0:83:4f:0a:71:20:ff:c4:b8:99:af:b3:cf:5f:e3:
be:ab:17:79:7b:cd:94:84:04:3b:ba:d3:b3:80:f1:f2:a3:3b:
10:3e:c9:e2:5a:3b:32:46:95:d1:4f:aa:da:3b:9c:f4:72:88:
93:3a:8b:30:2b:6b:a7:d6:3c:77:aa:d5:d1:4a:b1:95:d8:c5:
32:6e:3e:63:7c:98:82:b6:f0:59:1e:3d:8f:f4:ee:18:90:9e:
5e:dd:34:94:d0:76:33:5c:cb:a9:8e:9d:4b:ad:a6:31:38:93:
ed:d0:86:17:e0:7d:b3:53:a3:94:59:d9:93:f4:0d:64:c1:17:
ea:12:e2:5b:9d:b9:ac:2c:c5:97:26:17:50:82:f3:d4:21:06:
75:31:5c:68:d3:77:ea:a8:7d:4a:97:fc:02:7e:3c:b9:cf:93:
fa:12:c6:90
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxYKSTi6Hyyoa190VVdZpHAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjExMDkxNTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2FkYmJjZTIwZmRjMTY3Njg0N2VmMzc1MGM0MTMxMTBlNjk5YTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqT9e+ok8IxBZ6TYGSpo+LwjSuf1
iDkz+qJ04JotveoLgklsdDtztAocY8PPfy3GQBQB91+50K3jhNnG3O/vf00QiION
xnYywqR72sbjp3PQbvYex45aVX/WlPcViez8XbZNF9cU1FrL8GrPWUKRWH0jfohR
D3kkxYj0ZG6qWmIKClsq9BFWlwZjkMCS8DdM/eoEP7vuWnGpxySf1Q7+Lyc4XPmo
3kgP18sZ3GgIkCoZ092IJr6HRkoLfAoMwROm+V3RjIZH0/COWrfspYhDJle9qM2y
GR8DgRFXqGfnBiV9ROBYEqfgbKqYZYHfoHe63TRkN+ooob8qCx19snwMLQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEytu84g/cFnaEfvN1DEExEOaZp2MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVEsyN3ppRDl3V2RvUi04M1VNUVRFUTVwbW5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACae5TlQq+afbeUAGxY3
gp4s7PytUEdbHw/EanFn+ErOCOsr6Ua0JA8PalvweR4FcVw3knbx/NzjThwK1QKP
gOY3hQFt7BEHpa6AXhebDom+SKN44YQE6gY7Eg9hp/CDTwpxIP/EuJmvs89f476r
F3l7zZSEBDu607OA8fKjOxA+yeJaOzJGldFPqto7nPRyiJM6izAra6fWPHeq1dFK
sZXYxTJuPmN8mIK28FkePY/07hiQnl7dNJTQdjNcy6mOnUutpjE4k+3QhhfgfbNT
o5RZ2ZP0DWTBF+oS4luduawsxZcmF1CC89QhBnUxXGjTd+qofUqX/AJ+PLnPk/oS
xpA=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:22:55 2025 by rpki-client