Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TdvsB8K5SfZk0HcUSp7uxX2ilic.roa
File: TdvsB8K5SfZk0HcUSp7uxX2ilic.roa (raw, json)
Hash identifier: BOCe31E0ebK2QAQLyQz07qXuUvUB+6VLXlbsjIp+Rc8=
Subject key identifier: 4D:DB:EC:07:C2:B9:49:F6:64:D0:77:14:4A:9E:EE:C5:7D:A2:96:27
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C1CB9FF125920895FDBE828C40903CC16
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TdvsB8K5SfZk0HcUSp7uxX2ilic.roa
Signing time: Wed 29 Nov 2023 20:16:40 +0000
ROA not before: Wed 29 Nov 2023 20:16:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1c:b9:ff:12:59:20:89:5f:db:e8:28:c4:09:03:cc:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 29 20:16:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ddbec07c2b949f664d077144a9eeec57da29627
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:fb:70:7b:c0:98:5b:5b:fa:57:57:09:a2:c9:
ad:4f:b6:1b:07:28:66:b6:50:2e:95:c2:e7:42:5c:
ae:e0:e1:4a:f7:ec:4b:58:78:8c:bf:ee:fe:f9:48:
ad:02:70:1b:1d:b4:d6:bf:32:c0:1f:d0:8c:05:ff:
86:13:f5:0c:41:22:e2:a7:50:c5:51:b2:5c:e8:11:
7c:79:36:0f:dd:36:0e:83:68:9d:ec:5b:77:43:a4:
d0:b7:e1:a0:66:7e:4f:9b:09:2b:38:c6:80:d1:5c:
34:8d:30:3a:4d:63:68:28:8f:2f:93:5f:90:87:61:
e4:69:cb:4e:d4:64:d5:2c:48:7b:78:8e:30:66:8b:
a2:79:fb:82:dd:9c:de:4a:05:5a:6a:3c:38:d3:19:
4a:84:61:ff:d1:ff:b6:96:48:e7:42:f9:17:c1:ca:
af:38:ac:ae:9f:69:63:de:54:1e:c6:d0:2b:5a:d7:
79:3d:ca:44:4f:fb:e3:fb:35:a3:ca:c4:21:ae:9b:
2c:e8:e4:5f:63:70:f9:31:61:e1:0f:ac:ed:95:cf:
22:94:87:73:87:7e:0f:d3:93:48:a8:c6:c7:d8:38:
c3:99:39:48:b0:72:46:8d:87:59:bc:33:6e:4d:39:
b7:54:81:79:00:dc:3d:27:7f:ec:c5:26:03:99:2d:
f5:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:DB:EC:07:C2:B9:49:F6:64:D0:77:14:4A:9E:EE:C5:7D:A2:96:27
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TdvsB8K5SfZk0HcUSp7uxX2ilic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
66:dc:63:04:84:53:73:8e:b9:2a:68:27:45:55:ff:27:79:e4:
9f:f0:40:db:c7:f3:55:22:13:af:b1:e1:06:d6:ce:94:58:7f:
b5:05:dd:1d:3b:7e:20:96:45:4c:2d:ed:5b:ab:6b:9e:93:7f:
7f:6b:cc:4b:80:7a:99:e3:fc:f8:11:f7:8b:10:05:4b:8d:c0:
49:bb:95:86:dc:d3:59:1f:60:f8:de:d4:cc:36:35:9b:02:8f:
67:11:ba:5d:9f:d1:92:75:5c:9d:a4:58:13:cf:3e:c3:db:de:
60:de:05:75:9c:18:d0:49:58:26:92:91:df:fd:4a:93:f7:03:
92:cf:8a:4d:27:01:9b:5c:5b:b0:14:c5:87:75:ff:86:52:00:
15:fc:10:f3:e1:23:59:88:a2:e8:f1:97:cf:ef:b3:42:41:fa:
f9:26:fa:3c:c2:ac:b4:9e:fd:3d:4f:2e:35:ee:a1:a9:50:0c:
bd:8e:78:f9:2c:2b:1c:60:3f:5d:07:aa:51:31:92:f9:85:cb:
87:40:40:c6:c5:66:9f:a3:14:65:70:93:14:9b:43:2b:d2:b1:
22:25:73:ed:27:cb:ca:6c:78:0d:c0:74:f0:84:9c:e6:e8:9c:
54:bb:13:10:44:a0:64:36:5c:29:6b:7a:67:d3:e6:bc:02:17:
2b:69:43:b3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwcuf8SWSCJX9voKMQJA8wWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI5MjAxNjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGRiZWMwN2MyYjk0OWY2NjRkMDc3MTQ0YTllZWVjNTdkYTI5NjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvtwe8CYW1v6V1cJosmtT7YbByhm
tlAulcLnQlyu4OFK9+xLWHiMv+7++UitAnAbHbTWvzLAH9CMBf+GE/UMQSLip1DF
UbJc6BF8eTYP3TYOg2id7Ft3Q6TQt+GgZn5PmwkrOMaA0Vw0jTA6TWNoKI8vk1+Q
h2HkactO1GTVLEh7eI4wZouiefuC3ZzeSgVaajw40xlKhGH/0f+2lkjnQvkXwcqv
OKyun2lj3lQextArWtd5PcpET/vj+zWjysQhrpss6ORfY3D5MWHhD6ztlc8ilIdz
h34P05NIqMbH2DjDmTlIsHJGjYdZvDNuTTm3VIF5ANw9J3/sxSYDmS31VQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE3b7AfCuUn2ZNB3FEqe7sV9opYnMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVGR2c0I4SzVTZlprMEhjVVNwN3V4WDJpbGljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGbcYwSEU3OOuSpoJ0VV
/yd55J/wQNvH81UiE6+x4QbWzpRYf7UF3R07fiCWRUwt7Vura56Tf39rzEuAepnj
/PgR94sQBUuNwEm7lYbc01kfYPje1Mw2NZsCj2cRul2f0ZJ1XJ2kWBPPPsPb3mDe
BXWcGNBJWCaSkd/9SpP3A5LPik0nAZtcW7AUxYd1/4ZSABX8EPPhI1mIoujxl8/v
s0JB+vkm+jzCrLSe/T1PLjXuoalQDL2OePksKxxgP10HqlExkvmFy4dAQMbFZp+j
FGVwkxSbQyvSsSIlc+0ny8pseA3AdPCEnObonFS7ExBEoGQ2XClremfT5rwCFytp
Q7M=
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:14:12 2025 by rpki-client