Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/To2q7P03S-UzHBD5RKbqMjupEwg.roa
File: To2q7P03S-UzHBD5RKbqMjupEwg.roa (raw, json)
Hash identifier: nQj1URYCqGOAqkzxR2Ohk3OJwINuUK1OCtFpn+H70JY=
Subject key identifier: 4E:8D:AA:EC:FD:37:4B:E5:33:1C:10:F9:44:A6:EA:32:3B:A9:13:08
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AC41CA82FAA0AB27CA16B90396D7AB74B
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/To2q7P03S-UzHBD5RKbqMjupEwg.roa
Signing time: Sat 23 Sep 2023 22:15:26 +0000
ROA not before: Sat 23 Sep 2023 22:15:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c4:1c:a8:2f:aa:0a:b2:7c:a1:6b:90:39:6d:7a:b7:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 23 22:15:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e8daaecfd374be5331c10f944a6ea323ba91308
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d0:e2:b2:17:41:af:f0:4a:16:56:be:78:28:
98:31:28:56:8d:81:61:b3:3f:6d:76:5b:6a:9c:eb:
64:46:c3:ca:ec:29:e5:d5:5e:5e:2a:6a:2b:24:21:
f2:ac:41:c7:fa:ed:5e:ff:07:3b:46:99:44:62:e9:
be:4f:50:ba:16:16:32:f1:86:06:23:50:25:bb:c7:
3f:cb:ed:f2:3a:a1:eb:f4:ec:57:f9:cc:0d:17:9f:
70:da:c9:5c:a4:6c:d7:e3:97:e5:26:b6:3a:8b:5c:
e3:30:af:f5:fa:4c:00:86:1d:df:74:a2:0b:d8:00:
90:b4:10:bb:b1:b3:f4:e4:c7:f5:ff:9b:c0:f6:5e:
d1:8e:8d:aa:33:82:d2:1b:9c:3b:bc:16:5b:5b:31:
ee:10:00:a7:7e:e6:99:e2:70:89:51:b8:7b:d7:4e:
2a:cc:97:5b:a9:bc:8f:67:32:b2:f8:23:ec:6c:8d:
2b:0c:eb:69:85:75:9a:8b:ed:67:1e:53:ec:fa:a9:
77:b4:33:37:d6:b4:7c:e6:a5:b1:64:2f:bf:82:5a:
a9:97:83:f1:89:be:15:6c:8c:a3:40:c9:b8:3e:85:
1c:68:4a:0d:e2:f0:e1:b3:78:b2:f2:0b:91:29:2c:
93:17:be:83:f4:97:3d:70:ec:c5:d9:df:5b:8e:fe:
26:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:8D:AA:EC:FD:37:4B:E5:33:1C:10:F9:44:A6:EA:32:3B:A9:13:08
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/To2q7P03S-UzHBD5RKbqMjupEwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7c:7e:24:d0:31:67:8f:2d:6a:84:b2:c1:9b:aa:05:72:7d:9a:
ea:28:c7:33:6c:2c:12:c8:00:7a:1b:1e:e8:f2:58:34:49:0d:
46:1f:11:0c:25:4a:3c:d3:cc:89:70:77:99:e5:2d:2a:53:09:
bb:f4:9d:47:ff:4e:54:47:6f:03:bc:32:7f:f3:33:c5:2b:d0:
3a:ed:12:93:2e:9d:39:9e:c4:a3:cc:29:b0:f3:2c:98:bf:56:
f0:a8:9f:32:bd:c2:91:4a:88:ed:6a:ca:46:91:21:c9:88:c9:
6e:56:20:7e:16:0f:72:58:56:d7:31:5a:08:66:9c:09:76:7e:
7c:b5:ea:fb:1b:02:b4:08:de:0b:b5:07:e1:63:b5:c9:d1:70:
79:9d:9d:5b:f9:58:d1:1a:4d:80:a8:44:df:b9:ab:cf:fb:ee:
de:8f:a1:ce:6e:8c:a5:38:e1:53:38:fb:8d:01:85:7a:c7:99:
a8:a2:e5:ec:9f:31:f9:f2:a7:be:89:29:99:37:92:75:1f:b9:
03:a4:55:c1:d2:ef:dd:df:a2:bd:fd:5f:62:98:f8:67:5f:30:
8a:20:b9:e4:3c:44:48:6c:8f:40:5a:c4:53:ac:f0:f7:ec:f3:
61:be:bb:f7:3a:1f:5f:d7:4a:5a:37:99:27:c9:3b:30:2b:19:
d9:2d:98:83
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrEHKgvqgqyfKFrkDlterdLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIzMjIxNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZThkYWFlY2ZkMzc0YmU1MzMxYzEwZjk0NGE2ZWEzMjNiYTkxMzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9DishdBr/BKFla+eCiYMShWjYFh
sz9tdltqnOtkRsPK7Cnl1V5eKmorJCHyrEHH+u1e/wc7RplEYum+T1C6FhYy8YYG
I1Alu8c/y+3yOqHr9OxX+cwNF59w2slcpGzX45flJrY6i1zjMK/1+kwAhh3fdKIL
2ACQtBC7sbP05Mf1/5vA9l7Rjo2qM4LSG5w7vBZbWzHuEACnfuaZ4nCJUbh7104q
zJdbqbyPZzKy+CPsbI0rDOtphXWai+1nHlPs+ql3tDM31rR85qWxZC+/glqpl4Px
ib4VbIyjQMm4PoUcaEoN4vDhs3iy8guRKSyTF76D9Jc9cOzF2d9bjv4mnQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE6Nquz9N0vlMxwQ+USm6jI7qRMIMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVG8ycTdQMDNTLVV6SEJENVJLYnFNanVwRXdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHx+JNAxZ48taoSywZuq
BXJ9muooxzNsLBLIAHobHujyWDRJDUYfEQwlSjzTzIlwd5nlLSpTCbv0nUf/TlRH
bwO8Mn/zM8Ur0DrtEpMunTmexKPMKbDzLJi/VvConzK9wpFKiO1qykaRIcmIyW5W
IH4WD3JYVtcxWghmnAl2fny16vsbArQI3gu1B+FjtcnRcHmdnVv5WNEaTYCoRN+5
q8/77t6Poc5ujKU44VM4+40BhXrHmaii5eyfMfnyp76JKZk3knUfuQOkVcHS793f
or39X2KY+GdfMIogueQ8REhsj0BaxFOs8Pfs82G+u/c6H1/XSlo3mSfJOzArGdkt
mIM=
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:24:49 2025 by rpki-client