Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Towy3CfJYZraBtrtcW-mtBZoR4c.roa
File: Towy3CfJYZraBtrtcW-mtBZoR4c.roa (raw, json)
Hash identifier: NlJEbX0Msf9k269dJ5h5JvL7t15dt0I7DqmnNGuljg0=
Subject key identifier: 4E:8C:32:DC:27:C9:61:9A:DA:06:DA:ED:71:6F:A6:B4:16:68:47:87
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ADF9294245B271C251EAA98C423C60D2E
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Towy3CfJYZraBtrtcW-mtBZoR4c.roa
Signing time: Fri 29 Sep 2023 06:13:59 +0000
ROA not before: Fri 29 Sep 2023 06:13:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:df:92:94:24:5b:27:1c:25:1e:aa:98:c4:23:c6:0d:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 29 06:13:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e8c32dc27c9619ada06daed716fa6b416684787
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:1a:04:7a:79:9d:b3:ce:61:d5:7d:51:c2:6d:
38:fd:af:21:4c:5c:da:99:2a:67:c3:18:46:c8:f6:
19:30:e2:23:03:3f:f2:01:cf:9b:4b:40:6a:7d:6f:
17:03:f7:20:0d:f2:3f:d2:c9:d5:39:a4:3d:41:91:
4a:31:df:58:ac:c6:1d:2c:47:04:b2:f6:c3:82:af:
90:d3:59:90:29:9a:d5:e1:89:94:0c:8e:f6:56:c3:
44:ed:e6:66:f7:cb:c2:d2:c3:b8:71:ce:5f:9a:79:
c4:34:1e:92:90:ac:ca:f9:b0:be:23:34:6d:0e:67:
86:2e:87:b1:4f:f8:5a:5e:52:e2:2c:67:7f:05:f0:
c7:ec:fc:03:24:ad:76:3a:4c:54:88:fb:5b:12:3e:
66:1d:86:2c:07:46:65:9c:9e:bb:88:57:55:28:5f:
01:7d:ea:cd:ee:eb:4c:fa:bc:d3:2c:30:62:74:ef:
3f:57:b8:43:82:57:20:56:37:59:ba:c9:f6:3e:6f:
3e:b1:41:0b:c5:0a:f7:b8:46:69:8e:24:f3:c2:31:
9c:d1:71:06:65:61:e6:29:4f:43:2d:f6:81:f8:b3:
7b:22:89:d7:79:ae:d7:75:5f:c4:89:1c:15:d9:11:
67:2e:21:c4:28:9c:6d:11:13:54:b7:81:a9:6b:42:
08:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:8C:32:DC:27:C9:61:9A:DA:06:DA:ED:71:6F:A6:B4:16:68:47:87
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Towy3CfJYZraBtrtcW-mtBZoR4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
83:2f:81:f5:83:6c:fc:b3:85:54:e8:f0:50:fe:1e:2b:2a:24:
78:23:fd:0a:9c:3f:60:7f:d0:53:cf:ed:a5:ba:09:11:65:72:
af:91:2b:ed:f3:38:e3:4f:8f:77:16:ab:77:6a:3f:48:b7:c6:
a4:a7:99:c9:57:ab:80:75:98:03:cd:35:b6:11:3b:c8:8c:80:
12:f9:3f:2f:05:73:19:04:c1:3f:8e:6e:da:fe:d2:ce:43:38:
00:21:61:22:7f:32:32:88:3c:b1:62:62:3c:ee:8b:47:86:c0:
78:43:2a:d3:5e:81:89:54:cf:4a:fe:77:02:8b:c8:9e:e7:b4:
11:6e:b5:66:9e:2b:c4:68:db:82:9c:c0:5b:f9:23:1c:12:b6:
e7:54:4a:a5:e4:4c:87:b5:dc:65:85:a3:41:b5:f8:bc:41:ae:
8c:13:44:76:2c:17:16:d5:18:4c:73:73:96:7b:ef:83:0e:01:
01:5d:36:76:da:bf:15:cf:2e:58:b4:6f:54:83:e3:b6:42:59:
c6:20:fe:0d:b5:55:25:56:55:54:05:a6:1c:c2:3a:9d:60:83:
b7:89:7c:ed:4a:bb:7b:43:b3:52:a0:c4:bd:ea:62:15:de:3d:
5b:53:70:3f:be:81:26:85:1a:7e:67:44:62:d3:ea:3e:08:cf:
52:56:d7:85
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrfkpQkWyccJR6qmMQjxg0uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI5MDYxMzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZThjMzJkYzI3Yzk2MTlhZGEwNmRhZWQ3MTZmYTZiNDE2Njg0Nzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhoEenmds85h1X1Rwm04/a8hTFza
mSpnwxhGyPYZMOIjAz/yAc+bS0BqfW8XA/cgDfI/0snVOaQ9QZFKMd9YrMYdLEcE
svbDgq+Q01mQKZrV4YmUDI72VsNE7eZm98vC0sO4cc5fmnnENB6SkKzK+bC+IzRt
DmeGLoexT/haXlLiLGd/BfDH7PwDJK12OkxUiPtbEj5mHYYsB0ZlnJ67iFdVKF8B
ferN7utM+rzTLDBidO8/V7hDglcgVjdZusn2Pm8+sUELxQr3uEZpjiTzwjGc0XEG
ZWHmKU9DLfaB+LN7IonXea7XdV/EiRwV2RFnLiHEKJxtERNUt4Gpa0IICwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE6MMtwnyWGa2gba7XFvprQWaEeHMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVG93eTNDZkpZWnJhQnRydGNXLW10QlpvUjRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIMvgfWDbPyzhVTo8FD+
HisqJHgj/QqcP2B/0FPP7aW6CRFlcq+RK+3zOONPj3cWq3dqP0i3xqSnmclXq4B1
mAPNNbYRO8iMgBL5Py8FcxkEwT+Obtr+0s5DOAAhYSJ/MjKIPLFiYjzui0eGwHhD
KtNegYlUz0r+dwKLyJ7ntBFutWaeK8Ro24KcwFv5IxwStudUSqXkTIe13GWFo0G1
+LxBrowTRHYsFxbVGExzc5Z774MOAQFdNnbavxXPLli0b1SD47ZCWcYg/g21VSVW
VVQFphzCOp1gg7eJfO1Ku3tDs1KgxL3qYhXePVtTcD++gSaFGn5nRGLT6j4Iz1JW
14U=
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:12:31 2025 by rpki-client