Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TsoLQBwWEo0KdAUYq4O3fdEzn8g.roa
File: TsoLQBwWEo0KdAUYq4O3fdEzn8g.roa (raw, json)
Hash identifier: jMsAB4Y/LRm3LD/vLZXjLW2Pa8bTQRGvcHvIZYSO1kI=
Subject key identifier: 4E:CA:0B:40:1C:16:12:8D:0A:74:05:18:AB:83:B7:7D:D1:33:9F:C8
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AD2EBDC32F8F2576E416FA8B1625BBC10
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TsoLQBwWEo0KdAUYq4O3fdEzn8g.roa
Signing time: Tue 26 Sep 2023 19:16:27 +0000
ROA not before: Tue 26 Sep 2023 19:16:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d2:eb:dc:32:f8:f2:57:6e:41:6f:a8:b1:62:5b:bc:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 26 19:16:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4eca0b401c16128d0a740518ab83b77dd1339fc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:9f:36:02:87:f1:8c:5b:16:f3:46:2e:ff:02:
2a:ea:d4:94:1c:59:a8:58:5d:67:16:92:ef:d0:a2:
e4:50:54:8e:b7:99:6e:a4:30:3d:46:27:15:10:2c:
bb:f3:3b:b8:51:e0:43:05:9c:61:18:ea:0e:c3:72:
90:4e:ab:ea:eb:92:d0:60:c4:9b:17:a1:23:42:d4:
56:82:d9:8c:38:8d:68:50:a2:4b:64:df:fe:79:65:
ac:13:c5:28:32:00:86:1c:08:b3:a9:9e:db:4c:b4:
c4:12:27:85:c6:4b:97:a0:af:a3:ba:61:66:3e:5a:
63:86:8f:80:67:5a:c7:66:96:18:f1:4c:87:14:6a:
15:c9:d0:a7:8e:8b:95:e7:5d:34:88:93:ef:d6:f9:
37:15:cd:29:4d:a1:18:f4:a3:ed:17:02:46:3c:74:
4d:ad:34:a6:07:65:fd:2c:d0:e7:6f:4b:e8:ea:23:
72:41:16:41:c3:c7:24:a0:98:9f:ed:8b:16:c8:d7:
97:08:37:82:98:37:35:6d:61:e3:11:f6:17:6b:70:
06:4b:9a:99:1e:bc:3f:bf:e4:0c:66:1c:cc:53:99:
60:24:cf:d9:29:ab:65:74:53:d0:f2:ef:93:2b:15:
4c:c6:ad:b9:da:77:90:eb:2c:ca:25:09:29:39:af:
e4:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:CA:0B:40:1C:16:12:8D:0A:74:05:18:AB:83:B7:7D:D1:33:9F:C8
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TsoLQBwWEo0KdAUYq4O3fdEzn8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b3:9e:16:83:7e:24:05:3d:1a:80:92:7c:db:b6:7b:70:48:27:
8f:73:ac:97:8c:f6:9a:0e:53:a1:ae:27:20:f4:d0:1a:a1:09:
3b:72:3d:27:26:32:ca:8d:e2:ac:db:2b:94:f3:f2:f4:d7:4a:
e8:c7:15:67:33:90:82:82:70:42:d1:38:2f:7d:5e:55:ba:76:
64:a0:ff:2e:10:aa:97:f6:da:dd:31:7b:40:d5:eb:15:51:88:
b1:35:66:0d:8a:77:c6:3d:15:17:19:77:f4:b4:c2:8a:67:f8:
37:79:fd:70:d6:36:78:2e:69:ba:bf:a7:93:c0:23:cf:47:26:
b9:6f:ac:f1:6d:4c:cc:91:63:82:67:5b:c4:a7:e3:77:f7:94:
9d:2b:f6:d8:51:a2:8c:d6:76:12:ae:d8:0a:4c:4c:03:03:4a:
9a:c4:20:f9:8e:f1:cb:39:44:d1:b3:19:d7:7a:a8:4d:6b:69:
ec:12:fe:e3:a0:3c:e3:85:1d:a2:86:ba:2a:6f:60:93:15:88:
40:b6:b7:b6:ab:69:3a:de:00:51:19:ef:81:89:5e:9a:2e:ba:
2c:a9:78:92:06:32:f5:61:02:ad:1c:05:2a:99:4c:b0:0c:43:
4e:a4:83:09:2e:5f:9b:f0:dd:ed:af:91:0b:0d:1f:83:68:66:
6c:af:fa:5e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrS69wy+PJXbkFvqLFiW7wQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI2MTkxNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWNhMGI0MDFjMTYxMjhkMGE3NDA1MThhYjgzYjc3ZGQxMzM5ZmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh582AofxjFsW80Yu/wIq6tSUHFmo
WF1nFpLv0KLkUFSOt5lupDA9RicVECy78zu4UeBDBZxhGOoOw3KQTqvq65LQYMSb
F6EjQtRWgtmMOI1oUKJLZN/+eWWsE8UoMgCGHAizqZ7bTLTEEieFxkuXoK+jumFm
Plpjho+AZ1rHZpYY8UyHFGoVydCnjouV5100iJPv1vk3Fc0pTaEY9KPtFwJGPHRN
rTSmB2X9LNDnb0vo6iNyQRZBw8ckoJif7YsWyNeXCDeCmDc1bWHjEfYXa3AGS5qZ
Hrw/v+QMZhzMU5lgJM/ZKatldFPQ8u+TKxVMxq252neQ6yzKJQkpOa/ktQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE7KC0AcFhKNCnQFGKuDt33RM5/IMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVHNvTFFCd1dFbzBLZEFVWXE0TzNmZEV6bjhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALOeFoN+JAU9GoCSfNu2
e3BIJ49zrJeM9poOU6GuJyD00BqhCTtyPScmMsqN4qzbK5Tz8vTXSujHFWczkIKC
cELROC99XlW6dmSg/y4Qqpf22t0xe0DV6xVRiLE1Zg2Kd8Y9FRcZd/S0wopn+Dd5
/XDWNnguabq/p5PAI89HJrlvrPFtTMyRY4JnW8Sn43f3lJ0r9thRoozWdhKu2ApM
TAMDSprEIPmO8cs5RNGzGdd6qE1raewS/uOgPOOFHaKGuipvYJMViEC2t7araTre
AFEZ74GJXpouuiypeJIGMvVhAq0cBSqZTLAMQ06kgwkuX5vw3e2vkQsNH4NoZmyv
+l4=
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:50:58 2025 by rpki-client