Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TxGzHnLsT_aV8Mo_0lSJoGguVbw.roa
File: TxGzHnLsT_aV8Mo_0lSJoGguVbw.roa (raw, json)
Hash identifier: Z7nGguQ88Lyw1cXoxVmPhkivYCwhSiyzVnwUyv24mlA=
Subject key identifier: 4F:11:B3:1E:72:EC:4F:F6:95:F0:CA:3F:D2:54:89:A0:68:2E:55:BC
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BA5300F61916E17B7E17E05FA647F7F52
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TxGzHnLsT_aV8Mo_0lSJoGguVbw.roa
Signing time: Mon 06 Nov 2023 15:11:12 +0000
ROA not before: Mon 06 Nov 2023 15:11:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64:ffff:0:18b:a529:d33d/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a5:30:0f:61:91:6e:17:b7:e1:7e:05:fa:64:7f:7f:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 6 15:11:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f11b31e72ec4ff695f0ca3fd25489a0682e55bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:74:d2:46:0f:1c:85:e1:dc:76:71:c5:85:bf:
99:22:bf:2d:06:a5:d2:2f:34:00:4d:5e:23:8a:85:
9c:1d:8a:79:f0:d7:37:a9:c3:3d:45:dc:09:21:2f:
94:52:c3:1d:cc:ac:69:2e:55:5d:c8:1c:6b:1c:76:
b2:95:fa:f3:33:6e:d0:10:4c:02:4c:4e:7f:b6:f8:
ed:e5:4b:b0:c2:10:c1:cf:ec:cb:49:db:b1:d7:17:
37:de:64:f6:2a:8f:33:ed:93:02:d1:28:1d:ec:3d:
b5:fc:1d:c5:6e:8a:06:92:86:e0:a8:ed:2e:59:da:
81:11:f9:f8:41:74:48:e4:ea:eb:15:68:e4:39:67:
7a:8a:b3:a7:ab:e3:b6:cc:87:13:65:81:92:2d:80:
1a:be:2d:b5:ba:31:37:3f:23:f6:66:cb:af:71:39:
e1:c1:fc:df:a9:b9:c8:e0:c4:6d:8e:75:c9:57:b8:
21:4e:88:fe:80:b3:3b:cb:ca:a8:a7:de:63:82:45:
3b:bd:9b:67:3f:36:e0:a9:b9:34:49:3d:4a:14:c6:
76:bb:e2:e7:e5:05:58:b2:7e:a2:e5:b3:8e:06:d0:
c0:71:02:a8:e9:23:52:64:bd:0f:cc:b3:5a:b5:dc:
3c:4c:99:11:54:5a:15:91:4b:f1:0c:d6:dd:00:a8:
56:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:11:B3:1E:72:EC:4F:F6:95:F0:CA:3F:D2:54:89:A0:68:2E:55:BC
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TxGzHnLsT_aV8Mo_0lSJoGguVbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
66:86:fb:30:a9:67:c6:48:d3:38:f4:26:df:13:93:1a:38:d2:
bc:03:75:87:60:b0:dc:24:12:f3:ed:fb:d0:c8:f1:59:8e:0f:
d2:30:42:8d:30:22:7b:0c:92:1c:35:db:4b:34:33:ec:6d:26:
41:8d:d5:16:da:50:92:6e:48:0a:b4:de:61:87:7e:25:bf:7a:
fb:87:57:06:18:a2:6c:f7:cc:37:6a:31:13:d7:1a:63:90:9c:
d4:1e:22:b6:46:af:12:fd:8f:dc:76:b7:5f:34:7b:8d:b5:ef:
c1:95:e2:f9:09:dc:0d:05:44:24:d0:e3:e4:98:70:30:24:a1:
44:4d:e4:5e:db:54:4e:77:df:fe:f4:01:00:48:1a:65:a5:4c:
85:57:0b:24:a5:c5:f7:93:7e:34:91:c6:4e:6f:1a:26:a4:2e:
59:5d:81:15:2e:88:88:39:57:60:25:a7:3e:66:65:51:d5:ea:
3f:fe:7e:0e:32:03:38:19:4e:1f:f6:84:06:af:58:f7:8c:2d:
10:f9:c5:c8:a7:b1:4e:f9:3f:d4:cc:6b:82:53:ee:cc:f0:4b:
b1:cc:c4:56:22:a7:49:22:02:71:8d:ef:bb:03:cb:29:4b:42:
4f:91:00:cc:b3:55:3f:7e:11:73:a5:9c:48:79:75:0e:4a:1c:
8c:5f:5e:66
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYulMA9hkW4Xt+F+Bfpkf39SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA2MTUxMTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjExYjMxZTcyZWM0ZmY2OTVmMGNhM2ZkMjU0ODlhMDY4MmU1NWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHTSRg8cheHcdnHFhb+ZIr8tBqXS
LzQATV4jioWcHYp58Nc3qcM9RdwJIS+UUsMdzKxpLlVdyBxrHHaylfrzM27QEEwC
TE5/tvjt5UuwwhDBz+zLSdux1xc33mT2Ko8z7ZMC0Sgd7D21/B3FbooGkobgqO0u
WdqBEfn4QXRI5OrrFWjkOWd6irOnq+O2zIcTZYGSLYAavi21ujE3PyP2ZsuvcTnh
wfzfqbnI4MRtjnXJV7ghToj+gLM7y8qop95jgkU7vZtnPzbgqbk0ST1KFMZ2u+Ln
5QVYsn6i5bOOBtDAcQKo6SNSZL0PzLNatdw8TJkRVFoVkUvxDNbdAKhW9wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE8Rsx5y7E/2lfDKP9JUiaBoLlW8MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVHhHekhuTHNUX2FWOE1vXzBsU0pvR2d1VmJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGaG+zCpZ8ZI0zj0Jt8T
kxo40rwDdYdgsNwkEvPt+9DI8VmOD9IwQo0wInsMkhw120s0M+xtJkGN1RbaUJJu
SAq03mGHfiW/evuHVwYYomz3zDdqMRPXGmOQnNQeIrZGrxL9j9x2t180e42178GV
4vkJ3A0FRCTQ4+SYcDAkoURN5F7bVE533/70AQBIGmWlTIVXCySlxfeTfjSRxk5v
GiakLlldgRUuiIg5V2Alpz5mZVHV6j/+fg4yAzgZTh/2hAavWPeMLRD5xcinsU75
P9TMa4JT7szwS7HMxFYip0kiAnGN77sDyylLQk+RAMyzVT9+EXOlnEh5dQ5KHIxf
XmY=
-----END CERTIFICATE-----
Generated at Tue Apr 22 18:28:25 2025 by rpki-client