Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/U6lIr7dThzEAEY8QthFFrvXWwQk.roa
File: U6lIr7dThzEAEY8QthFFrvXWwQk.roa (raw, json)
Hash identifier: NGMcS5PPPTA/3eLANtVc3S9jWK0R3H+ZNTJJSOFtyHc=
Subject key identifier: 53:A9:48:AF:B7:53:87:31:00:11:8F:10:B6:11:45:AE:F5:D6:C1:09
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C47A0CD65F60302F6670CAE720E7EC2AD
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/U6lIr7dThzEAEY8QthFFrvXWwQk.roa
Signing time: Fri 08 Dec 2023 04:12:49 +0000
ROA not before: Fri 08 Dec 2023 04:12:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:47:a0:cd:65:f6:03:02:f6:67:0c:ae:72:0e:7e:c2:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 8 04:12:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53a948afb753873100118f10b61145aef5d6c109
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0b:ad:3f:a6:47:c0:ec:c9:dc:9b:52:50:5b:
bb:e9:e1:ab:e2:ba:60:7f:6f:e3:4d:96:c5:7e:bd:
83:48:16:c3:8d:bf:99:d4:4f:54:83:24:41:da:c0:
05:ee:f9:41:1a:6a:79:09:84:e9:58:ae:bd:b9:ea:
99:17:52:21:d1:26:b8:59:24:61:62:d9:2a:b1:83:
42:9d:7e:76:7d:b7:23:03:e5:19:8a:52:d9:74:a6:
f7:c0:71:62:bd:d9:cf:9f:19:bc:9d:39:5a:1a:10:
8c:e7:6f:03:67:4f:a2:26:06:4b:28:ee:dd:cd:ba:
3e:9a:23:84:2a:09:cf:e3:bb:c3:5e:72:16:29:d1:
d5:f2:50:9d:a2:89:10:ad:fb:8d:97:9f:1d:bb:56:
c5:ea:d5:45:12:41:29:1e:2b:2c:c7:35:2a:be:e5:
55:27:39:b3:1d:d2:fc:75:f4:df:17:fa:e7:04:db:
a3:78:54:9d:58:3c:29:6f:cf:30:5e:03:f9:18:c2:
bb:bf:5a:15:5b:29:0d:f6:ab:11:df:2c:60:86:94:
6f:f9:d6:c6:53:82:eb:1a:16:f7:97:d8:97:f4:d3:
b0:cd:7f:47:0b:08:1d:a0:b3:80:ec:48:e4:d3:a1:
ab:84:9c:6b:8a:25:29:6f:95:1b:1e:9e:b0:7b:9e:
a7:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:A9:48:AF:B7:53:87:31:00:11:8F:10:B6:11:45:AE:F5:D6:C1:09
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/U6lIr7dThzEAEY8QthFFrvXWwQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
86:3c:5d:c7:0e:2d:63:b6:02:d2:64:e7:bd:aa:30:84:69:e2:
b4:d7:73:9d:06:29:a5:57:44:0a:fb:88:24:ef:0a:97:73:3e:
a3:a5:50:15:73:7a:4c:57:8d:b2:10:ec:48:52:55:45:29:dc:
27:93:65:32:1c:68:a8:02:ff:e9:64:33:02:79:19:67:59:10:
3d:5e:94:98:b7:8d:a6:b7:f9:66:66:a1:f3:5d:f2:fe:b6:fc:
9b:79:66:f9:80:e0:5b:65:fe:95:4a:4b:15:bc:9d:77:18:63:
2a:28:f3:22:66:46:b8:be:61:5b:5c:3e:65:d8:a4:2c:4c:b8:
8a:68:da:de:3a:b8:47:6a:1e:8a:f2:da:3b:1b:35:b7:97:62:
72:d4:84:a4:95:d3:ee:2e:70:04:81:44:69:a6:ca:8b:97:b6:
26:c7:10:99:e2:7d:6e:96:ea:d2:99:d0:40:58:53:a7:fa:e4:
6c:f5:8b:c6:0c:f2:69:8a:c4:45:a6:f7:57:a1:81:55:6f:96:
1e:6f:4b:7e:f1:40:26:67:58:05:69:8d:57:1d:36:48:a9:f1:
bd:28:ed:f0:67:90:96:c5:48:25:e5:37:08:da:28:0e:38:c9:
4c:6e:a2:81:66:c2:7d:04:58:62:cd:65:18:ce:2a:f0:bb:3a:
32:ea:4a:42
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxHoM1l9gMC9mcMrnIOfsKtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA4MDQxMjQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2E5NDhhZmI3NTM4NzMxMDAxMThmMTBiNjExNDVhZWY1ZDZjMTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAutP6ZHwOzJ3JtSUFu76eGr4rpg
f2/jTZbFfr2DSBbDjb+Z1E9UgyRB2sAF7vlBGmp5CYTpWK69ueqZF1Ih0Sa4WSRh
YtkqsYNCnX52fbcjA+UZilLZdKb3wHFivdnPnxm8nTlaGhCM528DZ0+iJgZLKO7d
zbo+miOEKgnP47vDXnIWKdHV8lCdookQrfuNl58du1bF6tVFEkEpHissxzUqvuVV
JzmzHdL8dfTfF/rnBNujeFSdWDwpb88wXgP5GMK7v1oVWykN9qsR3yxghpRv+dbG
U4LrGhb3l9iX9NOwzX9HCwgdoLOA7Ejk06GrhJxriiUpb5UbHp6we56nBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFOpSK+3U4cxABGPELYRRa711sEJMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVTZsSXI3ZFRoekVBRVk4UXRoRkZydlhXd1FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIY8XccOLWO2AtJk572q
MIRp4rTXc50GKaVXRAr7iCTvCpdzPqOlUBVzekxXjbIQ7EhSVUUp3CeTZTIcaKgC
/+lkMwJ5GWdZED1elJi3jaa3+WZmofNd8v62/Jt5ZvmA4Ftl/pVKSxW8nXcYYyoo
8yJmRri+YVtcPmXYpCxMuIpo2t46uEdqHory2jsbNbeXYnLUhKSV0+4ucASBRGmm
youXtibHEJnifW6W6tKZ0EBYU6f65Gz1i8YM8mmKxEWm91ehgVVvlh5vS37xQCZn
WAVpjVcdNkip8b0o7fBnkJbFSCXlNwjaKA44yUxuooFmwn0EWGLNZRjOKvC7OjLq
SkI=
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:58:49 2025 by rpki-client