Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/U7PHwuw9M_cqHI3MVoG2tY57OAg.roa
File: U7PHwuw9M_cqHI3MVoG2tY57OAg.roa (raw, json)
Hash identifier: efcj1ywqjsbV9oXPY6hzVBwaa6Dqtcsnqfp0y/z8va0=
Subject key identifier: 53:B3:C7:C2:EC:3D:33:F7:2A:1C:8D:CC:56:81:B6:B5:8E:7B:38:08
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B107DD4B316DAC8B43B94354155646094
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/U7PHwuw9M_cqHI3MVoG2tY57OAg.roa
Signing time: Sun 08 Oct 2023 18:12:43 +0000
ROA not before: Sun 08 Oct 2023 18:12:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:10:7d:d4:b3:16:da:c8:b4:3b:94:35:41:55:64:60:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 8 18:12:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53b3c7c2ec3d33f72a1c8dcc5681b6b58e7b3808
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ae:18:09:b6:51:f9:be:4c:e6:6b:54:c9:20:
08:3c:ed:93:6e:10:cf:df:41:1d:bf:08:bf:b7:e6:
36:90:5e:5c:85:75:75:ef:6c:5c:99:4e:47:d8:ca:
d7:a6:4a:35:1d:86:63:8b:56:64:e6:d2:a9:d5:69:
dc:5e:d9:0e:74:c2:e9:cd:fb:b8:20:de:53:32:a1:
1e:c0:21:ea:46:0c:a4:71:d6:12:85:e9:10:54:a4:
09:75:f4:0c:7c:2a:01:ac:0a:0f:41:39:78:a3:24:
70:15:4c:46:57:e8:d4:e7:77:83:c0:e9:9a:12:2d:
4a:79:af:15:fe:56:cf:56:ae:87:fb:3c:07:d8:11:
4a:6d:5b:67:1d:6c:4b:78:68:ec:4b:63:64:95:f0:
07:1d:5e:2c:96:d4:6f:0f:b6:3e:02:17:63:7b:be:
d7:6a:50:f6:58:5e:45:cf:26:a1:74:17:f9:e9:15:
92:7c:43:26:fa:de:7f:59:07:d0:62:41:03:9d:34:
01:a3:56:0d:67:76:e3:06:e7:9a:85:de:1a:5f:0f:
00:ff:2e:c4:87:db:9c:05:58:a9:13:ef:98:ea:78:
ee:e3:d7:53:62:63:ec:09:34:24:2c:21:62:e1:47:
37:45:39:ac:cf:bc:43:08:2c:d1:a2:18:18:c1:d4:
4c:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:B3:C7:C2:EC:3D:33:F7:2A:1C:8D:CC:56:81:B6:B5:8E:7B:38:08
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/U7PHwuw9M_cqHI3MVoG2tY57OAg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3c:95:53:cb:05:6d:6f:51:eb:9a:1b:02:38:b9:01:ed:b9:2d:
1a:a9:69:c3:4e:d8:74:80:2a:88:ea:57:23:a6:9f:e0:79:86:
fe:db:50:3c:d0:4e:c6:50:7c:9c:35:bf:82:a2:c7:de:62:9c:
3f:03:20:97:e1:cc:2f:aa:86:b0:a9:fd:c0:05:22:a0:12:10:
e0:d8:ff:83:cc:61:16:13:d7:d0:02:9f:2b:fb:cd:69:95:cf:
10:a4:1e:d5:be:6f:70:ae:17:bc:3e:f0:6d:04:10:2b:df:18:
fb:bd:68:26:49:d4:d2:55:c4:22:6c:a0:ed:33:ba:db:71:f4:
ac:8c:a1:36:32:a2:b6:6c:c0:6e:f5:8a:cd:06:00:d8:a6:f2:
5b:a3:a7:41:90:fb:0b:8b:05:4e:4f:0b:6a:f3:a7:9e:60:15:
41:c8:55:6e:8f:8f:67:07:21:5f:dd:31:fc:a6:ca:d6:e0:c9:
58:c8:40:fe:56:d0:12:9d:cf:68:90:35:99:19:ab:bc:5f:b8:
4a:fc:88:9e:32:73:79:ad:56:82:26:aa:cb:a9:91:94:04:27:
9e:0f:be:1d:81:47:69:29:4c:94:a9:88:75:d1:33:05:8b:78:
8d:d9:8e:26:08:3c:bb:98:1f:c2:ae:27:f8:2f:c2:a6:7f:20:
83:31:ba:89
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsQfdSzFtrItDuUNUFVZGCUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA4MTgxMjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2IzYzdjMmVjM2QzM2Y3MmExYzhkY2M1NjgxYjZiNThlN2IzODA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsq4YCbZR+b5M5mtUySAIPO2TbhDP
30Edvwi/t+Y2kF5chXV172xcmU5H2MrXpko1HYZji1Zk5tKp1WncXtkOdMLpzfu4
IN5TMqEewCHqRgykcdYShekQVKQJdfQMfCoBrAoPQTl4oyRwFUxGV+jU53eDwOma
Ei1Kea8V/lbPVq6H+zwH2BFKbVtnHWxLeGjsS2NklfAHHV4sltRvD7Y+Ahdje77X
alD2WF5FzyahdBf56RWSfEMm+t5/WQfQYkEDnTQBo1YNZ3bjBueahd4aXw8A/y7E
h9ucBVipE++Y6nju49dTYmPsCTQkLCFi4Uc3RTmsz7xDCCzRohgYwdRMAwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFOzx8LsPTP3KhyNzFaBtrWOezgIMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVTdQSHd1dzlNX2NxSEkzTVZvRzJ0WTU3T0FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADyVU8sFbW9R65obAji5
Ae25LRqpacNO2HSAKojqVyOmn+B5hv7bUDzQTsZQfJw1v4Kix95inD8DIJfhzC+q
hrCp/cAFIqASEODY/4PMYRYT19ACnyv7zWmVzxCkHtW+b3CuF7w+8G0EECvfGPu9
aCZJ1NJVxCJsoO0zuttx9KyMoTYyorZswG71is0GANim8lujp0GQ+wuLBU5PC2rz
p55gFUHIVW6Pj2cHIV/dMfymytbgyVjIQP5W0BKdz2iQNZkZq7xfuEr8iJ4yc3mt
VoImqsupkZQEJ54Pvh2BR2kpTJSpiHXRMwWLeI3ZjiYIPLuYH8KuJ/gvwqZ/IIMx
uok=
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:38:12 2025 by rpki-client