Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/UAoQWZRje3ajX53Yp8--yCtEq6I.roa
File: UAoQWZRje3ajX53Yp8--yCtEq6I.roa (raw, json)
Hash identifier: tuYBVTK5TYzdx4rvKLuCd5+fqzcQaalMppduWJolg4M=
Subject key identifier: 50:0A:10:59:94:63:7B:76:A3:5F:9D:D8:A7:CF:BE:C8:2B:44:AB:A2
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BB690616317E8C9D4C9B7D980144BBD56
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/UAoQWZRje3ajX53Yp8--yCtEq6I.roa
Signing time: Fri 10 Nov 2023 00:09:57 +0000
ROA not before: Fri 10 Nov 2023 00:09:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b6:90:61:63:17:e8:c9:d4:c9:b7:d9:80:14:4b:bd:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 10 00:09:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=500a105994637b76a35f9dd8a7cfbec82b44aba2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:4f:60:bc:72:76:cd:d3:97:26:49:70:23:3b:
da:e9:bd:85:0e:26:14:af:b6:5d:8c:6c:3a:07:e5:
a2:e3:d2:4a:89:f6:66:bf:ba:91:89:43:e7:36:8a:
fc:8d:3b:59:95:dd:65:90:b6:33:a6:22:62:08:2d:
15:81:ac:34:32:a8:95:67:92:d9:c8:43:f0:8c:48:
d3:2b:64:4b:bb:83:be:c9:7b:21:72:db:82:48:e4:
82:ed:8d:61:b7:03:81:08:2c:d2:d0:0d:80:e7:cf:
0d:14:6c:cb:b3:2f:ed:ee:41:2a:86:96:6a:27:8b:
79:85:54:d8:2d:66:09:4c:91:8b:c9:f4:ab:e8:cf:
f5:06:6b:8d:64:4c:06:41:ef:05:6d:c8:1a:35:58:
d1:9a:e1:df:69:98:c2:61:8b:31:c0:d5:1a:05:c8:
eb:6e:60:23:0a:64:27:07:71:21:f4:2c:64:05:eb:
b9:01:1b:42:f6:3a:b5:af:96:b4:62:5f:00:fc:16:
89:86:b1:35:50:f5:5a:94:01:1e:05:d4:b1:9f:e3:
10:c7:49:3c:93:54:91:c1:82:f1:80:fc:fd:93:28:
d3:dc:aa:de:ef:48:82:6a:3f:a7:b6:87:29:8a:2a:
c7:44:4d:2f:bf:a2:f9:6c:b9:db:7d:24:9d:e1:ff:
4d:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:0A:10:59:94:63:7B:76:A3:5F:9D:D8:A7:CF:BE:C8:2B:44:AB:A2
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/UAoQWZRje3ajX53Yp8--yCtEq6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
cd:13:fe:01:f4:eb:bb:27:74:64:c4:e1:cc:a0:23:85:f3:95:
ec:8f:aa:0d:ef:84:bf:55:81:e2:10:ac:2f:7e:2d:b7:32:49:
b5:8a:ed:3c:94:e0:0d:bd:8c:5e:09:9d:52:d2:b4:d9:f0:ab:
a2:0b:75:a2:30:5d:6a:f7:85:e4:d8:55:61:94:07:cb:59:2a:
09:fa:be:a3:d8:8a:06:be:82:5c:51:f5:1b:95:4f:46:ef:de:
66:89:fb:20:a6:63:54:4a:6e:f1:03:2e:76:40:5b:99:8b:08:
7c:b3:b6:cf:5a:43:af:16:ad:b5:b8:b8:d1:3c:6b:3d:3e:a6:
75:8e:bd:a2:e3:bb:ca:18:24:26:65:07:a7:3f:91:7c:3c:96:
4e:09:cf:92:3c:09:13:ea:ca:b6:06:2e:a3:df:b4:85:7b:3b:
fb:4e:51:fa:66:a2:eb:01:08:c4:40:d2:1d:b9:b0:e5:90:e6:
a6:97:f8:65:41:d8:8f:8f:a2:7d:d4:a5:d2:b2:93:77:f3:5c:
eb:61:cd:09:65:bc:ff:39:63:33:f8:e8:44:23:34:3b:37:37:
8b:3f:02:72:7d:de:05:91:0d:7d:32:a7:0f:b6:47:d2:15:56:
1e:5c:54:03:94:f7:e0:d9:ae:46:a0:8d:67:e7:38:37:99:f8:
5c:30:34:52
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYu2kGFjF+jJ1Mm32YAUS71WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTEwMDAwOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDBhMTA1OTk0NjM3Yjc2YTM1ZjlkZDhhN2NmYmVjODJiNDRhYmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuU9gvHJ2zdOXJklwIzva6b2FDiYU
r7ZdjGw6B+Wi49JKifZmv7qRiUPnNor8jTtZld1lkLYzpiJiCC0Vgaw0MqiVZ5LZ
yEPwjEjTK2RLu4O+yXshctuCSOSC7Y1htwOBCCzS0A2A588NFGzLsy/t7kEqhpZq
J4t5hVTYLWYJTJGLyfSr6M/1BmuNZEwGQe8FbcgaNVjRmuHfaZjCYYsxwNUaBcjr
bmAjCmQnB3Eh9CxkBeu5ARtC9jq1r5a0Yl8A/BaJhrE1UPValAEeBdSxn+MQx0k8
k1SRwYLxgPz9kyjT3Kre70iCaj+ntocpiirHRE0vv6L5bLnbfSSd4f9NpwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFAKEFmUY3t2o1+d2KfPvsgrRKuiMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVUFvUVdaUmplM2FqWDUzWXA4LS15Q3RFcTZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAM0T/gH067sndGTE4cyg
I4XzleyPqg3vhL9VgeIQrC9+LbcySbWK7TyU4A29jF4JnVLStNnwq6ILdaIwXWr3
heTYVWGUB8tZKgn6vqPYiga+glxR9RuVT0bv3maJ+yCmY1RKbvEDLnZAW5mLCHyz
ts9aQ68WrbW4uNE8az0+pnWOvaLju8oYJCZlB6c/kXw8lk4Jz5I8CRPqyrYGLqPf
tIV7O/tOUfpmousBCMRA0h25sOWQ5qaX+GVB2I+Pon3UpdKyk3fzXOthzQllvP85
YzP46EQjNDs3N4s/AnJ93gWRDX0ypw+2R9IVVh5cVAOU9+DZrkagjWfnODeZ+Fww
NFI=
-----END CERTIFICATE-----
Generated at Tue Apr 22 16:39:09 2025 by rpki-client