Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/UIOctbcmFlyAJSZ4KkN2YtktysY.roa
File: UIOctbcmFlyAJSZ4KkN2YtktysY.roa (raw, json)
Hash identifier: n0umNQTmrs+uGJXQO0xMc5BSxcZE13z1q4lTFVbGKJM=
Subject key identifier: 50:83:9C:B5:B7:26:16:5C:80:25:26:78:2A:43:76:62:D9:2D:CA:C6
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B2EF82428A3DF6795A2567AD1338327D5
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/UIOctbcmFlyAJSZ4KkN2YtktysY.roa
Signing time: Sat 14 Oct 2023 16:14:55 +0000
ROA not before: Sat 14 Oct 2023 16:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:2e:f8:24:28:a3:df:67:95:a2:56:7a:d1:33:83:27:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 14 16:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=50839cb5b726165c802526782a437662d92dcac6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:31:28:1a:b0:fd:c1:52:56:a9:97:ac:aa:0f:
f8:ce:75:c0:16:cf:41:0f:90:90:1e:9c:a6:7e:18:
da:a7:06:f6:48:3f:23:2a:bb:c9:ad:70:1d:3f:31:
fe:e2:99:ec:f4:f2:d4:2b:7f:5d:1e:4a:b6:09:25:
62:14:5a:44:8e:c6:40:f8:78:c2:8a:ff:59:72:f5:
78:82:2e:8b:fd:2f:aa:42:ee:12:2f:63:2d:f6:6d:
6a:fc:06:bd:d0:fa:c6:5e:96:e0:88:e2:d6:40:89:
fa:c9:c5:f3:ba:7a:f3:4f:e5:3e:4e:96:d8:56:91:
62:6a:16:76:aa:35:6b:0e:ff:c5:a6:b4:49:5d:93:
d8:69:0d:64:f9:f2:bc:b4:2a:bf:ee:bd:11:f7:94:
c2:a9:d1:5a:1e:8e:13:20:3c:1a:c0:84:bb:21:31:
24:6a:f4:3d:13:64:1c:b9:df:ba:25:89:07:23:1f:
a9:2e:14:4c:a8:18:db:27:71:df:2e:44:9a:0c:f1:
8c:ff:f5:81:30:d1:47:c8:69:d3:38:a1:78:85:2d:
f5:1b:c4:86:6a:36:a3:1c:0e:33:83:64:92:52:4c:
19:35:24:a7:5b:d4:f8:5d:98:48:47:7c:f9:88:27:
9f:de:7d:c2:1b:f7:fd:51:12:a9:b7:a9:ca:2a:a6:
ac:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:83:9C:B5:B7:26:16:5C:80:25:26:78:2A:43:76:62:D9:2D:CA:C6
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/UIOctbcmFlyAJSZ4KkN2YtktysY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7c:0c:04:2b:ab:50:82:f3:38:0e:b7:97:6a:3f:f2:40:c6:ca:
40:a5:c4:0a:ab:50:30:b5:9f:da:be:89:67:04:ed:fe:10:2b:
1a:cd:b3:bc:0c:71:b8:84:dd:a4:09:68:0a:d0:1e:bb:36:77:
90:3d:53:0a:ca:5d:1f:5a:79:f9:25:9d:91:56:98:40:3d:ac:
6b:a5:41:d0:6e:9c:55:b4:e4:52:c1:1b:84:37:1c:1b:4f:d2:
3a:0f:7f:77:d8:16:a2:ad:b5:2f:00:12:bf:8d:8f:a8:2a:16:
de:5b:05:21:e1:af:bf:55:8a:1a:fe:88:73:97:fd:ef:f0:7f:
e2:c5:a8:d7:5f:72:69:33:21:76:7e:0a:4c:04:7c:27:6a:0c:
f2:b5:5a:51:da:b7:19:c0:95:1c:5f:4a:71:a1:b7:24:24:15:
46:8d:34:17:6a:26:f3:0c:18:c7:f9:e7:ba:60:02:6f:3c:bc:
da:fc:e2:bb:64:c5:3a:66:71:36:00:72:3a:20:05:a4:3b:aa:
3f:80:18:59:64:e9:18:89:a7:fa:8a:0e:95:a1:c8:5d:70:bb:
97:c8:b6:dd:58:1f:ad:ee:ef:9a:ba:61:dc:8c:d0:1b:83:84:
c1:ff:ed:40:74:49:f0:66:fe:9f:88:14:25:2c:0d:d0:47:be:
30:ba:ec:5a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsu+CQoo99nlaJWetEzgyfVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE0MTYxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDgzOWNiNWI3MjYxNjVjODAyNTI2NzgyYTQzNzY2MmQ5MmRjYWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzEoGrD9wVJWqZesqg/4znXAFs9B
D5CQHpymfhjapwb2SD8jKrvJrXAdPzH+4pns9PLUK39dHkq2CSViFFpEjsZA+HjC
iv9ZcvV4gi6L/S+qQu4SL2Mt9m1q/Aa90PrGXpbgiOLWQIn6ycXzunrzT+U+TpbY
VpFiahZ2qjVrDv/FprRJXZPYaQ1k+fK8tCq/7r0R95TCqdFaHo4TIDwawIS7ITEk
avQ9E2Qcud+6JYkHIx+pLhRMqBjbJ3HfLkSaDPGM//WBMNFHyGnTOKF4hS31G8SG
ajajHA4zg2SSUkwZNSSnW9T4XZhIR3z5iCef3n3CG/f9URKpt6nKKqaszQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFCDnLW3JhZcgCUmeCpDdmLZLcrGMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVUlPY3RiY21GbHlBSlNaNEtrTjJZdGt0eXNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHwMBCurUILzOA63l2o/
8kDGykClxAqrUDC1n9q+iWcE7f4QKxrNs7wMcbiE3aQJaArQHrs2d5A9UwrKXR9a
efklnZFWmEA9rGulQdBunFW05FLBG4Q3HBtP0joPf3fYFqKttS8AEr+Nj6gqFt5b
BSHhr79Vihr+iHOX/e/wf+LFqNdfcmkzIXZ+CkwEfCdqDPK1WlHatxnAlRxfSnGh
tyQkFUaNNBdqJvMMGMf557pgAm88vNr84rtkxTpmcTYAcjogBaQ7qj+AGFlk6RiJ
p/qKDpWhyF1wu5fItt1YH63u75q6YdyM0BuDhMH/7UB0SfBm/p+IFCUsDdBHvjC6
7Fo=
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:26:35 2025 by rpki-client