Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/US008fYxXDnpF_tz6aulB732kyE.roa
File: US008fYxXDnpF_tz6aulB732kyE.roa (raw, json)
Hash identifier: LnAnXWvA2OxfWage5P9rBk9LgPlt+mDEvjvZgAnSGOE=
Subject key identifier: 51:2D:34:F1:F6:31:5C:39:E9:17:FB:73:E9:AB:A5:07:BD:F6:93:21
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B4C5D29E1FC5522B987D0B6115A1F3C86
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/US008fYxXDnpF_tz6aulB732kyE.roa
Signing time: Fri 20 Oct 2023 09:14:15 +0000
ROA not before: Fri 20 Oct 2023 09:14:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4c:5d:29:e1:fc:55:22:b9:87:d0:b6:11:5a:1f:3c:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 20 09:14:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=512d34f1f6315c39e917fb73e9aba507bdf69321
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:42:0f:cb:06:f0:ac:31:9a:be:2b:52:a4:42:
24:d6:47:9e:19:ef:45:1c:93:a8:2f:15:53:64:e2:
8c:72:82:3f:d1:14:2e:ed:c7:73:2c:53:a4:f4:25:
f0:cb:39:bd:af:39:c1:00:a1:e2:f6:b7:fe:99:7a:
01:9b:8b:7f:48:1e:00:f6:c8:91:58:07:e3:a0:03:
49:bf:a2:5e:98:28:ad:e6:9b:44:86:81:0d:4f:de:
c1:1a:01:a1:55:72:10:73:22:f4:2f:03:6b:c6:38:
18:a3:84:5d:fb:77:f5:2d:3a:cf:b4:3f:f3:b5:1d:
c1:ef:77:8e:e1:fc:32:be:3c:c5:3a:ef:b8:e4:d3:
78:c3:c1:79:4f:64:35:86:8a:f3:e9:20:56:7c:28:
23:91:11:bb:10:aa:cb:a9:d8:81:c1:a8:f5:75:41:
e0:15:01:63:47:41:29:36:cd:d7:a0:1e:5a:9f:46:
64:3b:be:80:93:04:88:b8:7d:b9:4b:46:47:a9:bd:
41:e2:73:79:81:1d:e6:b8:66:0f:2b:26:42:79:62:
05:85:2a:1a:02:03:6f:5c:1d:17:92:bf:0a:9d:ca:
85:7f:50:d2:22:15:fa:db:5f:b6:3f:95:23:47:e6:
09:4c:1b:eb:38:92:e1:cf:cc:54:fc:f8:a9:bb:fa:
2a:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:2D:34:F1:F6:31:5C:39:E9:17:FB:73:E9:AB:A5:07:BD:F6:93:21
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/US008fYxXDnpF_tz6aulB732kyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
21:a8:d6:82:ad:92:5b:78:25:1a:29:39:76:1c:27:f1:37:4b:
22:49:c8:80:d0:df:77:a7:04:c8:fe:a0:12:9e:91:2e:50:eb:
50:23:8b:67:38:af:60:30:3b:f9:0a:2a:79:67:2e:d0:ed:f5:
81:7b:ca:b8:d9:0b:cf:dd:59:40:80:1d:c7:e0:64:3e:5e:14:
5d:5f:22:de:75:88:a1:ac:f4:c0:52:5a:2c:c5:0a:17:96:44:
99:66:8c:53:87:62:19:9a:3c:d5:ff:24:f7:59:80:f9:03:8b:
ee:ac:d8:55:f3:1e:3d:c0:63:fd:71:c0:fd:03:ee:53:c5:c1:
d0:42:b3:25:8f:6c:ab:61:72:9d:0f:b6:42:03:f9:e4:4c:13:
f6:7d:84:f7:de:22:b6:d3:bd:ab:5c:7e:6b:3b:0f:fe:57:77:
26:32:84:92:72:9e:03:e1:21:78:11:7d:b4:18:89:ab:e8:a3:
26:67:55:98:b6:19:55:9b:76:7e:21:ad:db:f7:c0:22:99:e6:
f3:3c:6e:11:a2:19:8c:b5:ae:66:1f:b4:18:49:5b:d0:d8:28:
f5:14:9a:c0:5b:95:3d:0e:cc:a8:18:26:68:c2:40:f1:83:80:
61:44:5b:80:9b:d5:01:94:c7:c4:19:87:6a:01:1f:92:75:b1:
a3:44:02:0f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtMXSnh/FUiuYfQthFaHzyGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIwMDkxNDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTJkMzRmMWY2MzE1YzM5ZTkxN2ZiNzNlOWFiYTUwN2JkZjY5MzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkIPywbwrDGavitSpEIk1keeGe9F
HJOoLxVTZOKMcoI/0RQu7cdzLFOk9CXwyzm9rznBAKHi9rf+mXoBm4t/SB4A9siR
WAfjoANJv6JemCit5ptEhoENT97BGgGhVXIQcyL0LwNrxjgYo4Rd+3f1LTrPtD/z
tR3B73eO4fwyvjzFOu+45NN4w8F5T2Q1horz6SBWfCgjkRG7EKrLqdiBwaj1dUHg
FQFjR0EpNs3XoB5an0ZkO76AkwSIuH25S0ZHqb1B4nN5gR3muGYPKyZCeWIFhSoa
AgNvXB0Xkr8KncqFf1DSIhX621+2P5UjR+YJTBvrOJLhz8xU/Pipu/oq/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFEtNPH2MVw56Rf7c+mrpQe99pMhMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVVMwMDhmWXhYRG5wRl90ejZhdWxCNzMya3lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACGo1oKtklt4JRopOXYc
J/E3SyJJyIDQ33enBMj+oBKekS5Q61Aji2c4r2AwO/kKKnlnLtDt9YF7yrjZC8/d
WUCAHcfgZD5eFF1fIt51iKGs9MBSWizFCheWRJlmjFOHYhmaPNX/JPdZgPkDi+6s
2FXzHj3AY/1xwP0D7lPFwdBCsyWPbKthcp0PtkID+eRME/Z9hPfeIrbTvatcfms7
D/5XdyYyhJJyngPhIXgRfbQYiavooyZnVZi2GVWbdn4hrdv3wCKZ5vM8bhGiGYy1
rmYftBhJW9DYKPUUmsBblT0OzKgYJmjCQPGDgGFEW4Cb1QGUx8QZh2oBH5J1saNE
Ag8=
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:04:42 2025 by rpki-client