Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/UVbCs7rvIk2RMuZQXQfY7-uESUo.roa
File: UVbCs7rvIk2RMuZQXQfY7-uESUo.roa (raw, json)
Hash identifier: HbzPZR8YbE/NuruKvcXt1Zz+kBblDE0tJariHuJd5Ec=
Subject key identifier: 51:56:C2:B3:BA:EF:22:4D:91:32:E6:50:5D:07:D8:EF:EB:84:49:4A
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B31897D62143AFCA522CC38447D7BD8E2
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/UVbCs7rvIk2RMuZQXQfY7-uESUo.roa
Signing time: Sun 15 Oct 2023 04:12:55 +0000
ROA not before: Sun 15 Oct 2023 04:12:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:31:89:7d:62:14:3a:fc:a5:22:cc:38:44:7d:7b:d8:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 15 04:12:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5156c2b3baef224d9132e6505d07d8efeb84494a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:68:38:71:68:5c:82:ec:1a:5c:04:58:74:94:
61:25:79:7f:c3:a1:bb:b1:6d:4b:d8:77:8c:78:c6:
38:61:8c:b7:7d:58:3b:ea:e3:b2:55:b4:26:fc:b6:
fc:b6:27:cb:ca:4e:29:db:04:f2:09:0f:0b:5b:1c:
cd:52:bd:22:b5:7e:3c:dc:91:b3:02:07:34:0d:45:
5e:9e:3b:df:a6:11:aa:ea:f8:8f:6f:b8:22:22:26:
80:57:f4:49:59:19:b3:4b:86:06:d9:84:86:93:41:
c2:e3:f0:5a:43:aa:0c:cb:ba:43:b0:e0:16:58:0a:
45:87:ec:e3:67:8e:df:03:50:ee:10:80:72:b9:66:
8f:04:cb:d8:54:1c:c2:39:ce:16:2c:22:ca:29:98:
82:98:bd:1d:9b:78:d4:11:92:4c:ad:3f:77:7a:d1:
4f:1e:3b:f1:84:89:e1:8b:4c:64:ce:f1:b5:6f:dc:
ae:d7:51:7f:3a:70:e3:44:31:9d:28:ab:4d:90:9f:
e0:e8:36:94:a9:12:f1:da:7a:50:ee:1b:ae:f7:07:
60:d7:4f:85:63:c7:df:4b:73:13:e8:00:fc:3d:59:
51:b8:b6:ad:04:b2:bd:34:a3:a9:78:7d:d8:72:69:
fa:49:3e:52:b7:9b:03:12:7b:7b:3a:6e:72:63:76:
8e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:56:C2:B3:BA:EF:22:4D:91:32:E6:50:5D:07:D8:EF:EB:84:49:4A
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/UVbCs7rvIk2RMuZQXQfY7-uESUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
15:e8:8d:a0:84:9b:c1:06:81:ca:c1:c0:c4:91:f6:ef:11:ad:
f9:1f:d4:a2:1e:db:b3:21:1b:49:e1:7e:b1:29:e4:69:a4:13:
8f:a1:05:e7:6b:d7:80:69:7d:46:6c:b1:af:ca:88:58:a2:67:
8e:f4:a5:c0:4d:0d:d8:3b:10:28:b4:5b:84:6b:9c:21:d2:81:
73:09:23:e0:32:77:3b:cb:33:7c:7f:c0:27:2c:74:ff:bd:82:
db:7e:36:32:35:c1:cf:41:f0:7a:8c:ee:dd:1f:cf:cf:f3:8a:
d7:2a:20:67:b8:5a:0e:fe:52:ff:b1:e9:e5:40:ff:68:29:26:
0b:da:c8:63:79:3b:c6:e0:b4:41:b0:b1:5a:d4:47:8a:19:ce:
8a:53:a2:3f:62:20:f5:f4:55:7d:d9:73:31:21:6d:9b:46:a4:
24:dc:e3:cf:8f:f6:19:60:95:43:a8:3b:3d:60:7c:9f:5a:98:
f8:1e:69:b7:ee:81:32:a0:61:1c:b4:e9:47:6b:ae:60:1f:3c:
47:8a:29:50:24:26:9c:83:f2:fb:cc:e0:e6:aa:23:86:3b:11:
62:3d:58:df:6f:03:a2:c6:f3:99:37:e7:39:5e:f8:9e:7f:6a:
c0:14:e2:90:2c:3e:f7:2c:a8:98:90:1f:46:44:cd:b7:69:0f:
7b:27:de:c4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsxiX1iFDr8pSLMOER9e9jiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE1MDQxMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTU2YzJiM2JhZWYyMjRkOTEzMmU2NTA1ZDA3ZDhlZmViODQ0OTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymg4cWhcguwaXARYdJRhJXl/w6G7
sW1L2HeMeMY4YYy3fVg76uOyVbQm/Lb8tifLyk4p2wTyCQ8LWxzNUr0itX483JGz
Agc0DUVenjvfphGq6viPb7giIiaAV/RJWRmzS4YG2YSGk0HC4/BaQ6oMy7pDsOAW
WApFh+zjZ47fA1DuEIByuWaPBMvYVBzCOc4WLCLKKZiCmL0dm3jUEZJMrT93etFP
HjvxhInhi0xkzvG1b9yu11F/OnDjRDGdKKtNkJ/g6DaUqRLx2npQ7huu9wdg10+F
Y8ffS3MT6AD8PVlRuLatBLK9NKOpeH3Ycmn6ST5St5sDEnt7Om5yY3aOJQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFFWwrO67yJNkTLmUF0H2O/rhElKMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVVZiQ3M3cnZJazJSTXVaUVhRZlk3LXVFU1VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABXojaCEm8EGgcrBwMSR
9u8Rrfkf1KIe27MhG0nhfrEp5GmkE4+hBedr14BpfUZssa/KiFiiZ470pcBNDdg7
ECi0W4RrnCHSgXMJI+AydzvLM3x/wCcsdP+9gtt+NjI1wc9B8HqM7t0fz8/zitcq
IGe4Wg7+Uv+x6eVA/2gpJgvayGN5O8bgtEGwsVrUR4oZzopToj9iIPX0VX3ZczEh
bZtGpCTc48+P9hlglUOoOz1gfJ9amPgeabfugTKgYRy06UdrrmAfPEeKKVAkJpyD
8vvM4OaqI4Y7EWI9WN9vA6LG85k35zle+J5/asAU4pAsPvcsqJiQH0ZEzbdpD3sn
3sQ=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:07:24 2025 by rpki-client