Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Up0SbsH1BJM-g4e2NUMl6Z_fYN8.roa
File: Up0SbsH1BJM-g4e2NUMl6Z_fYN8.roa (raw, json)
Hash identifier: UkPQI50GrVNtwGc1SUnqCnVtGxcKfe/LYAyhg808CxU=
Subject key identifier: 52:9D:12:6E:C1:F5:04:93:3E:83:87:B6:35:43:25:E9:9F:DF:60:DF
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C4E11874BA2F54A6F99E7BB20064CD7AD
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Up0SbsH1BJM-g4e2NUMl6Z_fYN8.roa
Signing time: Sat 09 Dec 2023 10:13:40 +0000
ROA not before: Sat 09 Dec 2023 10:13:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:4e:11:87:4b:a2:f5:4a:6f:99:e7:bb:20:06:4c:d7:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 9 10:13:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=529d126ec1f504933e8387b6354325e99fdf60df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:9d:36:92:86:b1:0a:18:79:32:a3:08:47:e8:
59:97:4d:82:9a:63:81:a8:29:26:86:4a:00:98:11:
ea:91:e1:f9:64:2a:99:20:ff:2f:68:b9:86:e4:20:
80:9b:ed:3e:60:36:2a:b0:6d:2c:2d:84:d5:35:b8:
c1:f9:d5:1d:94:66:29:0c:27:04:27:82:8b:50:e0:
a8:5f:c6:44:b4:6e:df:fb:75:09:91:13:0a:5d:f1:
97:90:51:11:92:c7:1b:a4:6d:31:50:f3:cf:57:37:
87:fd:6a:ba:2e:63:f1:98:ed:dd:3a:56:19:f7:f3:
5e:59:77:e9:01:3c:b5:db:73:e4:26:41:7b:ba:3f:
05:68:62:1b:d0:0c:4b:6a:87:cd:14:4e:29:aa:9b:
da:60:d6:6b:da:b7:19:e1:c0:35:47:ed:d4:c4:33:
e6:59:7d:28:e3:28:cb:33:75:d5:a5:16:09:27:db:
09:a6:3d:34:28:01:27:0e:06:c1:b1:c6:f2:f3:9a:
a5:c6:4c:00:8a:d9:b3:f1:6f:ef:c0:57:13:82:71:
a5:53:40:fb:c8:bd:83:f5:17:e4:e9:03:38:78:1c:
33:d5:32:80:8f:a0:b6:81:50:6a:59:f6:a7:6a:a1:
86:10:6e:dd:3b:21:37:fd:fe:bf:9e:4f:a3:53:6b:
80:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:9D:12:6E:C1:F5:04:93:3E:83:87:B6:35:43:25:E9:9F:DF:60:DF
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Up0SbsH1BJM-g4e2NUMl6Z_fYN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
d4:24:d7:39:32:96:1b:31:53:75:66:40:ea:02:db:84:2f:52:
ab:1b:09:4b:6c:76:d3:9f:5b:99:6b:7f:18:47:2e:25:c3:20:
aa:f9:ab:44:42:ec:b7:6a:c6:73:42:85:1a:c5:e3:1f:c4:ce:
3f:c2:6e:8b:3c:4b:6f:5e:a6:5d:52:fb:20:e2:c4:e2:d4:8a:
74:e2:43:4e:74:3e:48:68:f2:da:c3:db:70:29:b3:22:c4:af:
31:8b:b7:c6:11:b4:69:1e:39:a4:02:83:53:76:3e:2b:a4:36:
d3:af:bf:0d:4d:88:0f:c2:05:4f:13:f1:2a:0f:23:94:e5:1a:
8a:ee:22:a1:5f:81:b8:c3:22:ab:3b:82:3d:98:e5:c0:2a:f7:
53:a6:25:6a:c4:78:20:28:1e:f5:b0:e3:19:7a:e6:62:b6:60:
20:01:95:2e:c6:ba:8c:dc:38:3f:ac:41:5b:0a:d1:ce:b9:72:
f7:03:72:5f:82:27:7a:6c:fe:67:82:db:33:49:aa:42:68:7a:
e6:2b:c6:77:3a:c2:27:82:bc:e6:c4:7d:85:34:06:8c:39:a9:
84:a6:21:be:8d:a6:25:3c:79:f0:41:e6:9a:32:fb:34:d3:d5:
03:02:3f:ee:3c:cd:1a:60:53:d8:b6:cd:98:47:77:d6:0c:9d:
1e:5e:30:d4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxOEYdLovVKb5nnuyAGTNetMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA5MTAxMzQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjlkMTI2ZWMxZjUwNDkzM2U4Mzg3YjYzNTQzMjVlOTlmZGY2MGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqp02koaxChh5MqMIR+hZl02CmmOB
qCkmhkoAmBHqkeH5ZCqZIP8vaLmG5CCAm+0+YDYqsG0sLYTVNbjB+dUdlGYpDCcE
J4KLUOCoX8ZEtG7f+3UJkRMKXfGXkFERkscbpG0xUPPPVzeH/Wq6LmPxmO3dOlYZ
9/NeWXfpATy123PkJkF7uj8FaGIb0AxLaofNFE4pqpvaYNZr2rcZ4cA1R+3UxDPm
WX0o4yjLM3XVpRYJJ9sJpj00KAEnDgbBscby85qlxkwAitmz8W/vwFcTgnGlU0D7
yL2D9Rfk6QM4eBwz1TKAj6C2gVBqWfanaqGGEG7dOyE3/f6/nk+jU2uARQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFKdEm7B9QSTPoOHtjVDJemf32DfMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVXAwU2JzSDFCSk0tZzRlMk5VTWw2Wl9mWU44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBANQk1zkylhsxU3VmQOoC
24QvUqsbCUtsdtOfW5lrfxhHLiXDIKr5q0RC7LdqxnNChRrF4x/Ezj/Cbos8S29e
pl1S+yDixOLUinTiQ050Pkho8trD23ApsyLErzGLt8YRtGkeOaQCg1N2PiukNtOv
vw1NiA/CBU8T8SoPI5TlGoruIqFfgbjDIqs7gj2Y5cAq91OmJWrEeCAoHvWw4xl6
5mK2YCABlS7GuozcOD+sQVsK0c65cvcDcl+CJ3ps/meC2zNJqkJoeuYrxnc6wieC
vObEfYU0Bow5qYSmIb6NpiU8efBB5poy+zTT1QMCP+48zRpgU9i2zZhHd9YMnR5e
MNQ=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:07:37 2025 by rpki-client