Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/UsSEQqz5HcTy8C7xmQmX9CvnD8Y.roa
File: UsSEQqz5HcTy8C7xmQmX9CvnD8Y.roa (raw, json)
Hash identifier: soWN0KtqORVIh6GBO7MwdK1IkeH77riGzamcYCeFzm0=
Subject key identifier: 52:C4:84:42:AC:F9:1D:C4:F2:F0:2E:F1:99:09:97:F4:2B:E7:0F:C6
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C7AEAA0FD11F2F5E77DED115F5B715281
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/UsSEQqz5HcTy8C7xmQmX9CvnD8Y.roa
Signing time: Mon 18 Dec 2023 03:14:06 +0000
ROA not before: Mon 18 Dec 2023 03:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7a:ea:a0:fd:11:f2:f5:e7:7d:ed:11:5f:5b:71:52:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 18 03:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52c48442acf91dc4f2f02ef1990997f42be70fc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:1e:f3:eb:09:34:9c:9a:10:05:66:0c:ff:23:
20:a6:35:70:5d:3e:4e:d1:82:36:68:e9:77:e6:f0:
25:1f:16:6e:e9:46:44:0b:a0:b1:a4:9b:65:5d:e4:
ae:1c:fd:ba:02:84:db:71:39:57:bd:f6:6a:89:87:
c6:7c:96:38:c5:df:3e:2b:2e:f6:3c:57:4b:c5:51:
88:84:dc:f3:64:b4:99:85:65:2f:49:bd:bf:48:ec:
5a:16:bc:0b:3a:b9:c8:cb:07:d0:ac:c9:0e:a0:d2:
d4:0b:bb:1e:98:02:9a:74:c4:f2:c8:91:88:49:61:
c2:21:13:fd:f0:4d:84:6c:3e:15:0c:f1:69:ea:b6:
3c:00:92:7e:b7:1b:1f:8b:4e:47:46:b0:0d:4a:19:
a9:30:ef:f7:ec:20:06:76:57:36:ed:0f:db:8c:47:
28:2a:ea:7d:da:30:41:0a:35:59:79:2b:d8:b8:bd:
b6:f2:cf:fe:fc:50:95:35:67:7c:76:f0:50:9d:05:
dd:5d:78:8d:bd:4e:5b:28:9b:f3:a1:c2:1a:03:6b:
ab:87:5f:fa:84:fa:02:32:4a:ac:ce:44:58:37:ab:
b4:12:c1:e3:86:f7:33:4d:8e:aa:58:a4:96:c5:0d:
80:f2:5f:3f:27:05:f3:13:6f:2b:06:15:f2:ab:00:
a8:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:C4:84:42:AC:F9:1D:C4:F2:F0:2E:F1:99:09:97:F4:2B:E7:0F:C6
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/UsSEQqz5HcTy8C7xmQmX9CvnD8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a8:64:72:ab:14:fe:89:86:7b:cd:5c:e1:06:d1:26:c5:1f:98:
7f:50:bf:43:7c:1e:79:e1:5b:97:f4:89:ac:c5:48:19:31:c6:
5a:61:67:38:5e:0f:c4:b2:c5:95:ec:d5:d4:ca:12:84:fd:63:
4d:ab:fd:32:7c:ce:2a:e1:a9:35:05:eb:f3:b4:14:77:a3:cf:
8c:a7:b7:87:4f:20:ed:98:14:0b:71:5c:df:d0:f9:48:4a:53:
4b:a9:54:00:a7:ee:77:ed:4a:d0:07:74:65:00:48:34:50:15:
8c:6f:af:1f:06:db:4b:ff:fc:34:ff:c2:12:4b:51:7d:be:70:
80:7c:f5:35:de:01:86:e0:8d:3b:e5:74:b8:1a:20:a6:ae:47:
6a:18:f5:af:95:3a:1a:1f:61:8b:bc:75:f2:17:63:55:af:21:
6b:31:8f:79:4e:00:a1:e9:71:87:f1:46:d5:05:54:9e:91:04:
fe:b7:fb:fd:de:4e:89:79:6f:3e:46:c6:11:32:b7:e4:f2:5b:
ee:1e:f6:ff:47:6f:9f:2f:14:77:e9:7c:0f:47:da:ca:ed:bf:
00:2e:ac:42:12:22:d1:95:d2:38:79:05:e4:d6:31:0e:82:38:
11:72:2a:68:0c:d2:01:e7:30:d7:6f:89:f8:d4:14:fb:33:b5:
21:aa:16:b9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYx66qD9EfL1533tEV9bcVKBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE4MDMxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmM0ODQ0MmFjZjkxZGM0ZjJmMDJlZjE5OTA5OTdmNDJiZTcwZmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmB7z6wk0nJoQBWYM/yMgpjVwXT5O
0YI2aOl35vAlHxZu6UZEC6CxpJtlXeSuHP26AoTbcTlXvfZqiYfGfJY4xd8+Ky72
PFdLxVGIhNzzZLSZhWUvSb2/SOxaFrwLOrnIywfQrMkOoNLUC7semAKadMTyyJGI
SWHCIRP98E2EbD4VDPFp6rY8AJJ+txsfi05HRrANShmpMO/37CAGdlc27Q/bjEco
Kup92jBBCjVZeSvYuL228s/+/FCVNWd8dvBQnQXdXXiNvU5bKJvzocIaA2urh1/6
hPoCMkqszkRYN6u0EsHjhvczTY6qWKSWxQ2A8l8/JwXzE28rBhXyqwCoTwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFLEhEKs+R3E8vAu8ZkJl/Qr5w/GMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVXNTRVFxejVIY1R5OEM3eG1RbVg5Q3ZuRDhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKhkcqsU/omGe81c4QbR
JsUfmH9Qv0N8HnnhW5f0iazFSBkxxlphZzheD8SyxZXs1dTKEoT9Y02r/TJ8zirh
qTUF6/O0FHejz4ynt4dPIO2YFAtxXN/Q+UhKU0upVACn7nftStAHdGUASDRQFYxv
rx8G20v//DT/whJLUX2+cIB89TXeAYbgjTvldLgaIKauR2oY9a+VOhofYYu8dfIX
Y1WvIWsxj3lOAKHpcYfxRtUFVJ6RBP63+/3eTol5bz5GxhEyt+TyW+4e9v9Hb58v
FHfpfA9H2srtvwAurEISItGV0jh5BeTWMQ6COBFyKmgM0gHnMNdvifjUFPsztSGq
Frk=
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:27:37 2025 by rpki-client