Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/UtnyuIJGc82sEsny1So2UzYGLwU.roa
File: UtnyuIJGc82sEsny1So2UzYGLwU.roa (raw, json)
Hash identifier: XS23SJtGDrwgQcJZurAVLaoM4JtiWNy7HnGhiPRKBKo=
Subject key identifier: 52:D9:F2:B8:82:46:73:CD:AC:12:C9:F2:D5:2A:36:53:36:06:2F:05
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BEB8B5FA7C31ED2099AC2C858F8DB87A1
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/UtnyuIJGc82sEsny1So2UzYGLwU.roa
Signing time: Mon 20 Nov 2023 07:04:21 +0000
ROA not before: Mon 20 Nov 2023 07:04:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18b:eb8b:4179/128 maxlen: 128
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:eb:8b:5f:a7:c3:1e:d2:09:9a:c2:c8:58:f8:db:87:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 20 07:04:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52d9f2b8824673cdac12c9f2d52a365336062f05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:60:0e:ac:88:97:1a:22:3f:21:6e:d6:1c:54:
0e:f0:08:04:fe:bb:75:8a:d8:eb:b5:f1:04:c8:7e:
ca:90:04:6e:9f:16:78:b8:2b:58:bd:42:57:8f:38:
3d:24:c2:ad:9c:de:52:25:52:db:97:66:b5:1a:11:
4f:e3:ba:3c:d1:23:fd:8a:5c:b6:91:44:9a:8b:78:
1a:c8:65:b6:98:f4:5c:15:52:49:3d:ee:67:f2:9c:
54:dd:a7:48:71:a0:59:89:c1:f9:a9:2c:a6:23:b8:
42:b2:1c:66:3e:a5:23:74:4a:89:92:c4:0c:1f:73:
e0:c8:0a:83:b7:0d:c1:d9:f4:23:af:9a:71:24:41:
04:1c:c4:4a:1a:2c:14:36:ff:a6:97:2d:03:29:70:
32:2e:d0:4c:d9:ba:a4:e0:77:c9:00:cc:b3:da:fd:
06:b0:7a:b4:ac:47:0d:c5:4b:79:43:3c:c8:45:06:
cc:f9:fe:d7:f9:f8:58:ec:e1:af:c8:d2:83:c4:00:
8f:0a:26:07:80:7e:92:f2:be:c3:d8:c0:75:8a:3b:
d5:cd:5a:31:e7:00:4b:66:e6:c2:97:0a:fc:ae:5a:
41:13:f2:db:eb:96:ae:76:e4:91:7d:b6:96:36:bf:
e4:c1:00:0a:f3:9e:f0:e7:62:fa:ba:8b:a4:60:8f:
31:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:D9:F2:B8:82:46:73:CD:AC:12:C9:F2:D5:2A:36:53:36:06:2F:05
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/UtnyuIJGc82sEsny1So2UzYGLwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0e:68:73:97:ed:b9:2d:07:a2:03:b2:39:a1:66:bd:2a:ca:f3:
26:e7:d7:1d:94:10:1a:55:e1:b4:44:d1:ec:9e:ad:4e:1c:01:
d8:f1:0e:50:d9:20:ba:11:89:a1:eb:42:4c:6f:0a:6f:d2:95:
eb:de:54:bc:d9:ff:43:6e:46:a9:e3:04:0d:cb:82:e4:b2:cd:
8d:10:27:a8:a4:68:78:80:78:d2:41:5b:f1:22:30:78:d5:1e:
a4:4b:54:09:fa:9f:f7:c7:b2:93:3d:5e:fe:e9:d0:df:4b:fd:
9b:a8:53:26:d0:9a:92:5c:5d:3c:a4:ea:18:64:99:85:a7:9f:
d9:11:80:bc:1b:8c:46:12:65:62:e9:a5:6b:f5:73:70:15:df:
de:50:04:64:82:90:23:c7:17:5f:46:bd:86:92:fd:20:77:3b:
61:16:72:af:61:d4:66:55:6e:31:95:f5:48:da:64:23:5c:d6:
aa:24:e4:fc:f6:53:bc:9b:f4:65:d9:86:72:30:7d:6e:45:cb:
87:ac:fe:f2:a6:7b:ab:cf:19:49:b0:9a:ef:84:c3:21:9e:82:
8c:8b:75:83:5b:3c:62:26:9f:13:1a:39:05:f6:6a:50:fa:97:
56:19:fe:c3:cd:df:9b:be:5d:84:58:b3:96:5a:eb:40:0e:62:
95:5e:2f:a5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvri1+nwx7SCZrCyFj424ehMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTIwMDcwNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmQ5ZjJiODgyNDY3M2NkYWMxMmM5ZjJkNTJhMzY1MzM2MDYyZjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGAOrIiXGiI/IW7WHFQO8AgE/rt1
itjrtfEEyH7KkARunxZ4uCtYvUJXjzg9JMKtnN5SJVLbl2a1GhFP47o80SP9ily2
kUSai3gayGW2mPRcFVJJPe5n8pxU3adIcaBZicH5qSymI7hCshxmPqUjdEqJksQM
H3PgyAqDtw3B2fQjr5pxJEEEHMRKGiwUNv+mly0DKXAyLtBM2bqk4HfJAMyz2v0G
sHq0rEcNxUt5QzzIRQbM+f7X+fhY7OGvyNKDxACPCiYHgH6S8r7D2MB1ijvVzVox
5wBLZubClwr8rlpBE/Lb65auduSRfbaWNr/kwQAK857w52L6uoukYI8xFwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFLZ8riCRnPNrBLJ8tUqNlM2Bi8FMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVXRueXVJSkdjODJzRXNueTFTbzJVellHTHdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA5oc5ftuS0HogOyOaFm
vSrK8ybn1x2UEBpV4bRE0eyerU4cAdjxDlDZILoRiaHrQkxvCm/SleveVLzZ/0Nu
RqnjBA3LguSyzY0QJ6ikaHiAeNJBW/EiMHjVHqRLVAn6n/fHspM9Xv7p0N9L/Zuo
UybQmpJcXTyk6hhkmYWnn9kRgLwbjEYSZWLppWv1c3AV395QBGSCkCPHF19GvYaS
/SB3O2EWcq9h1GZVbjGV9UjaZCNc1qok5Pz2U7yb9GXZhnIwfW5Fy4es/vKme6vP
GUmwmu+EwyGegoyLdYNbPGImnxMaOQX2alD6l1YZ/sPN35u+XYRYs5Za60AOYpVe
L6U=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:07:55 2025 by rpki-client