Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/WTzF31ViiCgAABeWIRoS1QejxIc.roa
File: WTzF31ViiCgAABeWIRoS1QejxIc.roa (raw, json)
Hash identifier: FmvVeDS8W2KcNhMe4hj5B7Zsidg5Asnhifv+zH0mrD8=
Subject key identifier: 59:3C:C5:DF:55:62:88:28:00:00:17:96:21:1A:12:D5:07:A3:C4:87
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AC90B5340D1A31BB6C39EFF5EEC0FA273
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/WTzF31ViiCgAABeWIRoS1QejxIc.roa
Signing time: Sun 24 Sep 2023 21:14:37 +0000
ROA not before: Sun 24 Sep 2023 21:14:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c9:0b:53:40:d1:a3:1b:b6:c3:9e:ff:5e:ec:0f:a2:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 24 21:14:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=593cc5df5562882800001796211a12d507a3c487
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:d0:5f:e5:6d:22:60:6c:d2:f5:5a:92:e3:f5:
79:6c:85:22:35:fd:b9:d8:3b:63:25:62:d1:52:4e:
22:39:d6:22:1b:e7:37:ee:ad:d6:bf:a6:71:43:7b:
23:57:7b:db:0e:e2:2d:09:55:a8:02:9a:0d:7e:8e:
f3:d8:50:1f:22:a4:86:84:6f:fe:60:80:95:d4:0f:
98:b6:13:b8:5a:e5:8e:1f:b3:c0:f5:cf:33:12:15:
e3:85:64:84:6e:ce:fb:e5:20:85:24:99:15:f2:d6:
98:16:5d:49:e3:cf:b6:fd:3b:41:a1:3c:28:64:26:
d9:f3:4d:a0:7f:e8:a6:8f:7e:84:c1:d5:04:47:32:
56:41:92:56:c9:7c:d1:73:15:36:f6:01:da:b8:a3:
5f:7a:c8:36:3b:9c:71:2b:e3:94:52:a1:aa:65:33:
e9:96:61:0c:55:33:af:bc:8d:53:ad:77:87:e8:4e:
81:b3:a5:98:0a:f3:a4:d3:e2:fb:20:f7:d1:14:4f:
34:aa:95:a0:45:cb:31:83:88:ae:86:55:d6:1b:7f:
21:49:f5:c2:e9:05:49:9b:8c:ff:a8:34:18:88:6c:
ff:61:af:29:77:e6:a1:1b:ff:b1:80:e3:15:c1:5d:
43:dd:c8:e3:c2:d5:3b:24:1e:c5:e7:cb:47:b9:58:
3c:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:3C:C5:DF:55:62:88:28:00:00:17:96:21:1A:12:D5:07:A3:C4:87
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/WTzF31ViiCgAABeWIRoS1QejxIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a0:35:96:3e:0c:79:80:a3:a0:31:f0:36:f6:68:71:bd:65:f5:
b7:ff:1f:e2:b4:e3:71:55:05:40:6d:03:ca:ec:90:7d:d7:d9:
6d:d9:23:52:f7:dc:d9:2c:d7:7c:98:a4:df:8c:21:9b:10:f2:
d3:3d:4f:ba:70:57:d7:3a:33:d7:90:ab:de:53:dd:45:5e:18:
6d:80:6f:b1:ed:b0:fb:a5:55:93:eb:0a:b2:cf:07:56:a8:e6:
ec:76:9d:e3:a5:3a:65:d1:f8:73:fd:92:69:aa:08:90:10:78:
1d:d4:27:a2:31:8e:fe:9b:29:60:ad:17:de:10:7e:64:fc:74:
9a:16:95:31:ed:62:48:34:e0:79:45:00:01:7a:93:c2:68:ff:
7f:4b:76:ac:0c:da:4d:d4:a9:8b:2e:c8:16:bc:cc:38:28:b7:
1e:97:c3:7a:98:20:e7:97:17:9a:b6:30:ec:fd:a9:c2:6d:10:
59:02:3d:22:87:19:e8:09:77:be:19:f9:80:ae:2d:e8:dd:73:
0c:9f:f0:c1:3c:49:ef:f9:b4:fb:e3:c9:a5:70:73:57:e2:1a:
89:bd:2c:99:7c:0e:cd:5b:b8:a2:0a:54:28:27:bb:c9:33:2e:
fc:ec:7e:df:03:29:cf:8a:46:d7:d3:18:01:03:06:5d:62:ca:
16:e3:e6:b9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrJC1NA0aMbtsOe/17sD6JzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI0MjExNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTNjYzVkZjU1NjI4ODI4MDAwMDE3OTYyMTFhMTJkNTA3YTNjNDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNBf5W0iYGzS9VqS4/V5bIUiNf25
2DtjJWLRUk4iOdYiG+c37q3Wv6ZxQ3sjV3vbDuItCVWoApoNfo7z2FAfIqSGhG/+
YICV1A+YthO4WuWOH7PA9c8zEhXjhWSEbs775SCFJJkV8taYFl1J48+2/TtBoTwo
ZCbZ802gf+imj36EwdUERzJWQZJWyXzRcxU29gHauKNfesg2O5xxK+OUUqGqZTPp
lmEMVTOvvI1TrXeH6E6Bs6WYCvOk0+L7IPfRFE80qpWgRcsxg4iuhlXWG38hSfXC
6QVJm4z/qDQYiGz/Ya8pd+ahG/+xgOMVwV1D3cjjwtU7JB7F58tHuVg8QQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFk8xd9VYogoAAAXliEaEtUHo8SHMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvV1R6RjMxVmlpQ2dBQUJlV0lSb1MxUWVqeEljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKA1lj4MeYCjoDHwNvZo
cb1l9bf/H+K043FVBUBtA8rskH3X2W3ZI1L33Nks13yYpN+MIZsQ8tM9T7pwV9c6
M9eQq95T3UVeGG2Ab7HtsPulVZPrCrLPB1ao5ux2neOlOmXR+HP9kmmqCJAQeB3U
J6Ixjv6bKWCtF94QfmT8dJoWlTHtYkg04HlFAAF6k8Jo/39LdqwM2k3UqYsuyBa8
zDgotx6Xw3qYIOeXF5q2MOz9qcJtEFkCPSKHGegJd74Z+YCuLejdcwyf8ME8Se/5
tPvjyaVwc1fiGom9LJl8Ds1buKIKVCgnu8kzLvzsft8DKc+KRtfTGAEDBl1iyhbj
5rk=
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:16:12 2025 by rpki-client