Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/a4E85EpD3WuIn0GiJowVS-Km5WA.roa
File: a4E85EpD3WuIn0GiJowVS-Km5WA.roa (raw, json)
Hash identifier: USdkySvKZ7pGF0qLIG/t0MU8+GNLIQAdLOi/0z2EmG4=
Subject key identifier: 6B:81:3C:E4:4A:43:DD:6B:88:9F:41:A2:26:8C:15:4B:E2:A6:E5:60
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AE48201B9851260202FCFA1FBF70566A4
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/a4E85EpD3WuIn0GiJowVS-Km5WA.roa
Signing time: Sat 30 Sep 2023 05:13:59 +0000
ROA not before: Sat 30 Sep 2023 05:13:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e4:82:01:b9:85:12:60:20:2f:cf:a1:fb:f7:05:66:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 30 05:13:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b813ce44a43dd6b889f41a2268c154be2a6e560
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f1:c5:4c:cf:fd:9d:e4:5c:6e:84:d2:c4:e1:
f3:19:64:91:d5:de:10:de:d8:f5:cd:1c:6d:d0:f5:
61:b7:21:0e:d2:09:4d:09:3c:4c:56:f4:65:41:9a:
ae:cc:d5:b6:c6:2c:fa:41:cf:0c:71:6e:e7:9c:cf:
0c:50:38:20:b1:69:09:1c:9b:20:f6:46:17:60:29:
40:af:73:24:d2:5b:45:b3:6f:5b:80:c5:f6:de:64:
f7:f5:1e:a6:b4:0e:95:d0:53:15:35:bf:ed:67:ac:
70:3b:ad:76:0a:d3:cb:86:f8:eb:ba:5e:3f:2a:6a:
f4:0a:7d:b6:45:c6:ec:79:99:74:d0:2b:93:48:d9:
92:39:13:00:7c:8a:ab:e3:c5:c5:63:66:af:cc:ad:
e4:5a:58:90:2c:77:1c:3f:a2:8a:9d:0a:17:dc:db:
70:76:bb:5c:03:52:2f:4a:9e:07:86:a0:d2:0d:9d:
4c:fe:9a:b4:37:fc:28:fc:1b:0f:c1:db:25:30:32:
aa:e7:43:2b:11:90:06:2a:31:e9:fc:88:a8:7f:1a:
e1:e6:2d:82:0f:9b:41:f0:51:59:c9:88:b2:32:09:
f5:10:fe:c4:6d:48:1f:94:40:15:fb:16:bd:96:93:
6d:16:ef:c3:ac:23:bf:cd:f1:44:f2:60:27:a8:fd:
9a:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:81:3C:E4:4A:43:DD:6B:88:9F:41:A2:26:8C:15:4B:E2:A6:E5:60
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/a4E85EpD3WuIn0GiJowVS-Km5WA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
10:bd:1a:b6:67:7c:7d:74:01:5c:ee:25:f4:bd:6a:91:fc:6d:
f1:df:ae:e2:ea:44:1c:1e:f5:57:df:d4:67:15:88:c6:92:4a:
73:c4:52:af:3b:e3:1c:9e:8f:98:0e:2f:ca:0a:26:fa:af:6f:
c7:35:09:ec:74:b4:99:95:0a:fe:65:28:b9:1d:9d:83:48:20:
36:fc:5a:c3:78:f4:54:61:6e:9c:0f:39:9e:97:3a:ce:11:c3:
3d:9e:8d:88:4c:19:c8:1c:23:6e:d3:5f:d8:b8:62:97:b9:9a:
0f:f3:e0:59:af:13:f1:b0:7b:24:12:9e:90:97:ef:ac:8a:7c:
56:bd:62:9f:39:a4:cf:2d:63:8d:99:1c:4d:a4:7c:14:9c:b9:
72:77:e8:a9:9a:ed:36:f0:f8:b1:d0:c8:0f:e0:08:70:4d:e1:
88:64:50:9f:f1:f2:f7:9d:7c:f6:48:20:cd:18:c8:38:e4:c7:
14:e6:d0:c0:75:10:7a:e7:af:b1:60:60:9d:e9:58:fd:07:f7:
56:14:b6:ab:0f:9e:e9:17:3f:1a:e1:a6:d7:b0:67:27:a0:8b:
75:32:2f:47:0a:af:dc:9b:4b:c8:85:80:61:f0:28:f6:0c:6c:
19:d7:4a:67:a5:aa:39:39:ac:f8:8c:4b:ac:7a:d3:6d:6c:72:
80:61:bb:2e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrkggG5hRJgIC/Pofv3BWakMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTMwMDUxMzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjgxM2NlNDRhNDNkZDZiODg5ZjQxYTIyNjhjMTU0YmUyYTZlNTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/HFTM/9neRcboTSxOHzGWSR1d4Q
3tj1zRxt0PVhtyEO0glNCTxMVvRlQZquzNW2xiz6Qc8McW7nnM8MUDggsWkJHJsg
9kYXYClAr3Mk0ltFs29bgMX23mT39R6mtA6V0FMVNb/tZ6xwO612CtPLhvjrul4/
Kmr0Cn22RcbseZl00CuTSNmSORMAfIqr48XFY2avzK3kWliQLHccP6KKnQoX3Ntw
drtcA1IvSp4HhqDSDZ1M/pq0N/wo/BsPwdslMDKq50MrEZAGKjHp/Iiofxrh5i2C
D5tB8FFZyYiyMgn1EP7EbUgflEAV+xa9lpNtFu/DrCO/zfFE8mAnqP2avwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGuBPORKQ91riJ9BoiaMFUvipuVgMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYTRFODVFcEQzV3VJbjBHaUpvd1ZTLUttNVdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABC9GrZnfH10AVzuJfS9
apH8bfHfruLqRBwe9Vff1GcViMaSSnPEUq874xyej5gOL8oKJvqvb8c1Cex0tJmV
Cv5lKLkdnYNIIDb8WsN49FRhbpwPOZ6XOs4Rwz2ejYhMGcgcI27TX9i4Ype5mg/z
4FmvE/GweyQSnpCX76yKfFa9Yp85pM8tY42ZHE2kfBScuXJ36Kma7Tbw+LHQyA/g
CHBN4YhkUJ/x8vedfPZIIM0YyDjkxxTm0MB1EHrnr7FgYJ3pWP0H91YUtqsPnukX
PxrhptewZyegi3UyL0cKr9ybS8iFgGHwKPYMbBnXSmelqjk5rPiMS6x6021scoBh
uy4=
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:05:08 2025 by rpki-client