Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/aU49Cdzv4OnWxmF8xiO6lmnOX0c.roa
File: aU49Cdzv4OnWxmF8xiO6lmnOX0c.roa (raw, json)
Hash identifier: EqDSXRE34uaJFlkx/kd9/mInkHyWT4Elhl/8Kzaluwo=
Subject key identifier: 69:4E:3D:09:DC:EF:E0:E9:D6:C6:61:7C:C6:23:BA:96:69:CE:5F:47
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C717A8DF42347B2620A2EDED1F7C92622
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/aU49Cdzv4OnWxmF8xiO6lmnOX0c.roa
Signing time: Sat 16 Dec 2023 07:15:06 +0000
ROA not before: Sat 16 Dec 2023 07:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:71:7a:8d:f4:23:47:b2:62:0a:2e:de:d1:f7:c9:26:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 16 07:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=694e3d09dcefe0e9d6c6617cc623ba9669ce5f47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:8f:6b:62:df:4c:55:b5:19:58:68:1a:06:61:
2a:a7:d5:77:ad:5e:b6:d4:e9:7f:a1:40:23:bb:b6:
6b:e5:38:66:1b:a7:da:53:20:59:fb:0b:d9:2f:e3:
e7:aa:c9:b7:e9:26:ab:e6:f6:d4:43:43:b3:ed:f2:
77:c8:46:90:9a:0c:17:77:bc:c8:bd:af:19:37:97:
f6:eb:0e:35:73:10:e8:6a:a5:82:6f:5c:c9:17:dd:
24:88:6c:61:35:a0:60:ba:6f:14:65:d5:4c:9d:ef:
6b:ae:cc:c9:77:09:93:5b:c2:01:f6:fc:db:8f:66:
c1:43:65:2e:68:e3:e3:35:e6:ae:18:36:98:93:ae:
1b:06:6d:51:72:fd:aa:74:df:d6:ec:4f:f6:15:05:
c8:dc:a0:86:98:7e:98:de:7f:60:44:c7:4b:25:98:
65:49:49:57:44:59:eb:a7:8d:22:79:9e:45:05:cb:
af:0e:bb:19:3d:5b:32:3d:e4:ef:2a:b8:ac:f2:10:
05:66:d9:46:85:72:a2:8c:bd:05:e4:39:c3:f4:0e:
3a:32:24:eb:ea:61:ef:88:63:42:99:00:51:02:1f:
ad:8b:e1:6b:c3:9e:16:97:12:27:d7:0c:89:d2:f6:
73:86:84:82:68:b0:96:4b:c2:8a:af:d7:1d:f5:48:
37:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:4E:3D:09:DC:EF:E0:E9:D6:C6:61:7C:C6:23:BA:96:69:CE:5F:47
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/aU49Cdzv4OnWxmF8xiO6lmnOX0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
cc:da:99:59:c5:6d:58:36:80:61:18:1c:32:9b:52:7b:b4:f4:
be:5e:01:02:60:c2:ec:08:29:dc:4f:64:2e:c6:47:fd:92:d1:
cb:9f:00:14:f0:fa:3a:e3:62:27:17:55:ec:00:81:98:36:a1:
e1:6c:da:66:26:32:a5:09:f7:ec:9a:a4:8f:05:d2:ba:9c:7f:
24:29:eb:73:fe:34:04:73:17:6e:bc:ab:ef:a8:a7:e8:58:04:
38:56:ba:ee:f2:42:03:57:41:17:eb:bf:35:a5:0d:59:24:4f:
5f:eb:e8:4f:76:08:5e:16:4f:02:f1:03:a5:d8:c1:14:a4:ba:
56:cb:03:fb:83:cb:84:e9:e3:56:be:8a:d8:17:dd:d7:d2:e8:
84:90:f5:75:7e:42:c7:30:f2:33:ea:c0:d6:5f:1b:d0:ed:b8:
22:c9:a6:9f:f6:c9:de:a8:c8:74:74:bf:2d:6c:ba:2c:b5:c0:
b7:2d:51:2d:c2:02:9a:37:4b:e8:c9:54:16:9f:a7:63:9e:7e:
c8:cf:76:9a:2f:6b:5d:05:2f:df:cc:81:7b:40:61:36:bd:a1:
41:fb:92:fc:6b:fb:0e:6f:0d:57:e7:5d:40:fb:b8:31:2d:c2:
da:23:88:b4:ab:49:e2:7c:94:a9:da:37:cd:41:17:63:88:36:
bf:e4:80:04
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxxeo30I0eyYgou3tH3ySYiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE2MDcxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTRlM2QwOWRjZWZlMGU5ZDZjNjYxN2NjNjIzYmE5NjY5Y2U1ZjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwY9rYt9MVbUZWGgaBmEqp9V3rV62
1Ol/oUAju7Zr5ThmG6faUyBZ+wvZL+Pnqsm36Sar5vbUQ0Oz7fJ3yEaQmgwXd7zI
va8ZN5f26w41cxDoaqWCb1zJF90kiGxhNaBgum8UZdVMne9rrszJdwmTW8IB9vzb
j2bBQ2UuaOPjNeauGDaYk64bBm1Rcv2qdN/W7E/2FQXI3KCGmH6Y3n9gRMdLJZhl
SUlXRFnrp40ieZ5FBcuvDrsZPVsyPeTvKris8hAFZtlGhXKijL0F5DnD9A46MiTr
6mHviGNCmQBRAh+ti+Frw54WlxIn1wyJ0vZzhoSCaLCWS8KKr9cd9Ug3PQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGlOPQnc7+Dp1sZhfMYjupZpzl9HMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYVU0OUNkenY0T25XeG1GOHhpTzZsbW5PWDBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMzamVnFbVg2gGEYHDKb
Unu09L5eAQJgwuwIKdxPZC7GR/2S0cufABTw+jrjYicXVewAgZg2oeFs2mYmMqUJ
9+yapI8F0rqcfyQp63P+NARzF268q++op+hYBDhWuu7yQgNXQRfrvzWlDVkkT1/r
6E92CF4WTwLxA6XYwRSkulbLA/uDy4Tp41a+itgX3dfS6ISQ9XV+Qscw8jPqwNZf
G9DtuCLJpp/2yd6oyHR0vy1suiy1wLctUS3CApo3S+jJVBafp2OefsjPdpova10F
L9/MgXtAYTa9oUH7kvxr+w5vDVfnXUD7uDEtwtojiLSrSeJ8lKnaN81BF2OINr/k
gAQ=
-----END CERTIFICATE-----
Generated at Sun Apr 20 21:00:59 2025 by rpki-client