Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/apNSo1OfJoaSZlEhJggLfI91Hxo.roa
File: apNSo1OfJoaSZlEhJggLfI91Hxo.roa (raw, json)
Hash identifier: 79JEHPWUWNjECDbAV+R/4Eh5W9n0gcs/LDwU8JMCu5U=
Subject key identifier: 6A:93:52:A3:53:9F:26:86:92:66:51:21:26:08:0B:7C:8F:75:1F:1A
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C7EC76743E5AF9EA454261A7C5FA2DB77
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/apNSo1OfJoaSZlEhJggLfI91Hxo.roa
Signing time: Mon 18 Dec 2023 21:14:06 +0000
ROA not before: Mon 18 Dec 2023 21:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7e:c7:67:43:e5:af:9e:a4:54:26:1a:7c:5f:a2:db:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 18 21:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a9352a3539f26869266512126080b7c8f751f1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:14:65:61:5b:a2:d0:0b:50:59:a1:7d:4e:df:
23:2e:68:a5:38:03:ab:43:2e:f3:3d:ed:53:8a:be:
9f:2c:3b:82:30:26:86:e1:1f:53:0d:07:5e:1d:17:
25:d1:4b:c7:42:54:ff:18:c4:54:a1:c2:d7:ed:f2:
1f:4d:65:49:61:53:04:91:4b:0f:1a:e2:91:80:ac:
af:ca:fc:f0:eb:b7:6a:6d:23:3e:54:62:e4:18:f0:
71:4f:a7:c1:9d:fa:c6:4d:90:39:53:63:7b:7c:4b:
66:f4:a3:17:c6:a6:8a:2b:f6:59:c6:bf:51:e4:2f:
d9:ed:1e:fa:8d:5d:7f:51:83:9a:a5:a7:99:37:0c:
70:17:fa:18:98:b9:b8:a8:94:0f:b6:71:06:1d:5d:
86:bd:68:99:66:04:2b:dc:44:5a:97:0a:ee:24:89:
c8:7d:fb:5b:ba:26:38:6a:f7:7d:6c:7f:76:e5:5e:
fa:e0:6a:33:6c:de:09:19:94:65:dc:8f:bd:af:6d:
6f:4e:10:34:d9:3e:35:65:dc:ba:92:8c:b6:83:19:
97:c7:e0:23:29:5a:8b:94:8a:09:ab:b4:a1:07:41:
ee:c8:8a:f8:ae:39:14:69:57:ac:e8:cd:46:48:ce:
c8:64:40:d6:32:33:5e:e5:86:61:8e:5d:9b:c7:5d:
60:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:93:52:A3:53:9F:26:86:92:66:51:21:26:08:0B:7C:8F:75:1F:1A
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/apNSo1OfJoaSZlEhJggLfI91Hxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
32:4d:a6:49:c0:ed:84:8b:6d:8e:c0:40:e4:db:0d:2d:90:12:
97:e0:f2:af:40:3a:09:ac:09:44:a3:f2:03:57:2a:7d:cf:d7:
b4:a8:d1:66:39:57:76:4e:d5:6f:a2:19:29:47:60:37:e4:26:
10:7f:ea:d9:6b:2b:92:f1:02:45:97:5c:82:b9:31:a4:b5:be:
18:d9:de:18:86:51:12:06:dc:c3:3b:e1:bc:f3:cf:ff:fa:b8:
02:9e:06:6e:9d:89:29:58:4d:1a:18:34:72:ac:17:a1:f9:d5:
c6:c6:f2:60:c6:8a:2e:7f:f6:6b:d5:a9:80:48:0a:59:83:6a:
b2:1a:3e:18:f4:f9:d5:7a:b6:e8:14:de:e6:70:37:74:18:4e:
de:01:b2:f3:e6:38:c5:c4:f0:fe:c4:2d:77:e2:f8:7e:ce:ac:
bf:58:a3:fb:51:c9:02:02:1c:aa:eb:44:95:59:1b:ac:aa:b9:
61:d2:f1:7d:8a:9d:be:17:3b:f9:dc:6f:d5:ad:05:10:56:b4:
57:8d:b1:89:cf:1e:b1:24:68:2f:46:e3:70:d3:71:4b:2c:11:
54:cc:6b:ae:23:3d:25:52:99:64:18:24:66:7b:47:61:30:81:
4c:6d:7e:05:95:ec:7f:ab:46:46:66:d1:63:7e:f9:24:c9:d5:
55:d9:8f:5f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYx+x2dD5a+epFQmGnxfott3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE4MjExNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTkzNTJhMzUzOWYyNjg2OTI2NjUxMjEyNjA4MGI3YzhmNzUxZjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRRlYVui0AtQWaF9Tt8jLmilOAOr
Qy7zPe1Tir6fLDuCMCaG4R9TDQdeHRcl0UvHQlT/GMRUocLX7fIfTWVJYVMEkUsP
GuKRgKyvyvzw67dqbSM+VGLkGPBxT6fBnfrGTZA5U2N7fEtm9KMXxqaKK/ZZxr9R
5C/Z7R76jV1/UYOapaeZNwxwF/oYmLm4qJQPtnEGHV2GvWiZZgQr3ERalwruJInI
fftbuiY4avd9bH925V764GozbN4JGZRl3I+9r21vThA02T41Zdy6koy2gxmXx+Aj
KVqLlIoJq7ShB0HuyIr4rjkUaVes6M1GSM7IZEDWMjNe5YZhjl2bx11gEQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGqTUqNTnyaGkmZRISYIC3yPdR8aMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYXBOU28xT2ZKb2FTWmxFaEpnZ0xmSTkxSHhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADJNpknA7YSLbY7AQOTb
DS2QEpfg8q9AOgmsCUSj8gNXKn3P17So0WY5V3ZO1W+iGSlHYDfkJhB/6tlrK5Lx
AkWXXIK5MaS1vhjZ3hiGURIG3MM74bzzz//6uAKeBm6diSlYTRoYNHKsF6H51cbG
8mDGii5/9mvVqYBIClmDarIaPhj0+dV6tugU3uZwN3QYTt4BsvPmOMXE8P7ELXfi
+H7OrL9Yo/tRyQICHKrrRJVZG6yquWHS8X2Knb4XO/ncb9WtBRBWtFeNsYnPHrEk
aC9G43DTcUssEVTMa64jPSVSmWQYJGZ7R2EwgUxtfgWV7H+rRkZm0WN++STJ1VXZ
j18=
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:52:30 2025 by rpki-client