Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/b0PY7Xw7rT137GVKl_9AH9tEllU.roa
File: b0PY7Xw7rT137GVKl_9AH9tEllU.roa (raw, json)
Hash identifier: c8Q2jzMQerZ69Z6N4fRJY0CVB72GIZaYPMIke7/3RnM=
Subject key identifier: 6F:43:D8:ED:7C:3B:AD:3D:77:EC:65:4A:97:FF:40:1F:DB:44:96:55
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C40C22629536F56DDD0B97C7986ED0872
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/b0PY7Xw7rT137GVKl_9AH9tEllU.roa
Signing time: Wed 06 Dec 2023 20:11:54 +0000
ROA not before: Wed 06 Dec 2023 20:11:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:40:c2:26:29:53:6f:56:dd:d0:b9:7c:79:86:ed:08:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 6 20:11:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f43d8ed7c3bad3d77ec654a97ff401fdb449655
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:48:85:1d:78:74:4b:76:63:12:bf:af:cd:8f:
bc:9b:9b:da:ad:f6:c4:67:87:be:6b:57:8c:41:2f:
86:f1:0e:c9:96:89:4e:b7:6b:59:6f:ff:26:25:5e:
ca:4c:82:a5:01:83:99:08:f8:45:51:a0:ae:f5:d6:
54:81:8d:a6:d8:09:d4:34:c2:48:91:34:b8:eb:4d:
9c:ae:a8:84:8d:8e:2a:e3:4a:97:af:38:46:b2:27:
38:ab:f7:58:18:a2:42:c3:26:bc:89:5c:be:14:d4:
5a:21:b6:4c:be:d9:1d:a2:1d:be:56:46:34:25:90:
6a:e7:10:a6:62:c9:fd:25:9f:a3:92:90:75:08:f2:
72:1b:fd:07:b5:f0:4f:97:c7:90:2a:b5:e3:56:42:
e0:9f:51:45:25:29:84:7e:03:4c:c9:0c:9c:29:26:
a1:bf:5a:b2:e0:6d:40:b3:74:04:45:ec:15:24:d4:
c9:56:5d:fb:ac:66:24:f6:fe:27:de:a9:f3:8d:6c:
ed:8f:90:81:b6:c8:42:31:8e:a9:eb:1c:65:5e:98:
0e:56:76:86:71:cd:3f:4e:09:8f:7d:a1:53:a1:66:
8f:11:50:3b:e7:97:86:72:54:90:9b:bc:f4:4b:e7:
80:45:7a:a7:34:5b:34:85:8c:6c:37:93:ab:1f:3a:
cb:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:43:D8:ED:7C:3B:AD:3D:77:EC:65:4A:97:FF:40:1F:DB:44:96:55
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/b0PY7Xw7rT137GVKl_9AH9tEllU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
35:f7:be:eb:7d:7e:c6:08:a8:94:14:1d:23:1c:5d:46:3b:7f:
3e:56:e6:de:9a:7e:df:7a:e7:7c:e6:1f:c9:23:f7:02:3a:91:
a7:ac:6a:00:db:2f:78:6b:3e:c4:98:0d:8a:55:b1:39:9e:62:
38:31:60:87:8d:fc:fa:f6:ba:4f:99:4e:6a:9d:3e:4a:f8:6b:
43:10:04:76:2c:c4:c7:48:38:11:81:92:59:fc:ab:8f:45:60:
95:d6:ed:e2:1e:f1:68:ec:86:f7:17:75:48:a0:63:14:b5:4d:
de:65:1e:da:f2:29:a9:26:48:08:41:34:3d:13:d2:31:4c:e3:
5b:86:95:39:22:de:cf:70:05:35:ae:98:3c:ac:7d:8f:71:58:
a2:bd:6a:b8:aa:74:3c:b8:7a:8c:42:5a:a0:35:95:56:b4:32:
9d:db:27:15:9b:7f:3c:a7:41:d8:9f:e6:05:ee:fb:6b:78:a4:
93:54:99:9b:4b:01:8c:1f:3c:bf:2c:d3:de:b1:f4:44:0a:2f:
aa:50:dc:42:92:10:e0:31:37:89:be:e4:a6:08:32:e2:a1:28:
84:e6:e0:41:c4:45:1a:5a:c4:70:ce:94:c3:69:da:56:56:a5:
d9:0a:df:02:3b:65:20:99:a8:d9:21:1c:b5:e4:02:a2:fd:fe:
8a:f2:c3:6a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxAwiYpU29W3dC5fHmG7QhyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA2MjAxMTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjQzZDhlZDdjM2JhZDNkNzdlYzY1NGE5N2ZmNDAxZmRiNDQ5NjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0iFHXh0S3ZjEr+vzY+8m5varfbE
Z4e+a1eMQS+G8Q7JlolOt2tZb/8mJV7KTIKlAYOZCPhFUaCu9dZUgY2m2AnUNMJI
kTS4602crqiEjY4q40qXrzhGsic4q/dYGKJCwya8iVy+FNRaIbZMvtkdoh2+VkY0
JZBq5xCmYsn9JZ+jkpB1CPJyG/0HtfBPl8eQKrXjVkLgn1FFJSmEfgNMyQycKSah
v1qy4G1As3QERewVJNTJVl37rGYk9v4n3qnzjWztj5CBtshCMY6p6xxlXpgOVnaG
cc0/TgmPfaFToWaPEVA755eGclSQm7z0S+eARXqnNFs0hYxsN5OrHzrLdQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG9D2O18O609d+xlSpf/QB/bRJZVMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYjBQWTdYdzdyVDEzN0dWS2xfOUFIOXRFbGxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADX3vut9fsYIqJQUHSMc
XUY7fz5W5t6aft9653zmH8kj9wI6kaesagDbL3hrPsSYDYpVsTmeYjgxYIeN/Pr2
uk+ZTmqdPkr4a0MQBHYsxMdIOBGBkln8q49FYJXW7eIe8WjshvcXdUigYxS1Td5l
HtryKakmSAhBND0T0jFM41uGlTki3s9wBTWumDysfY9xWKK9ariqdDy4eoxCWqA1
lVa0Mp3bJxWbfzynQdif5gXu+2t4pJNUmZtLAYwfPL8s096x9EQKL6pQ3EKSEOAx
N4m+5KYIMuKhKITm4EHERRpaxHDOlMNp2lZWpdkK3wI7ZSCZqNkhHLXkAqL9/ory
w2o=
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:12:18 2025 by rpki-client