Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/baE9oqOwrMrewtJyR3QUlzqyQxA.roa
File: baE9oqOwrMrewtJyR3QUlzqyQxA.roa (raw, json)
Hash identifier: 9RNE5xHlEFnMlDxKLYM8lAufqUWA6zjThi9Bc8Esnds=
Subject key identifier: 6D:A1:3D:A2:A3:B0:AC:CA:DE:C2:D2:72:47:74:14:97:3A:B2:43:10
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AE33A3F4A92FD2B3A1AF7FE17EE34D385
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/baE9oqOwrMrewtJyR3QUlzqyQxA.roa
Signing time: Fri 29 Sep 2023 23:15:59 +0000
ROA not before: Fri 29 Sep 2023 23:15:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e3:3a:3f:4a:92:fd:2b:3a:1a:f7:fe:17:ee:34:d3:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 29 23:15:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6da13da2a3b0accadec2d272477414973ab24310
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:56:af:5f:a1:cc:7c:1b:65:c2:16:ec:ad:a0:
ad:6a:1f:d3:5f:62:d5:2e:d4:20:86:f0:9d:a8:38:
09:78:d8:6f:10:ab:f9:dd:bb:9b:9c:6f:2e:bf:1d:
44:44:f7:12:90:1f:32:07:7a:8e:c9:1f:bb:27:35:
44:8f:5a:97:1d:58:48:3e:b7:e5:bc:9e:53:4a:7d:
3c:23:c4:f0:3d:b5:e1:f8:e5:a5:c9:bc:c5:31:c3:
fa:c5:69:8a:ca:8b:9a:66:f0:72:8d:2b:93:fa:93:
29:d6:62:1b:f0:bc:51:b6:70:bf:98:2f:6d:db:89:
8d:35:e1:46:c3:c5:55:c8:5c:f8:be:2c:9f:24:1f:
32:07:5d:6c:4b:14:7c:c4:8d:5b:35:02:0f:a4:5d:
58:cf:f4:45:c3:34:03:b8:d4:de:4f:2b:72:63:f6:
35:f1:31:5a:e5:f0:69:5c:f2:cb:2f:0b:bc:d7:d5:
c0:cc:e3:9e:47:c2:21:a0:a6:e6:29:28:d3:78:5c:
df:60:20:25:86:40:7b:e7:53:ab:50:e9:c4:2c:9b:
78:cd:d8:37:dd:6c:d2:87:61:36:2e:ea:50:db:3c:
f9:34:0f:ac:e0:2c:79:7e:2f:c3:33:f6:b8:03:32:
4e:59:a5:d6:3a:f0:ab:56:4f:2f:53:5a:cf:65:4c:
e2:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:A1:3D:A2:A3:B0:AC:CA:DE:C2:D2:72:47:74:14:97:3A:B2:43:10
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/baE9oqOwrMrewtJyR3QUlzqyQxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1b:5f:d5:e7:ca:24:9b:70:ba:5c:7c:7a:77:52:e7:c9:5d:75:
9f:15:ac:a9:cd:ef:9d:5a:d9:77:70:27:79:97:d4:94:77:08:
4e:1f:07:ae:62:3b:bd:09:cc:12:51:1d:80:9c:1b:68:16:42:
e6:94:e1:80:be:f1:8e:b6:1b:f0:c9:99:43:e1:44:47:43:0e:
f1:d9:89:ac:a2:e4:f6:56:a3:6c:f0:87:44:77:dc:1c:56:46:
a9:ef:4d:ee:fd:c5:07:a0:09:17:66:45:46:40:e4:49:b1:53:
1b:20:2f:b6:f8:c3:51:83:07:f3:59:fe:8a:3a:07:46:21:ed:
b7:9b:6b:28:33:ce:44:a3:db:75:68:40:81:81:33:1e:52:8a:
dd:61:67:64:92:7d:3e:07:f5:5f:40:a3:a7:9d:27:33:39:3c:
df:49:99:e9:73:ef:8e:8f:71:81:db:6b:a9:65:3a:a3:55:f2:
48:4c:22:16:cd:bc:4a:71:15:1a:d8:92:bb:5d:3d:a4:5d:25:
66:56:0d:03:8c:e9:cc:e1:78:98:d5:cf:75:7c:19:00:6d:29:
a0:79:1d:13:5f:b2:22:a0:9b:02:b7:69:ff:fc:58:3c:c8:ed:
73:b0:6f:d5:c2:b0:e8:09:ce:4c:88:f8:3e:a9:6d:69:e1:65:
3e:a4:c7:d1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrjOj9Kkv0rOhr3/hfuNNOFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI5MjMxNTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGExM2RhMmEzYjBhY2NhZGVjMmQyNzI0Nzc0MTQ5NzNhYjI0MzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlavX6HMfBtlwhbsraCtah/TX2LV
LtQghvCdqDgJeNhvEKv53bubnG8uvx1ERPcSkB8yB3qOyR+7JzVEj1qXHVhIPrfl
vJ5TSn08I8TwPbXh+OWlybzFMcP6xWmKyouaZvByjSuT+pMp1mIb8LxRtnC/mC9t
24mNNeFGw8VVyFz4viyfJB8yB11sSxR8xI1bNQIPpF1Yz/RFwzQDuNTeTytyY/Y1
8TFa5fBpXPLLLwu819XAzOOeR8IhoKbmKSjTeFzfYCAlhkB751OrUOnELJt4zdg3
3WzSh2E2LupQ2zz5NA+s4Cx5fi/DM/a4AzJOWaXWOvCrVk8vU1rPZUzinwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG2hPaKjsKzK3sLSckd0FJc6skMQMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYmFFOW9xT3dyTXJld3RKeVIzUVVsenF5UXhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABtf1efKJJtwulx8endS
58lddZ8VrKnN751a2XdwJ3mX1JR3CE4fB65iO70JzBJRHYCcG2gWQuaU4YC+8Y62
G/DJmUPhREdDDvHZiayi5PZWo2zwh0R33BxWRqnvTe79xQegCRdmRUZA5EmxUxsg
L7b4w1GDB/NZ/oo6B0Yh7bebaygzzkSj23VoQIGBMx5Sit1hZ2SSfT4H9V9Ao6ed
JzM5PN9Jmelz746PcYHba6llOqNV8khMIhbNvEpxFRrYkrtdPaRdJWZWDQOM6czh
eJjVz3V8GQBtKaB5HRNfsiKgmwK3af/8WDzI7XOwb9XCsOgJzkyI+D6pbWnhZT6k
x9E=
-----END CERTIFICATE-----
Generated at Wed Apr 23 05:31:35 2025 by rpki-client