Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/cl2-Sf0zjlswwZ8Eslhqhiun488.roa
File: cl2-Sf0zjlswwZ8Eslhqhiun488.roa (raw, json)
Hash identifier: 33MBKV78dDpGMvq17rVNOU2H+MoxfKWLkh+vvp6jwZ0=
Subject key identifier: 72:5D:BE:49:FD:33:8E:5B:30:C1:9F:04:B2:58:6A:86:2B:A7:E3:CF
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AFD66F629D67088B80955AE4C5AC407C6
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/cl2-Sf0zjlswwZ8Eslhqhiun488.roa
Signing time: Thu 05 Oct 2023 01:14:57 +0000
ROA not before: Thu 05 Oct 2023 01:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fd:66:f6:29:d6:70:88:b8:09:55:ae:4c:5a:c4:07:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 5 01:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=725dbe49fd338e5b30c19f04b2586a862ba7e3cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:8c:e3:23:ff:4e:e6:f5:60:85:33:ac:04:73:
fa:e2:06:2e:ea:44:6b:ec:66:f7:5a:83:00:32:54:
7b:db:25:e3:df:81:90:83:40:09:1e:ed:e0:d7:56:
70:0f:7c:b8:d9:bb:a5:f2:67:52:e6:07:58:21:66:
45:aa:f8:f8:25:9a:c1:62:0a:6d:bd:c9:1a:61:46:
7f:09:55:5e:17:35:cc:8f:0e:7f:67:74:1a:c7:1d:
78:64:a5:c1:e1:b5:28:8e:4c:81:75:e8:fd:4f:f0:
48:e1:f0:6f:c8:a5:5a:b3:4b:ce:6e:fd:89:0b:2e:
d9:f6:22:9c:74:97:52:36:f0:b6:96:88:ed:29:c9:
1b:28:c6:62:a0:99:63:d3:2e:d5:28:24:06:4d:37:
11:95:ee:40:8b:6d:f6:48:cf:0b:ef:d3:39:29:09:
b8:90:f3:67:c9:a6:68:f9:45:35:eb:97:bb:45:2e:
01:ab:04:d2:5d:ad:79:b9:29:4f:a2:8f:8c:94:de:
5a:28:70:38:82:82:a0:ba:40:1b:23:72:8a:6e:8f:
dc:f5:ea:c6:4c:1f:f3:cb:6b:3e:7a:85:c0:c0:a0:
55:62:af:5b:8c:e4:7e:c9:06:63:d8:84:c5:a6:0f:
77:7a:34:79:97:78:e3:66:e5:32:29:9b:46:97:b4:
6d:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:5D:BE:49:FD:33:8E:5B:30:C1:9F:04:B2:58:6A:86:2B:A7:E3:CF
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/cl2-Sf0zjlswwZ8Eslhqhiun488.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c1:cc:71:1c:30:6e:4a:82:65:f1:d5:be:4b:4a:5a:52:32:fc:
9c:d1:94:c4:c7:0e:f0:69:1f:57:6c:8e:58:cb:16:3c:da:10:
34:70:4e:93:82:84:8c:22:83:d7:6b:c8:4a:79:69:cb:13:9d:
27:d3:93:73:af:89:b3:c3:b9:64:1d:c4:64:9a:14:58:a7:7e:
ee:16:1c:e1:9d:03:16:d0:ae:68:ad:3f:f5:77:7c:1d:61:8c:
ae:8a:84:a0:c7:fe:15:68:42:b9:f3:5d:55:25:2d:fa:86:77:
15:c8:a7:b2:17:d8:a3:95:73:ae:18:df:0e:a0:11:03:17:05:
c9:07:95:64:cb:85:21:47:14:a3:25:f2:a7:5b:a9:27:75:a6:
f1:5a:b0:f1:28:0a:b9:6d:09:aa:70:c8:9d:6a:34:36:fd:cb:
54:75:12:4b:00:ed:ef:ab:f3:6b:86:d5:b4:43:38:97:da:ac:
f8:c1:11:78:35:6f:bd:52:c2:2f:09:5c:ee:b9:5a:3b:c0:35:
c0:c3:28:a1:ea:09:0f:ed:07:c1:e2:58:a0:ca:1a:b0:30:be:
70:c2:1e:7e:56:7c:87:4b:14:17:18:c4:08:24:a4:6a:33:7d:
a0:e4:1e:eb:d1:e2:c6:7f:6b:18:42:1f:dd:e3:63:41:86:98:
eb:6e:c1:3a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYr9ZvYp1nCIuAlVrkxaxAfGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA1MDExNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjVkYmU0OWZkMzM4ZTViMzBjMTlmMDRiMjU4NmE4NjJiYTdlM2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIzjI/9O5vVghTOsBHP64gYu6kRr
7Gb3WoMAMlR72yXj34GQg0AJHu3g11ZwD3y42bul8mdS5gdYIWZFqvj4JZrBYgpt
vckaYUZ/CVVeFzXMjw5/Z3Qaxx14ZKXB4bUojkyBdej9T/BI4fBvyKVas0vObv2J
Cy7Z9iKcdJdSNvC2lojtKckbKMZioJlj0y7VKCQGTTcRle5Ai232SM8L79M5KQm4
kPNnyaZo+UU165e7RS4BqwTSXa15uSlPoo+MlN5aKHA4goKgukAbI3KKbo/c9erG
TB/zy2s+eoXAwKBVYq9bjOR+yQZj2ITFpg93ejR5l3jjZuUyKZtGl7RtYwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHJdvkn9M45bMMGfBLJYaoYrp+PPMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvY2wyLVNmMHpqbHN3d1o4RXNsaHFoaXVuNDg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMHMcRwwbkqCZfHVvktK
WlIy/JzRlMTHDvBpH1dsjljLFjzaEDRwTpOChIwig9dryEp5acsTnSfTk3OvibPD
uWQdxGSaFFinfu4WHOGdAxbQrmitP/V3fB1hjK6KhKDH/hVoQrnzXVUlLfqGdxXI
p7IX2KOVc64Y3w6gEQMXBckHlWTLhSFHFKMl8qdbqSd1pvFasPEoCrltCapwyJ1q
NDb9y1R1EksA7e+r82uG1bRDOJfarPjBEXg1b71Swi8JXO65WjvANcDDKKHqCQ/t
B8HiWKDKGrAwvnDCHn5WfIdLFBcYxAgkpGozfaDkHuvR4sZ/axhCH93jY0GGmOtu
wTo=
-----END CERTIFICATE-----
Generated at Tue Apr 22 00:32:20 2025 by rpki-client