Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/cn5rAD1YIbgrrchJMEpGthOjIgo.roa
File: cn5rAD1YIbgrrchJMEpGthOjIgo.roa (raw, json)
Hash identifier: BOoohFKczgFkgBb4UTcK3wDflrLbNov2zE5vn0Qak6Y=
Subject key identifier: 72:7E:6B:00:3D:58:21:B8:2B:AD:C8:49:30:4A:46:B6:13:A3:22:0A
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B544AE3A69E24C89FDCC8ED8DEB16DDC1
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/cn5rAD1YIbgrrchJMEpGthOjIgo.roa
Signing time: Sat 21 Oct 2023 22:11:15 +0000
ROA not before: Sat 21 Oct 2023 22:11:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:54:4a:e3:a6:9e:24:c8:9f:dc:c8:ed:8d:eb:16:dd:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 21 22:11:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=727e6b003d5821b82badc849304a46b613a3220a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:55:e3:62:34:b5:d5:87:e5:eb:ea:8a:79:24:
4b:fb:b5:ac:19:ca:14:e1:85:cb:aa:e0:af:37:d0:
2f:c2:b0:ef:f7:a5:7c:31:26:f2:19:fa:81:37:41:
d6:e7:34:50:98:58:c5:6a:36:1e:b1:90:0c:c1:3a:
66:d2:3f:29:6b:1a:ce:0e:41:8f:8b:a6:7a:76:60:
f2:5b:c1:12:14:46:aa:09:6b:e4:b2:0f:fc:26:85:
62:0c:1d:c3:3d:73:55:dc:70:ae:e0:03:17:f9:e0:
95:b2:f2:10:f8:77:75:20:76:c2:5c:24:25:22:44:
3c:54:e3:e5:2c:ee:7b:b3:6f:7d:f7:f3:b9:23:29:
81:0f:8b:e3:15:44:23:15:59:ca:86:a0:5a:81:b1:
64:9f:d9:c4:71:97:6a:e2:b9:05:1d:7f:5a:cd:0e:
f9:50:ba:a8:38:b1:ce:2b:97:02:67:ba:51:5e:23:
7e:53:7f:a7:31:98:4d:be:1c:c8:f1:86:5e:e5:fd:
33:6a:00:0d:ee:5e:79:06:c1:e4:26:05:8e:f9:59:
6e:59:8e:fc:00:25:e3:32:05:7a:f8:62:a3:42:9a:
e0:7e:ad:c9:e7:b4:96:a4:a8:b7:79:80:73:da:e6:
ba:f3:8c:fd:f9:59:c2:37:0e:9f:89:4f:0c:4c:49:
cb:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:7E:6B:00:3D:58:21:B8:2B:AD:C8:49:30:4A:46:B6:13:A3:22:0A
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/cn5rAD1YIbgrrchJMEpGthOjIgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
38:7f:c7:ba:03:f4:d0:08:e5:ce:5c:67:e9:1c:c9:ba:77:32:
94:49:67:6c:c2:63:66:b0:fb:de:78:dd:bf:88:1b:53:35:b1:
fe:ce:7a:f9:b4:97:3b:0f:19:fe:0d:0e:21:b0:d6:60:a2:e5:
2e:3b:af:a4:b6:46:a3:d2:25:7a:0f:1c:8c:e0:40:d7:79:65:
f4:d8:dd:a1:df:35:26:72:07:67:9d:2d:41:a3:3c:3f:f7:5b:
90:b6:e3:9e:63:31:80:77:da:8b:dc:e1:f9:06:d0:6a:f1:99:
ca:eb:1f:da:c9:b9:46:fd:d0:ce:a4:bb:99:bd:ce:13:db:37:
78:e9:82:9e:c7:80:bc:0f:43:65:85:08:e5:1b:b1:f0:c4:2f:
23:9b:9b:d7:3e:f0:37:e3:6d:d7:b2:61:eb:2f:3b:b6:b5:74:
33:0e:59:27:e2:3d:cd:9f:b0:d6:13:8c:18:11:82:4e:4d:2c:
34:97:e5:74:4b:4e:6a:1f:80:6e:75:84:d1:f3:0c:1b:da:da:
dd:8f:36:57:eb:7d:a9:8a:2f:fc:d1:55:77:08:17:b2:6f:36:
8e:33:52:f5:89:c1:eb:fe:bb:32:d0:08:45:93:7e:c2:28:38:
b5:79:30:09:87:37:7e:f5:61:5a:34:af:cd:27:a5:c1:05:b1:
15:9c:1a:39
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtUSuOmniTIn9zI7Y3rFt3BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIxMjIxMTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjdlNmIwMDNkNTgyMWI4MmJhZGM4NDkzMDRhNDZiNjEzYTMyMjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVXjYjS11Yfl6+qKeSRL+7WsGcoU
4YXLquCvN9AvwrDv96V8MSbyGfqBN0HW5zRQmFjFajYesZAMwTpm0j8paxrODkGP
i6Z6dmDyW8ESFEaqCWvksg/8JoViDB3DPXNV3HCu4AMX+eCVsvIQ+Hd1IHbCXCQl
IkQ8VOPlLO57s2999/O5IymBD4vjFUQjFVnKhqBagbFkn9nEcZdq4rkFHX9azQ75
ULqoOLHOK5cCZ7pRXiN+U3+nMZhNvhzI8YZe5f0zagAN7l55BsHkJgWO+VluWY78
ACXjMgV6+GKjQprgfq3J57SWpKi3eYBz2ua684z9+VnCNw6fiU8MTEnLTQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHJ+awA9WCG4K63ISTBKRrYToyIKMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvY241ckFEMVlJYmdycmNoSk1FcEd0aE9qSWdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADh/x7oD9NAI5c5cZ+kc
ybp3MpRJZ2zCY2aw+9543b+IG1M1sf7Oevm0lzsPGf4NDiGw1mCi5S47r6S2RqPS
JXoPHIzgQNd5ZfTY3aHfNSZyB2edLUGjPD/3W5C2455jMYB32ovc4fkG0Grxmcrr
H9rJuUb90M6ku5m9zhPbN3jpgp7HgLwPQ2WFCOUbsfDELyObm9c+8DfjbdeyYesv
O7a1dDMOWSfiPc2fsNYTjBgRgk5NLDSX5XRLTmofgG51hNHzDBva2t2PNlfrfamK
L/zRVXcIF7JvNo4zUvWJwev+uzLQCEWTfsIoOLV5MAmHN371YVo0r80npcEFsRWc
Gjk=
-----END CERTIFICATE-----
Generated at Tue Apr 22 00:32:25 2025 by rpki-client