Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ctQGiufp3dsOZOntI63MpxnFkeY.roa
File: ctQGiufp3dsOZOntI63MpxnFkeY.roa (raw, json)
Hash identifier: 3j5220vtehdQOd6U+dQsQBDsJ60ZDoikH55lOhnBcEA=
Subject key identifier: 72:D4:06:8A:E7:E9:DD:DB:0E:64:E9:ED:23:AD:CC:A7:19:C5:91:E6
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C3ED534AED78906043BAA750FE3740BF4
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ctQGiufp3dsOZOntI63MpxnFkeY.roa
Signing time: Wed 06 Dec 2023 11:13:29 +0000
ROA not before: Wed 06 Dec 2023 11:13:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3e:d5:34:ae:d7:89:06:04:3b:aa:75:0f:e3:74:0b:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 6 11:13:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72d4068ae7e9dddb0e64e9ed23adcca719c591e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:9b:af:1a:c3:8b:e6:fe:e8:26:aa:82:a8:c0:
8c:d7:85:5b:d2:6e:f3:b6:ea:0b:16:7d:81:57:02:
8f:cb:b0:e0:8a:3a:aa:ab:6e:70:ba:db:65:95:ea:
a3:e0:34:4e:7f:2d:84:72:bf:ca:53:55:f4:65:59:
99:32:d0:43:f6:a0:85:76:a1:9f:f3:bd:46:c0:60:
99:5e:bd:bb:c3:f6:40:2c:31:29:e7:c5:b7:40:b6:
67:57:1b:9b:a9:d3:16:74:cd:c4:ab:09:9a:b0:22:
f3:4e:e6:ee:18:a6:3c:15:74:a4:54:5b:de:d9:fc:
e4:20:8a:5b:d3:5c:ae:ba:ea:6f:2f:b8:3c:85:a8:
7c:53:4d:3b:d0:60:3f:5c:f8:de:ab:80:a6:8e:42:
4b:5c:df:ca:47:de:eb:9d:a0:e9:a0:da:37:4e:fe:
72:27:fa:b6:9d:a3:20:95:c7:3d:7a:29:90:08:6f:
c9:3d:98:6f:72:ad:8a:88:86:4c:2c:b9:06:25:e2:
4c:55:14:3f:c8:72:84:e4:43:ed:0e:cd:69:f0:b9:
38:20:19:88:29:d0:b2:e3:b8:d5:a9:66:ad:4c:90:
98:f7:94:b6:e7:8c:51:3f:0e:0a:51:a6:07:b6:70:
7a:e9:2b:a5:b1:ad:c7:5b:94:c4:ea:d3:e5:c7:8d:
8e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:D4:06:8A:E7:E9:DD:DB:0E:64:E9:ED:23:AD:CC:A7:19:C5:91:E6
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ctQGiufp3dsOZOntI63MpxnFkeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
97:77:91:42:5c:4c:54:9d:13:b3:87:f6:92:72:64:03:5a:e7:
36:2a:f5:da:68:75:92:b0:c5:c7:86:81:f9:5d:c9:9f:9b:be:
79:2d:81:a8:8e:37:07:26:a7:09:88:d2:2e:59:2d:d8:ab:25:
42:e5:5f:1d:e4:13:6e:a3:76:01:51:38:35:1d:93:c3:50:65:
29:81:7c:e3:9f:98:ae:e9:79:e0:43:2e:d0:a8:8a:9b:fa:6c:
36:d9:62:92:da:4e:08:95:c4:6d:99:40:0a:33:f6:2f:b8:62:
86:37:fa:17:be:89:b4:4e:3c:c0:bd:14:59:1a:a5:49:df:3b:
23:c8:3c:ac:dc:05:87:20:b9:81:37:1c:97:a5:49:b2:bd:12:
d2:41:e4:c0:57:93:ab:ac:a5:5c:c4:c0:1d:e0:45:fa:c6:4c:
1b:60:08:1e:ff:aa:7b:3d:00:00:6b:0b:53:23:17:b9:7b:19:
04:0d:2a:80:41:1b:b2:83:28:83:99:5b:c0:f1:8a:eb:c7:16:
f1:1b:d2:78:40:53:67:96:a9:62:9a:ef:4c:41:72:af:69:a9:
fe:f2:04:7b:47:44:43:59:60:c0:45:dd:da:11:e0:42:c9:bd:
c3:e6:e4:95:b9:0f:7a:1b:5d:6f:90:43:39:23:2e:9c:ee:d4:
e6:05:bf:b7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYw+1TSu14kGBDuqdQ/jdAv0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA2MTExMzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmQ0MDY4YWU3ZTlkZGRiMGU2NGU5ZWQyM2FkY2NhNzE5YzU5MWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/JuvGsOL5v7oJqqCqMCM14Vb0m7z
tuoLFn2BVwKPy7Dgijqqq25wuttlleqj4DROfy2Ecr/KU1X0ZVmZMtBD9qCFdqGf
871GwGCZXr27w/ZALDEp58W3QLZnVxubqdMWdM3EqwmasCLzTubuGKY8FXSkVFve
2fzkIIpb01yuuupvL7g8hah8U0070GA/XPjeq4CmjkJLXN/KR97rnaDpoNo3Tv5y
J/q2naMglcc9eimQCG/JPZhvcq2KiIZMLLkGJeJMVRQ/yHKE5EPtDs1p8Lk4IBmI
KdCy47jVqWatTJCY95S254xRPw4KUaYHtnB66Sulsa3HW5TE6tPlx42OZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHLUBorn6d3bDmTp7SOtzKcZxZHmMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvY3RRR2l1ZnAzZHNPWk9udEk2M01weG5Ga2VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJd3kUJcTFSdE7OH9pJy
ZANa5zYq9dpodZKwxceGgfldyZ+bvnktgaiONwcmpwmI0i5ZLdirJULlXx3kE26j
dgFRODUdk8NQZSmBfOOfmK7peeBDLtCoipv6bDbZYpLaTgiVxG2ZQAoz9i+4YoY3
+he+ibROPMC9FFkapUnfOyPIPKzcBYcguYE3HJelSbK9EtJB5MBXk6uspVzEwB3g
RfrGTBtgCB7/qns9AABrC1MjF7l7GQQNKoBBG7KDKIOZW8DxiuvHFvEb0nhAU2eW
qWKa70xBcq9pqf7yBHtHRENZYMBF3doR4ELJvcPm5JW5D3obXW+QQzkjLpzu1OYF
v7c=
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:47:29 2025 by rpki-client