Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/cuBLBLhl0FhXlzL9DjWj3GcRbTM.roa
File: cuBLBLhl0FhXlzL9DjWj3GcRbTM.roa (raw, json)
Hash identifier: 9L3ZFvZWakTa7ujNS9vd22DYHn3Bf5pn+QztvPBODFs=
Subject key identifier: 72:E0:4B:04:B8:65:D0:58:57:97:32:FD:0E:35:A3:DC:67:11:6D:33
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B44DB55B9B2DD4726D2D9EF8807A1DA40
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/cuBLBLhl0FhXlzL9DjWj3GcRbTM.roa
Signing time: Wed 18 Oct 2023 22:15:06 +0000
ROA not before: Wed 18 Oct 2023 22:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:44:db:55:b9:b2:dd:47:26:d2:d9:ef:88:07:a1:da:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 18 22:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72e04b04b865d058579732fd0e35a3dc67116d33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:03:5a:e2:cf:f2:9d:08:08:bb:80:18:8c:30:
0a:16:5c:5d:41:40:5d:21:07:82:f5:48:7f:21:a9:
e8:39:0e:1e:4c:01:74:cd:16:35:99:bf:47:37:55:
f0:1e:67:ef:3d:82:5c:71:87:16:4e:b1:b7:ad:d0:
08:96:31:b4:8e:88:f1:55:f2:39:53:eb:77:e9:3d:
1b:b4:5c:f5:14:83:0b:8d:cd:c8:09:b9:5c:8a:04:
af:0c:bc:bd:f7:d9:a5:54:b8:55:98:cf:f8:ae:91:
68:1e:0d:a5:12:70:0f:f7:fb:a0:a1:bc:0d:7e:68:
32:a4:65:45:af:57:16:4d:17:04:a6:8a:e1:71:e7:
b9:91:dd:bc:99:3a:1c:67:02:a5:e3:75:7d:f4:c3:
4a:da:9e:6a:48:42:d5:13:db:5e:2c:33:60:00:eb:
00:15:10:a7:10:a8:51:06:3e:f9:8e:b8:53:ec:35:
63:32:cf:c1:a6:e3:2e:2d:9a:6f:54:6e:ee:de:20:
9a:0a:73:7d:57:9b:e2:8b:12:c5:c5:80:3a:d5:34:
2c:ff:60:cf:89:19:2d:39:c0:81:22:85:1c:cb:21:
14:ef:7a:1e:b8:ea:6e:d3:ab:3f:21:9f:3d:6e:ae:
fe:9e:cd:da:4c:45:14:f9:13:c7:2a:77:0e:59:41:
03:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:E0:4B:04:B8:65:D0:58:57:97:32:FD:0E:35:A3:DC:67:11:6D:33
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/cuBLBLhl0FhXlzL9DjWj3GcRbTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
d1:b7:71:e4:74:5f:31:fd:89:14:0d:bb:cf:fe:6d:bb:49:65:
62:e4:8d:5b:9c:77:41:78:34:d6:c6:0c:7c:bb:5a:3f:40:f5:
52:dc:01:70:cf:23:fc:ef:22:e5:b3:53:07:fb:dc:52:5b:fa:
fe:59:86:ee:8b:6b:b3:fb:e8:0b:8a:98:ee:3b:91:ee:85:38:
e7:82:db:59:7b:af:65:80:39:84:53:f2:9c:40:a1:df:e8:ab:
2d:cb:14:e7:13:d4:11:d3:87:4c:ca:17:53:86:27:27:05:14:
b7:cd:4b:14:af:5c:ba:01:df:3c:1b:9f:74:0c:a7:d7:f2:1a:
0b:7a:7c:d8:0d:36:df:b2:e9:3b:0b:f3:da:44:32:18:1f:a6:
82:46:6f:34:63:9e:a8:d9:6f:1e:d0:27:8d:f5:57:de:1c:cb:
3d:27:89:1d:4e:df:ee:44:83:c8:c7:32:4e:ae:8e:3a:ce:32:
7f:9f:41:87:53:11:06:54:71:02:ee:bd:45:2e:36:a8:19:9d:
69:1c:77:23:7b:61:12:d6:57:fc:7a:dd:35:31:d6:c3:17:b6:
a3:09:bb:7e:44:a1:18:8b:04:4d:47:54:b2:44:be:a2:e1:3b:
4c:b9:eb:28:26:ac:7d:19:d8:ba:e3:dd:66:cf:5a:6b:68:80:
27:59:69:03
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtE21W5st1HJtLZ74gHodpAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE4MjIxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmUwNGIwNGI4NjVkMDU4NTc5NzMyZmQwZTM1YTNkYzY3MTE2ZDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgNa4s/ynQgIu4AYjDAKFlxdQUBd
IQeC9Uh/IanoOQ4eTAF0zRY1mb9HN1XwHmfvPYJccYcWTrG3rdAIljG0jojxVfI5
U+t36T0btFz1FIMLjc3ICblcigSvDLy999mlVLhVmM/4rpFoHg2lEnAP9/ugobwN
fmgypGVFr1cWTRcEporhcee5kd28mTocZwKl43V99MNK2p5qSELVE9teLDNgAOsA
FRCnEKhRBj75jrhT7DVjMs/BpuMuLZpvVG7u3iCaCnN9V5viixLFxYA61TQs/2DP
iRktOcCBIoUcyyEU73oeuOpu06s/IZ89bq7+ns3aTEUU+RPHKncOWUEDZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHLgSwS4ZdBYV5cy/Q41o9xnEW0zMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvY3VCTEJMaGwwRmhYbHpMOURqV2ozR2NSYlRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBANG3ceR0XzH9iRQNu8/+
bbtJZWLkjVucd0F4NNbGDHy7Wj9A9VLcAXDPI/zvIuWzUwf73FJb+v5Zhu6La7P7
6AuKmO47ke6FOOeC21l7r2WAOYRT8pxAod/oqy3LFOcT1BHTh0zKF1OGJycFFLfN
SxSvXLoB3zwbn3QMp9fyGgt6fNgNNt+y6TsL89pEMhgfpoJGbzRjnqjZbx7QJ431
V94cyz0niR1O3+5Eg8jHMk6ujjrOMn+fQYdTEQZUcQLuvUUuNqgZnWkcdyN7YRLW
V/x63TUx1sMXtqMJu35EoRiLBE1HVLJEvqLhO0y56ygmrH0Z2Lrj3WbPWmtogCdZ
aQM=
-----END CERTIFICATE-----
Generated at Sun Apr 20 21:06:56 2025 by rpki-client