Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/dklhMhNuxW7QLtZFcR9OAjFGoAw.roa
File: dklhMhNuxW7QLtZFcR9OAjFGoAw.roa (raw, json)
Hash identifier: gXoJljYDM3aKDLm/SiLIsYZ9DdDa6l7uh2SlsBjmPmc=
Subject key identifier: 76:49:61:32:13:6E:C5:6E:D0:2E:D6:45:71:1F:4E:02:31:46:A0:0C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C163EC4D886CFB60F47495367FAB42981
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/dklhMhNuxW7QLtZFcR9OAjFGoAw.roa
Signing time: Tue 28 Nov 2023 14:04:21 +0000
ROA not before: Tue 28 Nov 2023 14:04:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18c:163e:8c00/128 maxlen: 128
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:16:3e:c4:d8:86:cf:b6:0f:47:49:53:67:fa:b4:29:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 28 14:04:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76496132136ec56ed02ed645711f4e023146a00c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:a9:90:a0:8d:13:91:fe:00:a4:d4:50:bb:89:
54:1f:c6:c5:d1:18:07:85:5e:cb:88:1f:6d:4e:5a:
e8:10:fa:60:95:32:82:0b:12:59:9c:31:ec:ca:c4:
0c:0d:2c:b1:03:f5:15:d8:94:c7:12:a2:6b:d0:85:
51:31:8a:86:84:4d:1f:d9:6d:56:d5:6e:72:e5:d1:
54:52:5e:98:42:76:06:27:82:40:2b:b2:27:39:89:
9a:55:da:79:0c:9e:5e:cb:9c:26:34:e2:60:af:18:
60:df:6d:3b:15:66:7b:bc:f3:fa:7c:ed:99:10:b3:
90:84:07:08:0a:d5:f4:9e:c6:de:4b:26:56:f5:47:
d0:2e:ef:b7:d7:ec:11:1e:54:6b:cd:b3:03:ff:a7:
ae:e2:65:cb:43:e3:c3:0c:b7:31:9d:6e:ac:09:17:
50:33:bb:55:94:9a:3a:29:15:d9:d5:de:fb:b7:bf:
34:c8:b0:04:b5:28:9b:c2:80:2d:dc:91:ee:20:04:
63:91:40:61:33:21:4a:75:44:f6:23:34:e0:7e:81:
3f:06:45:7e:8f:6d:3a:02:23:64:14:9e:83:8b:61:
46:89:9b:15:dc:21:9a:31:f6:3a:c3:72:b6:50:f7:
aa:ef:fd:7e:1e:04:0e:3d:5f:de:c2:58:26:39:5d:
18:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:49:61:32:13:6E:C5:6E:D0:2E:D6:45:71:1F:4E:02:31:46:A0:0C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/dklhMhNuxW7QLtZFcR9OAjFGoAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5e:f9:3e:47:37:90:cd:cc:55:71:0d:c0:03:8c:fe:ae:14:85:
cf:60:18:9b:41:4c:42:57:72:d0:23:65:d3:b8:51:97:3a:be:
7a:7b:a4:2b:6f:ae:f9:df:27:84:f5:94:03:e7:50:8a:b0:5a:
58:fa:a7:42:52:01:59:74:6f:a5:61:c0:ba:ae:ab:18:38:4e:
76:98:20:10:e9:14:7c:c6:04:7d:56:6d:57:b3:15:6d:57:78:
b5:d3:75:20:ec:47:d1:14:d8:39:8d:ab:3d:47:9a:eb:ed:04:
d5:87:a9:19:ef:7f:fb:08:a7:12:64:86:1e:19:bc:4e:03:12:
8b:b5:80:04:78:a5:82:f8:76:c8:6b:fc:bb:8f:c0:dd:af:d9:
e1:78:7d:63:6c:b4:e8:f4:4c:a4:1f:24:2c:41:bf:85:30:3d:
30:ca:1c:ea:b8:2d:d6:7c:b3:e5:ec:2e:27:64:33:f3:47:8a:
f2:75:ad:9e:48:27:4a:19:ae:4e:4e:6a:ba:66:8f:c5:09:c3:
85:0d:57:07:b5:f6:e4:63:15:43:98:b8:ce:73:a4:6a:d6:28:
40:80:b9:4d:06:02:74:06:9e:75:18:f4:a7:04:8e:b7:cb:1b:
5c:c5:29:7a:41:1b:e0:e6:e2:ba:bf:91:ea:8f:eb:01:f4:d1:
ea:7d:f5:46
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwWPsTYhs+2D0dJU2f6tCmBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI4MTQwNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjQ5NjEzMjEzNmVjNTZlZDAyZWQ2NDU3MTFmNGUwMjMxNDZhMDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA26mQoI0Tkf4ApNRQu4lUH8bF0RgH
hV7LiB9tTlroEPpglTKCCxJZnDHsysQMDSyxA/UV2JTHEqJr0IVRMYqGhE0f2W1W
1W5y5dFUUl6YQnYGJ4JAK7InOYmaVdp5DJ5ey5wmNOJgrxhg3207FWZ7vPP6fO2Z
ELOQhAcICtX0nsbeSyZW9UfQLu+31+wRHlRrzbMD/6eu4mXLQ+PDDLcxnW6sCRdQ
M7tVlJo6KRXZ1d77t780yLAEtSibwoAt3JHuIARjkUBhMyFKdUT2IzTgfoE/BkV+
j206AiNkFJ6Di2FGiZsV3CGaMfY6w3K2UPeq7/1+HgQOPV/ewlgmOV0YHQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHZJYTITbsVu0C7WRXEfTgIxRqAMMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZGtsaE1oTnV4VzdRTHRaRmNSOU9BakZHb0F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF75Pkc3kM3MVXENwAOM
/q4Uhc9gGJtBTEJXctAjZdO4UZc6vnp7pCtvrvnfJ4T1lAPnUIqwWlj6p0JSAVl0
b6VhwLquqxg4TnaYIBDpFHzGBH1WbVezFW1XeLXTdSDsR9EU2DmNqz1HmuvtBNWH
qRnvf/sIpxJkhh4ZvE4DEou1gAR4pYL4dshr/LuPwN2v2eF4fWNstOj0TKQfJCxB
v4UwPTDKHOq4LdZ8s+XsLidkM/NHivJ1rZ5IJ0oZrk5Oarpmj8UJw4UNVwe19uRj
FUOYuM5zpGrWKECAuU0GAnQGnnUY9KcEjrfLG1zFKXpBG+Dm4rq/keqP6wH00ep9
9UY=
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:52:10 2025 by rpki-client