Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kl3uTDkXlEWppyl39OjGzBdNwz0.roa
File: kl3uTDkXlEWppyl39OjGzBdNwz0.roa (raw, json)
Hash identifier: RvuwJaASUXH5ORRz8c4q6AHo57B/5uhdq+Ucny/vtPw=
Subject key identifier: 92:5D:EE:4C:39:17:94:45:A9:A7:29:77:F4:E8:C6:CC:17:4D:C3:3D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C78FB54D76B8F8F040A2AAAE5C2D1BB3F
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kl3uTDkXlEWppyl39OjGzBdNwz0.roa
Signing time: Sun 17 Dec 2023 18:13:06 +0000
ROA not before: Sun 17 Dec 2023 18:13:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:78:fb:54:d7:6b:8f:8f:04:0a:2a:aa:e5:c2:d1:bb:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 17 18:13:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=925dee4c39179445a9a72977f4e8c6cc174dc33d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:66:e3:f5:81:b8:11:50:5e:c9:03:5e:7a:e3:
e4:dc:3e:52:c7:4f:fd:ed:d5:b1:ae:75:42:bb:d8:
0f:ee:34:50:ae:1f:b6:6a:ec:b9:fa:01:ba:1e:95:
15:3b:d6:aa:3e:78:f9:f1:33:53:1d:89:81:f4:7f:
18:77:9c:60:61:01:00:8d:b0:45:3a:ad:5c:78:1d:
ff:a6:f5:f4:5f:1e:aa:67:eb:b2:9b:63:ac:7f:b0:
3c:69:19:35:b5:62:83:d6:65:2d:79:32:21:b2:71:
de:f6:cc:28:a4:5d:28:3a:c3:7d:c8:6f:31:01:40:
c9:b6:ae:b1:92:ed:a4:1b:a0:e1:bd:82:da:a7:bd:
f8:67:87:64:7b:d4:1d:0f:f5:a8:61:5f:9e:7e:95:
e9:31:84:d5:9f:d2:45:d0:0a:2f:a5:c5:ad:12:13:
19:97:4b:b3:c2:86:60:c2:0c:fb:10:a8:ab:6b:b8:
81:fe:b2:b0:23:fb:57:1d:1f:15:97:48:14:af:4b:
64:b2:f4:c3:00:b7:51:33:d4:9c:eb:89:72:6e:e0:
c2:78:c2:b0:e0:d9:5b:d3:46:7f:b6:40:26:ab:ee:
77:89:0d:24:68:73:91:0c:6b:04:7c:78:10:e6:07:
ef:1c:ff:b4:3b:2b:26:d0:07:55:e9:f1:da:6a:1c:
fe:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:5D:EE:4C:39:17:94:45:A9:A7:29:77:F4:E8:C6:CC:17:4D:C3:3D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kl3uTDkXlEWppyl39OjGzBdNwz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5b:d7:37:81:f7:33:b9:88:cf:31:2b:65:55:ae:ee:2f:24:26:
50:40:27:5d:e4:84:54:7f:15:71:00:0d:f9:f6:c3:65:67:e0:
c3:6f:a3:27:be:1c:24:f5:6d:8b:65:d0:10:13:5f:20:5d:b8:
4b:4e:17:a2:44:8b:07:d0:6a:c8:a1:9d:98:d2:69:50:68:0b:
17:06:8f:02:a8:42:c0:c6:97:f4:38:06:9a:fd:56:54:f4:14:
28:07:30:a7:47:3c:45:be:f7:85:bf:19:34:c9:6c:f5:e1:ef:
9d:87:a1:cc:4a:92:c6:c0:da:10:89:88:cb:55:a6:ae:e1:a2:
1e:d6:2a:8b:d1:75:2a:fa:19:83:89:a4:51:47:11:5d:5f:42:
2e:03:9a:f7:18:2a:7b:47:b6:e8:45:d8:96:f1:57:13:41:fb:
c8:f7:72:ea:b5:63:8c:5e:aa:2e:44:89:b6:03:a0:64:a5:9c:
59:e3:31:a2:19:37:91:ba:06:a0:84:78:d6:cb:06:e9:d0:62:
ae:44:62:8e:a7:95:8d:a2:d6:2a:4b:8d:2c:2c:e1:ce:a9:ca:
39:98:b0:b5:a5:fb:59:12:90:cd:bb:81:07:9a:23:2d:f3:0b:
21:85:13:06:aa:43:51:bd:56:7a:55:e0:93:21:86:53:a1:51:
fb:af:da:77
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYx4+1TXa4+PBAoqquXC0bs/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE3MTgxMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjVkZWU0YzM5MTc5NDQ1YTlhNzI5NzdmNGU4YzZjYzE3NGRjMzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmbj9YG4EVBeyQNeeuPk3D5Sx0/9
7dWxrnVCu9gP7jRQrh+2auy5+gG6HpUVO9aqPnj58TNTHYmB9H8Yd5xgYQEAjbBF
Oq1ceB3/pvX0Xx6qZ+uym2Osf7A8aRk1tWKD1mUteTIhsnHe9swopF0oOsN9yG8x
AUDJtq6xku2kG6DhvYLap734Z4dke9QdD/WoYV+efpXpMYTVn9JF0AovpcWtEhMZ
l0uzwoZgwgz7EKira7iB/rKwI/tXHR8Vl0gUr0tksvTDALdRM9Sc64lybuDCeMKw
4Nlb00Z/tkAmq+53iQ0kaHORDGsEfHgQ5gfvHP+0Oysm0AdV6fHaahz+GQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJJd7kw5F5RFqacpd/ToxswXTcM9MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEva2wzdVREa1hsRVdwcHlsMzlPakd6QmROd3owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFvXN4H3M7mIzzErZVWu
7i8kJlBAJ13khFR/FXEADfn2w2Vn4MNvoye+HCT1bYtl0BATXyBduEtOF6JEiwfQ
asihnZjSaVBoCxcGjwKoQsDGl/Q4Bpr9VlT0FCgHMKdHPEW+94W/GTTJbPXh752H
ocxKksbA2hCJiMtVpq7hoh7WKovRdSr6GYOJpFFHEV1fQi4DmvcYKntHtuhF2Jbx
VxNB+8j3cuq1Y4xeqi5EibYDoGSlnFnjMaIZN5G6BqCEeNbLBunQYq5EYo6nlY2i
1ipLjSws4c6pyjmYsLWl+1kSkM27gQeaIy3zCyGFEwaqQ1G9VnpV4JMhhlOhUfuv
2nc=
-----END CERTIFICATE-----
Generated at Sun Apr 20 19:13:43 2025 by rpki-client