Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/lF7LxNVnZO5nw4Lr3UHTYr2evCc.roa
File: lF7LxNVnZO5nw4Lr3UHTYr2evCc.roa (raw, json)
Hash identifier: AGSXeIsG6MmWHivkbIWfwGl/2ktbbYcFnXbJRSaEbfE=
Subject key identifier: 94:5E:CB:C4:D5:67:64:EE:67:C3:82:EB:DD:41:D3:62:BD:9E:BC:27
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BFCEDC114D1EB935BFDDBA3A29FB0D1F3
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/lF7LxNVnZO5nw4Lr3UHTYr2evCc.roa
Signing time: Thu 23 Nov 2023 16:05:21 +0000
ROA not before: Thu 23 Nov 2023 16:05:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18b:fcec:d999/128 maxlen: 128
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fc:ed:c1:14:d1:eb:93:5b:fd:db:a3:a2:9f:b0:d1:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 23 16:05:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=945ecbc4d56764ee67c382ebdd41d362bd9ebc27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:df:a9:19:80:f8:96:ef:c0:7a:6c:e1:f6:e0:
75:ad:29:c7:74:12:2c:59:d0:0a:5a:ea:c8:e4:9e:
3b:43:3a:4b:7f:cb:4f:a3:1e:79:e4:c4:26:e0:07:
a0:8f:2e:a9:bd:4f:94:9a:10:fa:56:a9:ac:45:90:
95:d1:34:66:ab:e3:3f:bb:8a:e0:2d:49:32:b7:2c:
c6:30:e5:f9:ac:dc:fd:4f:0d:74:ec:14:6f:b5:2f:
ab:43:27:7a:55:56:da:89:a2:51:46:ca:e8:2c:d6:
c0:03:30:ef:19:22:c0:4a:f6:7f:fb:51:e0:be:13:
b5:2f:df:5b:74:1a:3c:98:86:9a:80:0e:32:0d:26:
8f:58:b1:b7:d7:f8:4f:7d:5e:bb:87:e0:5a:10:db:
70:0f:7a:bb:9e:ef:4f:d0:0e:fc:92:1a:1f:58:12:
a0:04:25:4f:f1:20:95:1b:57:a0:a9:67:4c:1d:51:
c4:6d:22:06:25:5c:c6:a5:f6:02:29:e0:48:c6:4f:
2d:54:54:55:78:f0:55:aa:49:df:75:b5:7d:dc:24:
2a:47:53:9a:ce:ae:b7:88:26:db:29:fa:8a:c5:e6:
aa:db:42:e1:d9:3c:f7:c8:6e:10:fa:d6:e9:f4:81:
0a:0a:a6:21:4d:28:b7:34:8c:cb:a1:8b:84:7e:04:
37:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:5E:CB:C4:D5:67:64:EE:67:C3:82:EB:DD:41:D3:62:BD:9E:BC:27
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/lF7LxNVnZO5nw4Lr3UHTYr2evCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
75:b7:bb:c7:12:35:df:27:50:ac:6e:c0:3b:d0:bd:e3:64:d3:
01:ca:4a:bf:1b:54:f1:18:bd:01:c8:13:f2:dc:06:8d:6d:66:
fe:3d:ed:46:aa:f4:0e:8f:ff:bc:47:5d:1f:e2:38:6c:97:98:
50:8a:8d:84:83:80:78:50:a7:36:6f:ff:06:51:ce:fe:00:64:
03:39:aa:90:a3:11:41:26:44:15:ef:03:58:24:5f:6b:c4:53:
17:77:b6:1c:f2:f6:c8:51:8b:7b:02:94:ec:8b:aa:d1:f9:79:
75:f5:69:b2:a4:7d:05:e7:38:52:c7:8d:6f:1b:3d:6f:14:fb:
1b:9a:28:e3:95:2c:cd:67:b2:3e:96:4c:dc:20:ce:82:4a:a5:
9b:fd:8e:c9:e6:99:10:67:e7:e8:a3:10:57:84:84:02:33:99:
b4:3b:b3:e3:5b:69:cd:fa:f0:9c:ef:c3:ab:fe:be:33:f5:ae:
76:b9:45:1d:62:d6:89:9e:7f:e2:4f:fe:59:da:3f:48:58:6d:
d0:c6:fc:dd:01:10:a9:1d:72:37:8a:73:54:de:0e:29:d4:ea:
dd:10:9a:a9:f0:52:ab:9e:6c:de:2e:48:43:bf:eb:78:f7:c7:
a7:a5:aa:3b:57:92:36:9d:e7:4e:b5:d7:49:54:99:a5:06:14:
e4:e0:77:63
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYv87cEU0euTW/3bo6KfsNHzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTIzMTYwNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDVlY2JjNGQ1Njc2NGVlNjdjMzgyZWJkZDQxZDM2MmJkOWViYzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAld+pGYD4lu/Aemzh9uB1rSnHdBIs
WdAKWurI5J47QzpLf8tPox555MQm4Aegjy6pvU+UmhD6VqmsRZCV0TRmq+M/u4rg
LUkytyzGMOX5rNz9Tw107BRvtS+rQyd6VVbaiaJRRsroLNbAAzDvGSLASvZ/+1Hg
vhO1L99bdBo8mIaagA4yDSaPWLG31/hPfV67h+BaENtwD3q7nu9P0A78khofWBKg
BCVP8SCVG1egqWdMHVHEbSIGJVzGpfYCKeBIxk8tVFRVePBVqknfdbV93CQqR1Oa
zq63iCbbKfqKxeaq20Lh2Tz3yG4Q+tbp9IEKCqYhTSi3NIzLoYuEfgQ3eQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJRey8TVZ2TuZ8OC691B02K9nrwnMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbEY3THhOVm5aTzVudzRMcjNVSFRZcjJldkNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHW3u8cSNd8nUKxuwDvQ
veNk0wHKSr8bVPEYvQHIE/LcBo1tZv497Uaq9A6P/7xHXR/iOGyXmFCKjYSDgHhQ
pzZv/wZRzv4AZAM5qpCjEUEmRBXvA1gkX2vEUxd3thzy9shRi3sClOyLqtH5eXX1
abKkfQXnOFLHjW8bPW8U+xuaKOOVLM1nsj6WTNwgzoJKpZv9jsnmmRBn5+ijEFeE
hAIzmbQ7s+Nbac368Jzvw6v+vjP1rna5RR1i1omef+JP/lnaP0hYbdDG/N0BEKkd
cjeKc1TeDinU6t0QmqnwUquebN4uSEO/63j3x6elqjtXkjad506110lUmaUGFOTg
d2M=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:49:05 2025 by rpki-client