Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ll2GzFCEbOQXDlr7Wc9cUnXP-rY.roa
File: ll2GzFCEbOQXDlr7Wc9cUnXP-rY.roa (raw, json)
Hash identifier: QjssBAmUzLoq0ZvVpFryg0MDb5AHLaCCqAPx18fhZ+o=
Subject key identifier: 96:5D:86:CC:50:84:6C:E4:17:0E:5A:FB:59:CF:5C:52:75:CF:FA:B6
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B2BF719824931203D71A9B8A4211CEABB
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ll2GzFCEbOQXDlr7Wc9cUnXP-rY.roa
Signing time: Sat 14 Oct 2023 02:14:56 +0000
ROA not before: Sat 14 Oct 2023 02:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:2b:f7:19:82:49:31:20:3d:71:a9:b8:a4:21:1c:ea:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 14 02:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=965d86cc50846ce4170e5afb59cf5c5275cffab6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:17:66:43:31:20:4e:a6:57:0d:e5:88:bd:d7:
80:8e:c0:e4:00:ea:91:88:d5:67:13:96:c9:eb:27:
bb:29:a9:84:70:f9:d0:4b:83:aa:f6:d0:5d:bd:4b:
1a:cf:29:bf:81:a5:c3:a7:fe:8f:a6:4a:ce:01:72:
8e:ca:7d:ac:d9:de:ba:cf:69:0f:72:6e:1f:d7:e8:
82:73:c4:71:9c:48:07:04:a0:db:25:92:58:8c:41:
03:0c:28:11:e6:a7:0c:73:a2:8c:e5:b0:8f:58:87:
9b:13:5a:d6:70:27:e4:51:8a:99:85:0d:e7:d0:a0:
dc:a0:f0:92:48:55:d9:b9:55:a9:7f:61:30:55:8f:
c4:20:f8:f9:dc:ab:42:5e:6c:50:16:5f:ba:1f:8f:
9d:2f:e5:92:63:72:8f:8e:63:83:26:8c:91:25:02:
77:d6:e0:70:97:42:67:92:79:63:44:e0:a9:56:62:
2e:d8:aa:fc:64:2c:fc:c0:98:9e:f5:c3:ea:39:a6:
61:e7:60:01:a4:34:04:9e:9d:79:b8:d4:01:cd:3f:
d7:73:79:bc:68:5a:17:7f:db:19:07:56:c7:cd:14:
c1:03:20:89:11:1a:85:d0:0c:50:5c:90:33:c3:c4:
2e:31:39:e9:17:60:77:bc:5d:8d:85:dd:54:a7:34:
e0:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:5D:86:CC:50:84:6C:E4:17:0E:5A:FB:59:CF:5C:52:75:CF:FA:B6
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ll2GzFCEbOQXDlr7Wc9cUnXP-rY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
80:0e:b7:6c:2c:11:2c:d9:6c:05:68:12:a2:a8:35:57:c4:d4:
2e:16:7e:75:11:7e:fa:d4:30:ad:27:c5:2a:3f:02:df:ac:56:
9b:6a:b1:21:79:47:b1:35:27:bb:08:35:53:29:cb:32:b4:08:
9f:cc:e1:96:64:53:1d:eb:c0:e4:50:96:27:23:06:83:b2:88:
b6:b8:53:d4:a2:22:5b:c5:09:82:8e:58:8e:52:7e:1b:a6:68:
7e:1d:9d:98:bf:ad:0b:c2:36:14:8b:56:13:14:cc:83:e2:23:
fd:50:f5:32:cf:02:46:ad:77:3d:4c:b3:64:39:d0:f3:39:7c:
b6:60:4e:08:83:aa:44:65:eb:dc:a3:3b:1e:e2:a5:d5:eb:a6:
93:03:a7:ab:9c:10:d4:00:23:19:8f:28:ea:fb:16:0b:69:f2:
fb:da:a6:97:bf:79:8a:67:30:64:29:8c:d2:ff:77:26:b4:9a:
fd:f4:8d:eb:aa:2c:62:4b:db:a6:3f:94:db:3c:00:00:ad:3a:
d5:4a:12:93:bf:42:a3:6c:3e:0e:ff:61:40:76:ca:5f:e1:3f:
24:c0:1c:9b:3b:43:11:f8:0d:f7:fe:5d:47:e2:84:c8:ff:9f:
ed:08:56:34:c0:30:03:f2:4c:52:9a:35:91:e6:23:a2:3e:cd:
d7:42:40:f0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsr9xmCSTEgPXGpuKQhHOq7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE0MDIxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjVkODZjYzUwODQ2Y2U0MTcwZTVhZmI1OWNmNWM1Mjc1Y2ZmYWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRdmQzEgTqZXDeWIvdeAjsDkAOqR
iNVnE5bJ6ye7KamEcPnQS4Oq9tBdvUsazym/gaXDp/6PpkrOAXKOyn2s2d66z2kP
cm4f1+iCc8RxnEgHBKDbJZJYjEEDDCgR5qcMc6KM5bCPWIebE1rWcCfkUYqZhQ3n
0KDcoPCSSFXZuVWpf2EwVY/EIPj53KtCXmxQFl+6H4+dL+WSY3KPjmODJoyRJQJ3
1uBwl0JnknljROCpVmIu2Kr8ZCz8wJie9cPqOaZh52ABpDQEnp15uNQBzT/Xc3m8
aFoXf9sZB1bHzRTBAyCJERqF0AxQXJAzw8QuMTnpF2B3vF2Nhd1UpzTgPwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJZdhsxQhGzkFw5a+1nPXFJ1z/q2MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbGwyR3pGQ0ViT1FYRGxyN1djOWNVblhQLXJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIAOt2wsESzZbAVoEqKo
NVfE1C4WfnURfvrUMK0nxSo/At+sVptqsSF5R7E1J7sINVMpyzK0CJ/M4ZZkUx3r
wORQlicjBoOyiLa4U9SiIlvFCYKOWI5SfhumaH4dnZi/rQvCNhSLVhMUzIPiI/1Q
9TLPAkatdz1Ms2Q50PM5fLZgTgiDqkRl69yjOx7ipdXrppMDp6ucENQAIxmPKOr7
Fgtp8vvappe/eYpnMGQpjNL/dya0mv30jeuqLGJL26Y/lNs8AACtOtVKEpO/QqNs
Pg7/YUB2yl/hPyTAHJs7QxH4Dff+XUfihMj/n+0IVjTAMAPyTFKaNZHmI6I+zddC
QPA=
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:19:08 2025 by rpki-client