Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/mUmR04LJt2L2GWWCJ4O9_vrFZQ8.roa
File: mUmR04LJt2L2GWWCJ4O9_vrFZQ8.roa (raw, json)
Hash identifier: LMbvStQXDOCuBkcvepzwqK1CJvJrdfeyGPLBw6PTJY8=
Subject key identifier: 99:49:91:D3:82:C9:B7:62:F6:19:65:82:27:83:BD:FE:FA:C5:65:0F
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BA567F7B20BDDD187E9C41D51B65706B6
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/mUmR04LJt2L2GWWCJ4O9_vrFZQ8.roa
Signing time: Mon 06 Nov 2023 16:12:16 +0000
ROA not before: Mon 06 Nov 2023 16:12:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a5:67:f7:b2:0b:dd:d1:87:e9:c4:1d:51:b6:57:06:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 6 16:12:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=994991d382c9b762f61965822783bdfefac5650f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:11:12:f1:80:02:9d:dc:95:5e:64:7e:b1:73:
e7:83:16:fa:78:7f:bd:05:32:33:91:02:72:f4:e6:
13:31:ea:fa:83:91:76:1a:fb:53:94:db:f9:9e:9f:
30:be:11:77:ac:5a:be:9f:00:bb:13:d7:a7:c5:f6:
a5:38:aa:5c:91:b7:66:25:5d:33:3f:e2:a3:da:7d:
2a:7e:47:e2:3d:32:a3:69:fc:04:4d:5a:c7:48:c1:
ab:f5:ee:67:50:c4:2f:25:83:af:72:96:07:45:6a:
ad:8b:81:90:23:9f:9a:3e:99:9d:e5:95:ec:43:07:
3f:8a:8c:c7:9a:a8:d9:eb:e2:9e:d4:db:f5:a6:b5:
57:b0:7e:e4:67:73:1d:d4:74:1c:58:3a:03:06:ff:
53:f7:df:63:eb:29:35:09:5f:14:92:44:57:7b:2e:
31:76:19:c0:c5:30:bd:94:8f:f1:9e:13:0c:62:31:
e4:c2:0f:7a:92:26:a0:a7:57:5b:28:a2:39:d9:c3:
4b:c5:0b:20:9b:64:18:99:b3:76:fb:6d:b3:10:a4:
f5:1d:63:fe:b3:4a:76:aa:10:78:ff:6d:39:71:c9:
63:25:7e:d3:28:38:cc:79:ad:92:b9:32:e5:44:a4:
07:4f:d3:3a:52:9f:5f:69:4a:98:b2:e6:0b:df:15:
e2:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:49:91:D3:82:C9:B7:62:F6:19:65:82:27:83:BD:FE:FA:C5:65:0F
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/mUmR04LJt2L2GWWCJ4O9_vrFZQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2f:e3:35:22:26:21:41:55:b6:bc:2a:0f:cf:33:dc:0d:73:15:
af:5b:31:0b:0a:73:38:7c:48:73:f7:3d:af:29:c1:50:c1:68:
0b:72:3e:84:c1:52:98:e8:e6:05:91:fc:93:f1:b9:10:66:bc:
56:62:94:f1:61:79:7d:00:7e:ac:97:65:60:84:fe:62:3c:f3:
29:41:f3:8a:b1:02:cb:19:6f:94:b5:68:51:d4:e3:78:7f:e6:
c8:3c:00:0d:03:c7:a3:1d:56:f1:a4:9a:8f:43:04:0d:0a:57:
67:d6:40:78:44:76:a1:fa:2d:45:29:19:0b:f4:bb:fe:e5:33:
c4:9e:f0:a5:0d:a3:6d:85:a9:55:8d:35:fc:51:b5:53:92:f3:
e5:3c:a4:96:6b:02:66:86:0b:39:c8:fd:d4:5b:8c:f3:36:13:
7f:f6:2c:f2:71:34:57:f3:98:d6:02:f6:45:97:5c:b7:ef:a0:
23:bb:eb:ce:15:ef:dd:18:0d:19:2b:d0:0a:83:5b:74:80:09:
1b:17:63:8b:82:bd:f7:d6:84:24:dc:7f:84:c8:0b:a2:46:91:
16:cf:2e:0b:56:d5:07:30:1c:3d:68:12:fe:44:cc:01:fe:3d:
d0:7b:c0:d1:00:5a:75:e4:ad:e6:68:50:dd:8d:91:eb:64:bc:
c5:99:04:1f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYulZ/eyC93Rh+nEHVG2Vwa2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA2MTYxMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTQ5OTFkMzgyYzliNzYyZjYxOTY1ODIyNzgzYmRmZWZhYzU2NTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxES8YACndyVXmR+sXPngxb6eH+9
BTIzkQJy9OYTMer6g5F2GvtTlNv5np8wvhF3rFq+nwC7E9enxfalOKpckbdmJV0z
P+Kj2n0qfkfiPTKjafwETVrHSMGr9e5nUMQvJYOvcpYHRWqti4GQI5+aPpmd5ZXs
Qwc/iozHmqjZ6+Ke1Nv1prVXsH7kZ3Md1HQcWDoDBv9T999j6yk1CV8UkkRXey4x
dhnAxTC9lI/xnhMMYjHkwg96kiagp1dbKKI52cNLxQsgm2QYmbN2+22zEKT1HWP+
s0p2qhB4/205ccljJX7TKDjMea2SuTLlRKQHT9M6Up9faUqYsuYL3xXibQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJlJkdOCybdi9hllgieDvf76xWUPMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbVVtUjA0TEp0MkwyR1dXQ0o0TzlfdnJGWlE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC/jNSImIUFVtrwqD88z
3A1zFa9bMQsKczh8SHP3Pa8pwVDBaAtyPoTBUpjo5gWR/JPxuRBmvFZilPFheX0A
fqyXZWCE/mI88ylB84qxAssZb5S1aFHU43h/5sg8AA0Dx6MdVvGkmo9DBA0KV2fW
QHhEdqH6LUUpGQv0u/7lM8Se8KUNo22FqVWNNfxRtVOS8+U8pJZrAmaGCznI/dRb
jPM2E3/2LPJxNFfzmNYC9kWXXLfvoCO7684V790YDRkr0AqDW3SACRsXY4uCvffW
hCTcf4TIC6JGkRbPLgtW1QcwHD1oEv5EzAH+PdB7wNEAWnXkreZoUN2NketkvMWZ
BB8=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:45:55 2025 by rpki-client