Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/n3szK748T2Zb_QnOIQQL7eI8q4I.roa
File: n3szK748T2Zb_QnOIQQL7eI8q4I.roa (raw, json)
Hash identifier: cSyDLpvNd4PeaLfdlkI3WNzT2kWtnEvtFC9F8PWA944=
Subject key identifier: 9F:7B:33:2B:BE:3C:4F:66:5B:FD:09:CE:21:04:0B:ED:E2:3C:AB:82
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B05FCEDB653A2D6E20D3A15B43D3A2EF6
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/n3szK748T2Zb_QnOIQQL7eI8q4I.roa
Signing time: Fri 06 Oct 2023 17:15:43 +0000
ROA not before: Fri 06 Oct 2023 17:15:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:05:fc:ed:b6:53:a2:d6:e2:0d:3a:15:b4:3d:3a:2e:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 6 17:15:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f7b332bbe3c4f665bfd09ce21040bede23cab82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d0:5a:d9:34:22:be:3c:48:a8:47:45:eb:50:
98:57:63:4c:c2:21:e0:dd:9c:25:2c:0b:68:a1:40:
8c:10:1d:ed:eb:5d:03:eb:2b:e1:d0:78:99:1a:28:
23:d6:d9:55:34:a7:a9:9a:d0:50:c7:2e:db:54:73:
63:0b:38:89:a0:f0:e0:7a:8a:c2:4e:99:24:c1:83:
f8:9f:a8:2c:63:c3:da:3b:71:81:20:7d:7d:2b:0d:
c3:ff:ec:60:ce:5c:5b:b1:ee:bd:60:68:ab:25:75:
18:f4:4a:85:02:9a:da:bf:7d:00:2e:7c:67:d9:e0:
7d:81:19:68:09:60:7f:08:7b:54:31:00:ca:0a:99:
4a:9e:9c:25:f6:ef:db:a4:db:48:7b:35:3e:8f:44:
c6:d5:45:7d:bb:f1:de:e6:1a:5b:47:04:2e:1c:73:
ae:5d:b6:5b:e0:db:86:41:79:aa:b2:c7:2a:37:5f:
ca:b1:eb:9e:ca:3a:63:69:36:fa:8a:19:23:a7:71:
25:2e:26:e4:ac:c4:54:37:79:f2:4a:8a:9d:d4:7d:
04:bb:22:58:29:35:c2:d1:e0:ba:8b:14:1d:42:8e:
e7:63:9e:0b:7c:6a:3a:d0:d7:4a:df:d0:ef:14:6f:
11:d6:c2:05:69:a6:80:a3:39:c9:5d:2a:a0:62:e9:
72:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:7B:33:2B:BE:3C:4F:66:5B:FD:09:CE:21:04:0B:ED:E2:3C:AB:82
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/n3szK748T2Zb_QnOIQQL7eI8q4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ac:39:b0:33:3f:70:55:fe:f4:db:9c:b5:77:28:45:30:e4:55:
ed:69:55:3e:4d:fb:4f:2a:2d:ad:ff:5a:51:85:2b:20:14:de:
19:11:72:89:58:f1:ea:7a:ea:ed:92:64:ab:c5:f9:0a:67:11:
47:1e:3f:b1:7e:08:04:0e:5b:ae:7d:3c:3c:83:40:04:29:93:
4c:23:34:01:d1:c1:f5:c1:4a:94:d8:5a:25:1e:12:02:bd:7d:
a0:e6:b2:20:e0:1d:18:8c:02:eb:d2:73:96:91:33:de:d5:fb:
40:73:1f:ba:71:98:f8:3e:8d:81:af:c0:16:45:16:cb:75:de:
bd:91:1c:51:c6:3f:56:43:0a:ad:6e:b9:12:8a:2d:af:7c:7d:
ee:26:11:4e:71:87:02:be:30:67:6b:78:17:85:21:14:a1:ca:
69:22:9c:ef:7b:75:19:bc:23:07:01:c2:95:95:c6:e8:92:0d:
de:b1:c7:4b:c0:10:da:e8:aa:7d:89:e0:14:1e:ca:15:4e:65:
76:ed:6a:6e:b2:ba:fb:51:64:68:a1:64:a3:08:2b:7e:ae:7f:
f7:bc:74:2f:de:a6:ab:db:b5:90:8b:b0:51:bc:02:c3:e0:dc:
85:9f:ed:94:94:43:20:ad:d3:61:15:86:11:14:20:3b:c5:44:
27:0c:7e:67
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsF/O22U6LW4g06FbQ9Oi72MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA2MTcxNTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjdiMzMyYmJlM2M0ZjY2NWJmZDA5Y2UyMTA0MGJlZGUyM2NhYjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtBa2TQivjxIqEdF61CYV2NMwiHg
3ZwlLAtooUCMEB3t610D6yvh0HiZGigj1tlVNKepmtBQxy7bVHNjCziJoPDgeorC
TpkkwYP4n6gsY8PaO3GBIH19Kw3D/+xgzlxbse69YGirJXUY9EqFAprav30ALnxn
2eB9gRloCWB/CHtUMQDKCplKnpwl9u/bpNtIezU+j0TG1UV9u/He5hpbRwQuHHOu
XbZb4NuGQXmqsscqN1/KseueyjpjaTb6ihkjp3ElLibkrMRUN3nySoqd1H0EuyJY
KTXC0eC6ixQdQo7nY54LfGo60NdK39DvFG8R1sIFaaaAoznJXSqgYulyFQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ97Myu+PE9mW/0JziEEC+3iPKuCMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbjNzeks3NDhUMlpiX1FuT0lRUUw3ZUk4cTRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKw5sDM/cFX+9NuctXco
RTDkVe1pVT5N+08qLa3/WlGFKyAU3hkRcolY8ep66u2SZKvF+QpnEUceP7F+CAQO
W659PDyDQAQpk0wjNAHRwfXBSpTYWiUeEgK9faDmsiDgHRiMAuvSc5aRM97V+0Bz
H7pxmPg+jYGvwBZFFst13r2RHFHGP1ZDCq1uuRKKLa98fe4mEU5xhwK+MGdreBeF
IRShymkinO97dRm8IwcBwpWVxuiSDd6xx0vAENroqn2J4BQeyhVOZXbtam6yuvtR
ZGihZKMIK36uf/e8dC/epqvbtZCLsFG8AsPg3IWf7ZSUQyCt02EVhhEUIDvFRCcM
fmc=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:11:16 2025 by rpki-client