Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/nA4opJXR3UuHqJk4SG0uZYrWRxA.roa
File: nA4opJXR3UuHqJk4SG0uZYrWRxA.roa (raw, json)
Hash identifier: Mk/D95OryrqAiW7HQZH3LryznN/W8BHB2PlFy7o0Whg=
Subject key identifier: 9C:0E:28:A4:95:D1:DD:4B:87:A8:99:38:48:6D:2E:65:8A:D6:47:10
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C6F8B4140EF016F98F65687EFDC8A66EC
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/nA4opJXR3UuHqJk4SG0uZYrWRxA.roa
Signing time: Fri 15 Dec 2023 22:14:06 +0000
ROA not before: Fri 15 Dec 2023 22:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6f:8b:41:40:ef:01:6f:98:f6:56:87:ef:dc:8a:66:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 15 22:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c0e28a495d1dd4b87a89938486d2e658ad64710
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:0b:a5:90:f2:4c:87:b2:21:9a:ea:f7:df:3b:
46:01:43:66:67:b7:44:85:e6:9b:0d:9d:cb:29:a7:
e7:1e:77:1d:21:a5:9a:72:d3:cd:76:2b:ee:7f:cf:
14:2d:78:0b:85:f5:fc:9c:d3:15:38:61:43:e3:86:
65:46:90:73:80:44:15:02:cb:e1:6c:fb:f8:e1:f9:
90:1f:59:60:81:d3:b0:78:c6:85:15:fb:52:bf:fc:
db:cf:57:5f:6d:2a:bb:b6:4e:9d:b7:64:1c:c9:1b:
2f:44:46:6b:4f:98:9d:61:4d:89:1f:a3:51:19:e8:
f9:90:27:0c:dd:5b:db:bd:29:72:12:8d:49:da:29:
61:db:0d:12:d0:93:5a:08:03:b0:26:64:33:64:c1:
58:c8:79:4a:86:6e:40:ad:a1:51:75:03:1c:03:34:
15:82:87:2c:31:67:3f:1b:98:0b:eb:47:ae:73:3d:
ea:17:79:d9:c3:b9:ad:75:f2:7c:7a:f8:37:af:54:
55:69:f6:d7:f9:db:3b:c5:89:a1:50:b6:27:54:ee:
4b:02:2a:40:38:2c:bb:1d:ae:3b:43:5a:bb:27:a6:
85:2a:69:6f:3b:2e:99:ec:0d:b9:6b:9b:fe:7b:67:
00:f6:9a:4b:b6:d4:7c:6f:49:a6:70:ab:d8:df:04:
ac:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:0E:28:A4:95:D1:DD:4B:87:A8:99:38:48:6D:2E:65:8A:D6:47:10
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/nA4opJXR3UuHqJk4SG0uZYrWRxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
38:80:94:ac:ce:98:58:34:b2:4b:fe:af:5a:52:66:86:f2:8d:
93:c0:ee:ea:8d:d4:5b:41:e7:9e:4d:47:1d:04:ab:cd:89:21:
5e:cd:9e:d9:f4:10:9d:8e:f1:f5:26:6f:e8:bd:d8:83:bb:29:
5d:fb:3d:81:63:fa:dc:f1:de:a5:53:0e:dc:39:b2:5e:75:d6:
68:88:44:bd:cd:d3:b2:b1:ae:6b:bc:cd:fb:12:42:9b:9a:91:
ab:36:3e:ec:7d:62:ab:15:a5:46:7d:d5:7d:6a:47:ef:5d:24:
48:14:cf:1e:73:2d:d4:2e:97:42:49:96:39:87:d2:5e:5d:95:
7d:fb:d8:bd:42:18:ff:81:49:4d:e7:0a:87:c6:11:1f:78:07:
f1:d1:b7:8f:75:2a:50:40:13:49:a4:2e:2e:88:69:5a:d0:28:
7e:8b:5f:0a:1e:96:36:7e:27:b9:d7:ed:01:53:c6:15:9e:7e:
26:25:fd:39:3f:d5:7f:c5:74:dd:ef:4a:5e:50:53:0e:25:34:
57:df:4e:63:65:42:8e:7d:16:66:dd:b9:4f:7a:8b:ce:f5:d7:
9f:ff:7d:21:70:79:9f:8b:e1:00:92:3e:74:8e:7d:52:f9:3b:
cf:32:5b:fa:9c:8f:d8:5a:41:5f:ac:ef:03:23:25:c4:de:61:
d7:43:4f:0c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxvi0FA7wFvmPZWh+/cimbsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE1MjIxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzBlMjhhNDk1ZDFkZDRiODdhODk5Mzg0ODZkMmU2NThhZDY0NzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQulkPJMh7Ihmur33ztGAUNmZ7dE
heabDZ3LKafnHncdIaWactPNdivuf88ULXgLhfX8nNMVOGFD44ZlRpBzgEQVAsvh
bPv44fmQH1lggdOweMaFFftSv/zbz1dfbSq7tk6dt2QcyRsvREZrT5idYU2JH6NR
Gej5kCcM3VvbvSlyEo1J2ilh2w0S0JNaCAOwJmQzZMFYyHlKhm5AraFRdQMcAzQV
gocsMWc/G5gL60eucz3qF3nZw7mtdfJ8evg3r1RVafbX+ds7xYmhULYnVO5LAipA
OCy7Ha47Q1q7J6aFKmlvOy6Z7A25a5v+e2cA9ppLttR8b0mmcKvY3wSsgQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJwOKKSV0d1Lh6iZOEhtLmWK1kcQMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbkE0b3BKWFIzVXVIcUprNFNHMHVaWXJXUnhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADiAlKzOmFg0skv+r1pS
ZobyjZPA7uqN1FtB555NRx0Eq82JIV7Nntn0EJ2O8fUmb+i92IO7KV37PYFj+tzx
3qVTDtw5sl511miIRL3N07Kxrmu8zfsSQpuakas2Pux9YqsVpUZ91X1qR+9dJEgU
zx5zLdQul0JJljmH0l5dlX372L1CGP+BSU3nCofGER94B/HRt491KlBAE0mkLi6I
aVrQKH6LXwoeljZ+J7nX7QFTxhWefiYl/Tk/1X/FdN3vSl5QUw4lNFffTmNlQo59
FmbduU96i87115//fSFweZ+L4QCSPnSOfVL5O88yW/qcj9haQV+s7wMjJcTeYddD
Tww=
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:36:13 2025 by rpki-client