Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/nIck2aUuHYhL2ZQ6du8B6gUod2U.roa
File: nIck2aUuHYhL2ZQ6du8B6gUod2U.roa (raw, json)
Hash identifier: L2LLusR+tYi2lYXlxZbjl1aaMAUCt0GNhFKkuO118xs=
Subject key identifier: 9C:87:24:D9:A5:2E:1D:88:4B:D9:94:3A:76:EF:01:EA:05:28:77:65
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C83480C83C175C371D52B9FCEFF2B7DBA
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/nIck2aUuHYhL2ZQ6du8B6gUod2U.roa
Signing time: Tue 19 Dec 2023 18:13:06 +0000
ROA not before: Tue 19 Dec 2023 18:13:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:83:48:0c:83:c1:75:c3:71:d5:2b:9f:ce:ff:2b:7d:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 19 18:13:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c8724d9a52e1d884bd9943a76ef01ea05287765
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:71:cd:93:7c:3c:6f:e6:6b:e7:26:f4:e1:77:
38:0b:6c:a0:64:01:c8:de:38:58:e0:36:21:8b:3f:
2b:22:45:9a:93:e3:f9:33:dd:19:15:d2:5f:78:c2:
48:42:b6:fe:f2:5a:92:4e:48:db:c3:37:f0:d3:b2:
98:83:2f:4b:bf:ac:b8:99:1d:93:30:ff:4c:ef:79:
e7:d7:e2:c9:24:9b:b2:15:cd:1a:f8:b4:87:30:eb:
43:4a:3f:81:36:22:84:bc:6f:e4:ae:7d:98:15:74:
92:0c:c2:df:28:10:c3:ee:47:d9:07:e0:37:6b:ab:
31:f9:92:ed:bd:03:63:35:91:8f:51:ab:47:f0:9d:
3f:73:d3:e3:67:58:74:ea:6b:44:11:fd:ef:32:14:
b7:8c:15:88:49:8f:2f:9a:a1:1d:bb:48:41:a3:f3:
b5:9d:d0:e9:3a:54:8b:17:cf:f4:0f:26:17:4c:7c:
a7:1d:03:1b:08:22:2d:79:99:37:d5:d0:72:3b:88:
bb:a9:7e:88:d0:ed:59:88:f7:77:3e:46:4b:77:41:
ea:2e:ed:5f:25:4e:d7:a1:71:e0:63:08:85:a9:d6:
17:43:33:55:0e:55:57:bb:6d:d5:90:65:35:cd:d3:
24:5c:24:08:53:3b:13:80:38:d6:a2:a7:c0:4d:db:
13:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:87:24:D9:A5:2E:1D:88:4B:D9:94:3A:76:EF:01:EA:05:28:77:65
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/nIck2aUuHYhL2ZQ6du8B6gUod2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4d:b6:6c:3b:58:87:cc:f8:51:f6:99:95:74:0c:0e:11:d0:53:
19:03:41:36:07:a4:dc:bc:11:9e:c6:74:e9:7b:6d:5d:16:c7:
04:38:ba:15:bd:d6:58:30:0d:cc:7f:47:1c:0b:3a:5c:42:21:
c8:d6:79:9b:cd:6d:e5:ba:bf:0a:36:ac:14:af:1e:12:fa:21:
ab:9d:67:6e:bb:ab:89:4d:94:44:4e:9d:c9:e2:88:2f:53:1c:
84:db:9d:03:54:6e:45:7f:e1:cd:75:71:f4:44:52:48:fd:95:
15:9d:eb:ce:6b:e0:bd:b4:ab:86:b3:31:ab:57:c2:aa:bc:6d:
4d:4f:63:4a:e3:15:53:e6:04:51:45:15:3f:07:38:af:fd:15:
ec:ac:44:9f:99:8e:9c:52:e0:ab:7a:12:36:3c:7a:48:78:25:
7b:c9:3e:db:c6:34:a2:47:b5:4a:50:3b:20:fb:de:57:ca:30:
d6:26:18:ff:4f:8a:40:0d:1a:01:fc:0c:44:46:fd:a5:40:88:
a5:91:9c:cd:d2:0d:33:37:44:66:67:67:0d:18:2d:3f:0d:3c:
f1:66:38:ff:94:06:60:60:6f:95:40:1e:51:34:8a:bc:d4:50:
95:21:77:20:26:29:55:f6:30:7d:08:39:05:e1:74:5c:ff:36:
94:55:7f:a2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyDSAyDwXXDcdUrn87/K326MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE5MTgxMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yzg3MjRkOWE1MmUxZDg4NGJkOTk0M2E3NmVmMDFlYTA1Mjg3NzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXHNk3w8b+Zr5yb04Xc4C2ygZAHI
3jhY4DYhiz8rIkWak+P5M90ZFdJfeMJIQrb+8lqSTkjbwzfw07KYgy9Lv6y4mR2T
MP9M73nn1+LJJJuyFc0a+LSHMOtDSj+BNiKEvG/krn2YFXSSDMLfKBDD7kfZB+A3
a6sx+ZLtvQNjNZGPUatH8J0/c9PjZ1h06mtEEf3vMhS3jBWISY8vmqEdu0hBo/O1
ndDpOlSLF8/0DyYXTHynHQMbCCIteZk31dByO4i7qX6I0O1ZiPd3PkZLd0HqLu1f
JU7XoXHgYwiFqdYXQzNVDlVXu23VkGU1zdMkXCQIUzsTgDjWoqfATdsTiwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJyHJNmlLh2IS9mUOnbvAeoFKHdlMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbkljazJhVXVIWWhMMlpRNmR1OEI2Z1VvZDJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE22bDtYh8z4UfaZlXQM
DhHQUxkDQTYHpNy8EZ7GdOl7bV0WxwQ4uhW91lgwDcx/RxwLOlxCIcjWeZvNbeW6
vwo2rBSvHhL6IaudZ267q4lNlEROncniiC9THITbnQNUbkV/4c11cfREUkj9lRWd
685r4L20q4azMatXwqq8bU1PY0rjFVPmBFFFFT8HOK/9FeysRJ+ZjpxS4Kt6EjY8
ekh4JXvJPtvGNKJHtUpQOyD73lfKMNYmGP9PikANGgH8DERG/aVAiKWRnM3SDTM3
RGZnZw0YLT8NPPFmOP+UBmBgb5VAHlE0irzUUJUhdyAmKVX2MH0IOQXhdFz/NpRV
f6I=
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:33:38 2025 by rpki-client