Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/nLAyWpAophbcXyEpOvgAleODxVA.roa
File: nLAyWpAophbcXyEpOvgAleODxVA.roa (raw, json)
Hash identifier: FkSjljtyUEV9yo1nHxKUz0fUYB6/l6W+dsa3HyyB2mg=
Subject key identifier: 9C:B0:32:5A:90:28:A6:16:DC:5F:21:29:3A:F8:00:95:E3:83:C5:50
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B8981EFCA019F0CC3C8568B79D2AFFFE5
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/nLAyWpAophbcXyEpOvgAleODxVA.roa
Signing time: Wed 01 Nov 2023 06:11:15 +0000
ROA not before: Wed 01 Nov 2023 06:11:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:89:81:ef:ca:01:9f:0c:c3:c8:56:8b:79:d2:af:ff:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 1 06:11:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9cb0325a9028a616dc5f21293af80095e383c550
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:25:a2:8b:c3:07:c8:23:ed:61:97:81:8d:b0:
47:a4:64:a7:33:1a:c3:2a:67:2c:c3:38:dd:6f:94:
42:3a:ef:97:70:83:22:dd:b0:40:3f:10:57:ab:81:
dc:30:a6:1c:69:6f:f3:e7:a9:96:7c:c0:80:a3:23:
81:73:c2:7c:46:23:22:9e:24:66:61:5a:cd:cc:cf:
fb:17:00:a4:cc:13:6c:80:13:7c:be:09:14:33:48:
79:1f:3f:c4:a0:a5:b3:ff:c4:10:78:09:b1:7a:e0:
0a:12:8b:e7:ac:b6:47:40:c3:6e:62:9a:ea:de:34:
58:07:9a:f2:16:0b:ae:45:7c:26:9f:b6:50:1b:96:
7f:f4:73:b9:76:bf:57:dd:21:10:ba:23:6a:50:c0:
7c:fa:3c:13:ca:69:88:88:8e:88:c3:95:34:10:6a:
ff:6b:55:f3:a8:8b:29:8a:32:8a:00:20:c9:6f:ef:
6e:5c:e4:f3:02:f9:98:40:3d:02:8f:ea:bb:35:a1:
3e:e8:e3:bf:9a:9f:cc:76:c2:50:3d:36:8c:fc:80:
78:3a:4e:9d:5f:c7:3b:72:f8:c0:d9:13:e5:40:50:
40:24:9f:82:dc:5f:a8:59:b4:e2:f7:80:07:7e:31:
93:88:7c:f0:13:f6:d8:8a:f0:72:b1:82:c2:d6:da:
29:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:B0:32:5A:90:28:A6:16:DC:5F:21:29:3A:F8:00:95:E3:83:C5:50
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/nLAyWpAophbcXyEpOvgAleODxVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
23:d1:b6:a3:2c:94:93:0f:6e:63:f8:cf:84:f8:5f:a6:dd:c3:
4c:fe:14:5f:ca:99:33:58:30:bc:47:e0:91:98:71:45:e6:b3:
06:c4:55:d3:1f:20:c5:fd:ab:51:d8:4d:94:db:39:fa:03:ea:
3c:6c:8a:1d:57:23:bf:fc:63:03:39:25:55:cf:d3:5b:7d:f3:
88:b5:24:4e:37:11:c1:d1:74:fa:70:61:5c:8d:b6:79:6e:0c:
a1:87:ac:19:f0:76:c7:ff:27:17:3e:fe:bf:5f:40:54:af:57:
bb:96:ce:4e:52:d5:f8:8b:8b:1e:e2:5a:59:3b:e5:cd:16:4a:
21:35:b7:82:8b:4f:d2:dc:05:4b:73:95:5f:c6:df:cf:60:ef:
08:3b:6c:a0:08:24:ae:d3:f6:5f:d9:aa:08:ca:ec:35:c4:85:
12:c6:5e:aa:3c:fb:e4:e9:25:e4:c5:7f:87:fc:d8:0f:6e:46:
7c:44:e8:fb:54:3a:e6:a0:2f:98:47:ec:e4:9c:c5:d3:1a:7f:
91:13:7e:ca:64:6e:da:07:12:83:e0:6b:66:94:c9:37:a1:1b:
bc:6e:6e:6b:43:ec:8e:36:75:6a:4a:5d:0d:77:27:2d:95:50:
7c:c3:ca:07:ab:76:28:b8:a8:7e:f5:62:6a:2f:b7:76:12:e8:
cc:68:36:37
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuJge/KAZ8Mw8hWi3nSr//lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTAxMDYxMTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2IwMzI1YTkwMjhhNjE2ZGM1ZjIxMjkzYWY4MDA5NWUzODNjNTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1CWii8MHyCPtYZeBjbBHpGSnMxrD
Kmcswzjdb5RCOu+XcIMi3bBAPxBXq4HcMKYcaW/z56mWfMCAoyOBc8J8RiMiniRm
YVrNzM/7FwCkzBNsgBN8vgkUM0h5Hz/EoKWz/8QQeAmxeuAKEovnrLZHQMNuYprq
3jRYB5ryFguuRXwmn7ZQG5Z/9HO5dr9X3SEQuiNqUMB8+jwTymmIiI6Iw5U0EGr/
a1XzqIspijKKACDJb+9uXOTzAvmYQD0Cj+q7NaE+6OO/mp/MdsJQPTaM/IB4Ok6d
X8c7cvjA2RPlQFBAJJ+C3F+oWbTi94AHfjGTiHzwE/bYivBysYLC1topxwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJywMlqQKKYW3F8hKTr4AJXjg8VQMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbkxBeVdwQW9waGJjWHlFcE92Z0FsZU9EeFZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACPRtqMslJMPbmP4z4T4
X6bdw0z+FF/KmTNYMLxH4JGYcUXmswbEVdMfIMX9q1HYTZTbOfoD6jxsih1XI7/8
YwM5JVXP01t984i1JE43EcHRdPpwYVyNtnluDKGHrBnwdsf/Jxc+/r9fQFSvV7uW
zk5S1fiLix7iWlk75c0WSiE1t4KLT9LcBUtzlV/G389g7wg7bKAIJK7T9l/ZqgjK
7DXEhRLGXqo8++TpJeTFf4f82A9uRnxE6PtUOuagL5hH7OScxdMaf5ETfspkbtoH
EoPga2aUyTehG7xubmtD7I42dWpKXQ13Jy2VUHzDygerdii4qH71Ymovt3YS6Mxo
Njc=
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:26:10 2025 by rpki-client