Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ntoqrc5vXTP_ayX9Ib6qDBPqygM.roa
File: ntoqrc5vXTP_ayX9Ib6qDBPqygM.roa (raw, json)
Hash identifier: o6vXangbol3UxhJ7ct90ygt0qBZmo701jujiKX6n4WI=
Subject key identifier: 9E:DA:2A:AD:CE:6F:5D:33:FF:6B:25:FD:21:BE:AA:0C:13:EA:CA:03
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C4385DB1D0C42DFFCDDD5D9F10C56A3B4
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ntoqrc5vXTP_ayX9Ib6qDBPqygM.roa
Signing time: Thu 07 Dec 2023 09:04:55 +0000
ROA not before: Thu 07 Dec 2023 09:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:4385:4cd4/128 maxlen: 128
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:43:85:db:1d:0c:42:df:fc:dd:d5:d9:f1:0c:56:a3:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 7 09:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9eda2aadce6f5d33ff6b25fd21beaa0c13eaca03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b7:27:91:f3:c3:98:71:0f:4d:4c:e0:15:bd:
db:8d:05:42:4c:8a:87:16:bc:27:ef:b2:18:c6:ed:
9b:d8:77:e3:3c:d3:84:e7:25:43:f1:f4:2b:ee:78:
b9:27:33:8c:3e:e0:85:80:39:ca:b0:c0:59:41:53:
f8:8e:94:3c:0e:a8:64:ce:8e:5c:4a:34:2a:59:34:
95:0f:bd:51:e6:c5:5e:3e:bb:70:06:53:71:76:48:
d8:9b:66:0f:c9:12:c8:32:1d:bd:78:e5:6b:86:1b:
04:93:1c:a1:af:17:8d:b2:cf:c1:33:f8:59:34:0d:
3c:ff:d9:eb:d6:e3:90:8a:38:73:1a:51:f7:30:69:
a1:25:e3:42:60:bb:a1:2a:9a:5f:71:76:da:38:e7:
39:93:51:90:52:ef:ce:4f:51:c7:8a:ff:16:49:76:
b2:42:2f:c6:38:7f:60:1d:6e:70:8f:37:84:8e:5d:
76:5c:7c:38:83:3c:d2:f2:8a:99:d6:14:d6:68:eb:
c3:f3:2f:62:00:53:79:a5:e5:29:00:64:cd:ae:74:
28:6f:f1:79:dd:12:3a:c5:a3:29:7b:2b:ec:0c:41:
ff:b7:0c:8d:dd:3c:27:01:c0:c4:57:1a:b0:97:bc:
9f:84:08:a0:49:ee:df:de:c5:f2:61:32:6d:ed:fb:
bc:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:DA:2A:AD:CE:6F:5D:33:FF:6B:25:FD:21:BE:AA:0C:13:EA:CA:03
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ntoqrc5vXTP_ayX9Ib6qDBPqygM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
89:b2:a1:65:16:ae:4b:20:a4:dd:18:8f:6c:1a:1b:ba:c5:a3:
40:1d:0a:ee:87:50:bf:77:76:ab:67:53:18:92:41:9b:d1:68:
d9:86:6c:e1:b7:63:75:81:29:b4:2d:13:b5:ac:32:d4:af:60:
3c:63:2c:8f:60:a4:03:fd:9e:26:12:73:fa:83:20:2d:16:97:
2c:20:f5:06:1c:31:ee:d5:d6:27:7c:36:da:2b:42:e5:88:fd:
4b:7d:a0:ad:1c:42:6b:d2:38:ad:0e:cc:3a:55:f9:61:14:0b:
cb:72:5f:fa:09:f3:90:50:15:af:98:91:7e:af:2d:62:3e:d6:
c4:90:3e:99:af:62:e1:da:d0:c2:4d:f2:b8:e9:4f:fe:78:59:
4b:c8:61:16:a1:50:50:67:54:3c:de:37:11:23:21:45:46:e8:
e5:94:13:bc:9c:35:08:85:b7:52:86:61:ab:bb:f7:9a:16:20:
da:22:3e:bf:98:6a:81:6b:e8:bf:66:84:9f:68:93:8a:7b:17:
25:b2:05:dd:48:e4:3f:74:2e:cd:08:fe:72:27:73:17:a9:64:
ee:7b:98:45:aa:ff:dc:ec:59:80:dd:50:01:bc:a7:63:60:0d:
d2:23:08:20:4d:ff:8f:63:52:89:3a:53:66:19:94:ba:4a:55:
38:e4:2b:59
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxDhdsdDELf/N3V2fEMVqO0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA3MDkwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWRhMmFhZGNlNmY1ZDMzZmY2YjI1ZmQyMWJlYWEwYzEzZWFjYTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0LcnkfPDmHEPTUzgFb3bjQVCTIqH
Frwn77IYxu2b2HfjPNOE5yVD8fQr7ni5JzOMPuCFgDnKsMBZQVP4jpQ8Dqhkzo5c
SjQqWTSVD71R5sVePrtwBlNxdkjYm2YPyRLIMh29eOVrhhsEkxyhrxeNss/BM/hZ
NA08/9nr1uOQijhzGlH3MGmhJeNCYLuhKppfcXbaOOc5k1GQUu/OT1HHiv8WSXay
Qi/GOH9gHW5wjzeEjl12XHw4gzzS8oqZ1hTWaOvD8y9iAFN5peUpAGTNrnQob/F5
3RI6xaMpeyvsDEH/twyN3TwnAcDEVxqwl7yfhAigSe7f3sXyYTJt7fu8XQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ7aKq3Ob10z/2sl/SG+qgwT6soDMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbnRvcXJjNXZYVFBfYXlYOUliNnFEQlBxeWdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAImyoWUWrksgpN0Yj2wa
G7rFo0AdCu6HUL93dqtnUxiSQZvRaNmGbOG3Y3WBKbQtE7WsMtSvYDxjLI9gpAP9
niYSc/qDIC0Wlywg9QYcMe7V1id8NtorQuWI/Ut9oK0cQmvSOK0OzDpV+WEUC8ty
X/oJ85BQFa+YkX6vLWI+1sSQPpmvYuHa0MJN8rjpT/54WUvIYRahUFBnVDzeNxEj
IUVG6OWUE7ycNQiFt1KGYau795oWINoiPr+YaoFr6L9mhJ9ok4p7FyWyBd1I5D90
Ls0I/nIncxepZO57mEWq/9zsWYDdUAG8p2NgDdIjCCBN/49jUok6U2YZlLpKVTjk
K1k=
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:48:20 2025 by rpki-client