Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pAmCeK2OJ-G2Ux3UYCXj_Jkgxvg.roa
File: pAmCeK2OJ-G2Ux3UYCXj_Jkgxvg.roa (raw, json)
Hash identifier: m0ARn6UklQwGEyZDHa2j8iHmTRC2A1JESqD//sNP194=
Subject key identifier: A4:09:82:78:AD:8E:27:E1:B6:53:1D:D4:60:25:E3:FC:99:20:C6:F8
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B0D4A6F1D9C9C5529E546F1FE0941B16F
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pAmCeK2OJ-G2Ux3UYCXj_Jkgxvg.roa
Signing time: Sun 08 Oct 2023 03:17:43 +0000
ROA not before: Sun 08 Oct 2023 03:17:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:0d:4a:6f:1d:9c:9c:55:29:e5:46:f1:fe:09:41:b1:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 8 03:17:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4098278ad8e27e1b6531dd46025e3fc9920c6f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:21:84:34:bc:e5:46:12:aa:2d:2b:8a:ff:e3:
9c:71:85:33:f7:51:21:88:70:0a:56:ff:40:82:3f:
23:90:a5:5f:d8:54:ce:a3:c5:8d:1f:d4:e8:ca:0a:
b3:70:93:77:2f:10:3b:f2:8c:4c:ba:b2:5b:14:61:
d9:89:bc:6d:a2:f1:5e:d2:ca:19:24:f6:79:81:48:
90:92:e5:a2:72:d5:d6:34:8c:2d:ff:18:a5:cd:9e:
99:d7:d0:a2:bd:34:cb:87:f6:c0:10:07:f1:ee:d4:
44:14:33:1e:56:5b:f0:e7:1b:6c:8c:bc:c8:6a:60:
90:95:bf:90:d4:e4:32:33:2c:04:12:dc:44:e9:e4:
7b:fe:b9:27:80:4d:9e:5e:7e:51:22:55:72:44:c4:
5e:c5:b6:54:ed:90:47:91:22:a9:f8:21:f1:4a:93:
16:ed:cd:6c:be:b8:1a:8d:c3:3b:8b:6b:5b:51:ba:
d5:a6:04:65:e9:9f:63:b1:ae:8d:d0:d7:a5:7f:47:
14:ca:6f:7d:59:60:2c:74:dd:0e:8a:1f:7d:20:66:
35:1a:58:21:16:83:d4:68:7a:31:af:61:ee:85:57:
5f:64:20:56:93:01:34:af:88:4a:a6:02:c9:75:d1:
58:7f:86:02:9b:a0:3f:bf:ad:4c:85:c8:ba:5b:6b:
1d:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:09:82:78:AD:8E:27:E1:B6:53:1D:D4:60:25:E3:FC:99:20:C6:F8
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pAmCeK2OJ-G2Ux3UYCXj_Jkgxvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
62:bf:26:0a:eb:75:a4:cb:94:5b:cc:7e:04:c5:89:aa:3f:12:
4d:88:e8:d3:0f:de:ea:46:ce:b3:0d:a3:97:d6:a4:91:c4:51:
1a:85:77:ac:f0:7d:bb:ba:25:1c:49:31:68:5b:41:ff:14:ab:
d5:2c:18:48:2d:a2:4c:77:ef:20:a2:20:01:c5:f0:db:88:e4:
45:f5:cf:86:cb:12:08:ea:09:be:79:d7:13:29:0e:f0:59:dd:
b8:07:f9:af:77:9e:b0:04:76:aa:24:46:9c:87:c5:7a:aa:fb:
58:ad:3f:fe:31:94:4e:ca:b1:b2:a0:f1:70:25:ea:4b:7b:77:
f2:d3:2a:72:d5:56:46:54:d8:11:80:fc:cc:e9:66:db:f4:5c:
e1:13:d9:b4:c9:41:b8:54:63:cf:db:01:06:58:f9:9e:ed:1e:
32:1e:16:78:f5:08:a5:29:9e:2a:98:d2:d2:ed:89:b1:9c:7e:
18:49:39:19:db:6c:61:b2:8b:80:ba:1d:91:b5:67:8f:e0:1e:
16:2b:fe:76:b9:c8:c6:7b:9d:8f:97:f2:5c:49:3b:73:09:b1:
f4:ac:7c:ee:4d:8f:a1:9f:fb:f1:44:35:bf:c2:82:48:4b:01:
50:b2:3d:b6:2d:d6:59:8d:fe:13:8c:60:48:b0:c8:cf:7b:5e:
2b:6b:dd:02
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsNSm8dnJxVKeVG8f4JQbFvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA4MDMxNzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDA5ODI3OGFkOGUyN2UxYjY1MzFkZDQ2MDI1ZTNmYzk5MjBjNmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4CGENLzlRhKqLSuK/+OccYUz91Eh
iHAKVv9Agj8jkKVf2FTOo8WNH9ToygqzcJN3LxA78oxMurJbFGHZibxtovFe0soZ
JPZ5gUiQkuWictXWNIwt/xilzZ6Z19CivTTLh/bAEAfx7tREFDMeVlvw5xtsjLzI
amCQlb+Q1OQyMywEEtxE6eR7/rkngE2eXn5RIlVyRMRexbZU7ZBHkSKp+CHxSpMW
7c1svrgajcM7i2tbUbrVpgRl6Z9jsa6N0Nelf0cUym99WWAsdN0Oih99IGY1Glgh
FoPUaHoxr2HuhVdfZCBWkwE0r4hKpgLJddFYf4YCm6A/v61Mhci6W2sdpwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKQJgnitjifhtlMd1GAl4/yZIMb4MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvcEFtQ2VLMk9KLUcyVXgzVVlDWGpfSmtneHZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGK/JgrrdaTLlFvMfgTF
iao/Ek2I6NMP3upGzrMNo5fWpJHEURqFd6zwfbu6JRxJMWhbQf8Uq9UsGEgtokx3
7yCiIAHF8NuI5EX1z4bLEgjqCb551xMpDvBZ3bgH+a93nrAEdqokRpyHxXqq+1it
P/4xlE7KsbKg8XAl6kt7d/LTKnLVVkZU2BGA/MzpZtv0XOET2bTJQbhUY8/bAQZY
+Z7tHjIeFnj1CKUpniqY0tLtibGcfhhJORnbbGGyi4C6HZG1Z4/gHhYr/na5yMZ7
nY+X8lxJO3MJsfSsfO5Nj6Gf+/FENb/CgkhLAVCyPbYt1lmN/hOMYEiwyM97Xitr
3QI=
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:41:36 2025 by rpki-client