Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pSSb_4QgncV-KmfJXGwc_EGTqBY.roa
File: pSSb_4QgncV-KmfJXGwc_EGTqBY.roa (raw, json)
Hash identifier: lDKXCEJ8sJsz4kjnMGRUz7+rQDeOxs9bj7GKqrVTdTY=
Subject key identifier: A5:24:9B:FF:84:20:9D:C5:7E:2A:67:C9:5C:6C:1C:FC:41:93:A8:16
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BA78B74B3CAD85828FF7787571868077C
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pSSb_4QgncV-KmfJXGwc_EGTqBY.roa
Signing time: Tue 07 Nov 2023 02:10:16 +0000
ROA not before: Tue 07 Nov 2023 02:10:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a7:8b:74:b3:ca:d8:58:28:ff:77:87:57:18:68:07:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 7 02:10:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5249bff84209dc57e2a67c95c6c1cfc4193a816
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:85:1c:9f:ea:3f:a7:dd:7b:e2:42:41:7e:b8:
70:d1:3d:06:fd:79:10:20:b0:dd:1b:1a:62:5c:28:
7f:6e:6f:f0:19:45:a6:33:25:b5:15:cb:de:f4:e0:
03:53:d9:49:a3:d9:e0:6c:90:45:ea:f4:7e:8a:5a:
28:4f:5a:0f:59:b0:4b:00:e9:2b:d6:51:cb:f2:63:
8b:3a:7c:02:bc:d6:e2:ab:7e:99:98:84:f4:3c:c9:
44:d8:13:d6:93:b0:85:ee:e5:b1:4c:68:c1:57:00:
5c:a7:3b:fe:1a:ed:86:49:db:36:02:7a:46:ea:82:
ef:7b:6c:f3:65:68:83:33:9c:8a:49:21:04:fa:82:
4a:99:d0:f7:86:40:87:12:ba:97:7b:c0:15:c5:cd:
46:13:e4:d6:be:fc:6d:13:4e:e2:c2:97:ad:38:55:
71:a2:d5:9e:18:32:a2:81:1d:03:50:a7:f0:8f:65:
5e:65:44:32:95:51:03:eb:07:4f:4e:55:07:29:fb:
be:a4:2f:15:80:48:40:8d:25:05:2f:12:b8:87:d2:
95:3c:74:8b:68:9c:74:c3:0d:86:b4:ad:8d:fe:60:
84:f2:3f:6f:11:6b:94:82:20:7e:4b:8c:75:1e:eb:
fd:4a:01:18:da:50:93:fa:ac:3b:74:88:f4:a8:d5:
a2:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:24:9B:FF:84:20:9D:C5:7E:2A:67:C9:5C:6C:1C:FC:41:93:A8:16
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pSSb_4QgncV-KmfJXGwc_EGTqBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
98:3f:57:2a:cb:36:4b:ab:49:41:8e:2d:de:e7:90:4b:6d:b5:
9e:ea:e9:33:0b:a3:6a:30:e4:78:c7:23:4b:8a:82:a9:7c:cf:
58:11:8f:99:15:4c:3e:72:3d:2c:28:3e:58:da:d3:cb:b3:5c:
e1:61:1d:ea:2f:3b:cc:5a:48:2d:27:d1:fe:3c:71:01:b6:cc:
07:8c:76:ce:45:13:df:1c:69:eb:bf:0f:d2:e2:45:67:59:53:
55:8a:77:a4:fa:8a:0f:2c:a8:9e:6d:e6:04:73:92:d2:c6:35:
1c:0e:ca:0a:76:d9:9d:ed:ea:64:fe:a5:f8:a0:1c:53:6e:ec:
a9:5b:b6:47:37:04:9c:4f:49:a3:a5:21:fa:a4:3b:b7:47:19:
22:c5:9e:31:14:63:9d:56:38:20:a0:76:5e:e0:88:11:17:7c:
a3:f1:18:5d:f2:2e:34:d8:7b:68:84:90:fe:3e:f5:6e:ad:b0:
48:7d:eb:46:81:a8:71:1c:d5:de:71:08:af:32:c1:5b:2a:70:
a0:19:aa:49:a7:5e:43:be:35:28:15:cf:73:56:a0:26:72:30:
a5:4d:e3:2f:bd:2b:8c:8f:e8:52:2b:55:91:42:45:7d:9a:58:
ce:0e:0b:12:24:ba:a1:5d:a5:25:73:64:20:99:b0:ae:e9:cf:
22:4e:03:2d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuni3SzythYKP93h1cYaAd8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA3MDIxMDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTI0OWJmZjg0MjA5ZGM1N2UyYTY3Yzk1YzZjMWNmYzQxOTNhODE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5oUcn+o/p9174kJBfrhw0T0G/XkQ
ILDdGxpiXCh/bm/wGUWmMyW1Fcve9OADU9lJo9ngbJBF6vR+ilooT1oPWbBLAOkr
1lHL8mOLOnwCvNbiq36ZmIT0PMlE2BPWk7CF7uWxTGjBVwBcpzv+Gu2GSds2AnpG
6oLve2zzZWiDM5yKSSEE+oJKmdD3hkCHErqXe8AVxc1GE+TWvvxtE07iwpetOFVx
otWeGDKigR0DUKfwj2VeZUQylVED6wdPTlUHKfu+pC8VgEhAjSUFLxK4h9KVPHSL
aJx0ww2GtK2N/mCE8j9vEWuUgiB+S4x1Huv9SgEY2lCT+qw7dIj0qNWiewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKUkm/+EIJ3FfipnyVxsHPxBk6gWMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvcFNTYl80UWduY1YtS21mSlhHd2NfRUdUcUJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJg/VyrLNkurSUGOLd7n
kEtttZ7q6TMLo2ow5HjHI0uKgql8z1gRj5kVTD5yPSwoPlja08uzXOFhHeovO8xa
SC0n0f48cQG2zAeMds5FE98caeu/D9LiRWdZU1WKd6T6ig8sqJ5t5gRzktLGNRwO
ygp22Z3t6mT+pfigHFNu7Klbtkc3BJxPSaOlIfqkO7dHGSLFnjEUY51WOCCgdl7g
iBEXfKPxGF3yLjTYe2iEkP4+9W6tsEh960aBqHEc1d5xCK8ywVsqcKAZqkmnXkO+
NSgVz3NWoCZyMKVN4y+9K4yP6FIrVZFCRX2aWM4OCxIkuqFdpSVzZCCZsK7pzyJO
Ay0=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:07:50 2025 by rpki-client