Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pwE8ibP-Ez4FKCgEfaNMd79acOc.roa
File: pwE8ibP-Ez4FKCgEfaNMd79acOc.roa (raw, json)
Hash identifier: Dfz/o3uwUjjIb4e8gucroOXCHodkFU1R63zUDlQFv10=
Subject key identifier: A7:01:3C:89:B3:FE:13:3E:05:28:28:04:7D:A3:4C:77:BF:5A:70:E7
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C092F43568A858490DFD2D9E49C052165
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pwE8ibP-Ez4FKCgEfaNMd79acOc.roa
Signing time: Sun 26 Nov 2023 01:12:21 +0000
ROA not before: Sun 26 Nov 2023 01:12:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:09:2f:43:56:8a:85:84:90:df:d2:d9:e4:9c:05:21:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 26 01:12:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a7013c89b3fe133e052828047da34c77bf5a70e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:3f:fb:a8:05:f5:e2:c4:d9:e6:39:d4:f3:be:
8c:bf:e7:04:f5:33:1d:a2:d7:e2:90:4e:f6:85:93:
28:37:33:2a:09:19:ea:91:b3:84:08:6e:fc:fa:35:
a3:34:a5:a3:99:0f:44:b4:dd:9a:fa:79:9c:56:74:
2a:a7:93:5a:0b:0b:8c:fc:bc:62:f9:a1:dd:eb:ca:
56:6f:24:62:33:57:25:33:fa:1b:6c:bd:4a:74:3b:
ee:10:c9:b3:8c:74:d8:2f:17:1f:2a:b6:32:1d:d9:
c0:5c:1f:4a:f4:df:7c:0b:7e:41:de:59:60:c3:7f:
62:eb:f0:63:af:ad:fe:5f:a8:90:2e:6d:b4:4a:f1:
b9:97:08:52:9d:db:4e:24:11:db:f1:61:97:61:8b:
31:90:87:f0:06:ae:28:2b:99:58:90:fd:a2:24:32:
c4:63:1a:f3:9c:2b:bd:68:08:05:33:57:68:84:2c:
c7:e0:ab:81:8d:61:49:7c:b2:53:62:1b:7a:94:69:
26:17:23:f6:a2:1b:90:95:fb:ce:6a:71:bd:6b:3d:
53:29:bc:a8:68:d5:21:da:a7:0c:a1:d3:a5:6c:50:
c3:2d:be:f7:cc:d1:30:94:f4:ac:4d:b4:2d:00:15:
98:08:18:f7:59:24:bb:1d:2e:b6:f0:f3:fc:16:34:
7c:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:01:3C:89:B3:FE:13:3E:05:28:28:04:7D:A3:4C:77:BF:5A:70:E7
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pwE8ibP-Ez4FKCgEfaNMd79acOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b5:9e:d0:df:f2:21:bb:df:75:c3:68:06:27:c3:4e:1e:92:c0:
4a:0a:57:f3:ae:2f:3b:da:01:52:20:24:ee:7c:1c:a5:c2:b7:
29:54:db:2d:46:bb:90:b9:51:13:a6:e4:a7:9e:5f:24:af:17:
f6:81:1d:35:66:df:82:2b:c2:11:58:e2:25:2c:f9:cd:0f:a5:
f3:02:84:30:8f:84:12:ea:9e:46:0e:63:cd:e1:7f:02:5c:fc:
2d:7d:f7:44:bc:d6:6e:7a:f4:dd:65:61:82:f2:e1:cb:28:d8:
e6:92:21:61:94:e3:19:08:3e:c5:2e:fe:cd:f6:9f:42:8d:64:
d5:53:04:30:0b:21:37:23:ef:1c:4d:bc:84:3e:8c:52:68:eb:
fc:30:d5:1b:ff:f6:10:6a:0f:1c:c0:42:f9:09:fd:14:cd:95:
a9:b8:f2:60:0f:7c:67:cd:b5:9f:47:b1:06:f5:04:f4:0e:fb:
f3:78:cc:b3:f4:8b:65:01:17:4f:50:c3:79:a9:ab:28:ef:14:
64:93:8a:8d:b3:fa:88:34:b3:11:35:18:87:f6:b7:de:b4:58:
df:3a:14:f3:53:75:1d:23:e8:17:02:73:0e:f3:a9:a9:cd:32:
15:87:53:d3:80:48:1c:74:ff:97:06:9d:f1:a0:e5:bc:eb:b3:
72:62:88:56
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwJL0NWioWEkN/S2eScBSFlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI2MDExMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzAxM2M4OWIzZmUxMzNlMDUyODI4MDQ3ZGEzNGM3N2JmNWE3MGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApT/7qAX14sTZ5jnU876Mv+cE9TMd
otfikE72hZMoNzMqCRnqkbOECG78+jWjNKWjmQ9EtN2a+nmcVnQqp5NaCwuM/Lxi
+aHd68pWbyRiM1clM/obbL1KdDvuEMmzjHTYLxcfKrYyHdnAXB9K9N98C35B3llg
w39i6/Bjr63+X6iQLm20SvG5lwhSndtOJBHb8WGXYYsxkIfwBq4oK5lYkP2iJDLE
YxrznCu9aAgFM1dohCzH4KuBjWFJfLJTYht6lGkmFyP2ohuQlfvOanG9az1TKbyo
aNUh2qcModOlbFDDLb73zNEwlPSsTbQtABWYCBj3WSS7HS628PP8FjR80QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKcBPImz/hM+BSgoBH2jTHe/WnDnMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvcHdFOGliUC1FejRGS0NnRWZhTk1kNzlhY09jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALWe0N/yIbvfdcNoBifD
Th6SwEoKV/OuLzvaAVIgJO58HKXCtylU2y1Gu5C5UROm5KeeXySvF/aBHTVm34Ir
whFY4iUs+c0PpfMChDCPhBLqnkYOY83hfwJc/C1990S81m569N1lYYLy4cso2OaS
IWGU4xkIPsUu/s32n0KNZNVTBDALITcj7xxNvIQ+jFJo6/ww1Rv/9hBqDxzAQvkJ
/RTNlam48mAPfGfNtZ9HsQb1BPQO+/N4zLP0i2UBF09Qw3mpqyjvFGSTio2z+og0
sxE1GIf2t960WN86FPNTdR0j6BcCcw7zqanNMhWHU9OASBx0/5cGnfGg5bzrs3Ji
iFY=
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:40:33 2025 by rpki-client