Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rMvDoj124cz6iLLIvHziJm5Hawc.roa
File: rMvDoj124cz6iLLIvHziJm5Hawc.roa (raw, json)
Hash identifier: Sm+DCX/zjtG91VDYqCKgaHxwq92D8427bk0wackXzyM=
Subject key identifier: AC:CB:C3:A2:3D:76:E1:CC:FA:88:B2:C8:BC:7C:E2:26:6E:47:6B:07
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B7FDF814A097409CAD8EC936D5A01DB3B
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rMvDoj124cz6iLLIvHziJm5Hawc.roa
Signing time: Mon 30 Oct 2023 09:17:15 +0000
ROA not before: Mon 30 Oct 2023 09:17:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:7f:df:81:4a:09:74:09:ca:d8:ec:93:6d:5a:01:db:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 30 09:17:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=accbc3a23d76e1ccfa88b2c8bc7ce2266e476b07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:88:66:e0:89:df:39:b8:94:6c:b2:ac:78:6d:
8b:76:6f:43:cf:f3:61:99:31:91:20:c8:ba:eb:bc:
58:c7:f5:1d:df:1b:59:8d:19:50:e1:3d:3d:6c:87:
c4:bc:da:54:d0:db:18:87:c8:ae:48:ae:34:11:d2:
d5:11:7e:af:03:88:26:45:57:fa:87:8a:11:ab:8e:
ba:57:a3:f7:4b:01:36:a3:9d:b0:dd:d2:44:a4:b2:
27:7c:a3:12:73:b8:92:8e:41:09:47:6f:b5:82:1e:
0d:2f:87:0e:05:b3:40:7f:13:73:a9:cf:c5:89:98:
36:06:ae:7a:d3:a2:30:26:16:5e:03:7e:cc:84:12:
1d:53:d0:9f:54:d2:d9:20:be:a9:c0:3c:2d:59:e9:
d2:cc:ab:97:99:7e:1a:e0:ad:d9:7a:7d:46:4e:88:
14:9b:4a:35:c2:35:15:f0:be:f2:15:5b:93:08:8c:
c0:3f:3d:a2:85:2e:94:c8:65:eb:4e:ef:6b:2f:ee:
9c:bb:dd:6d:17:ba:ca:8c:a8:0b:ba:a2:85:68:99:
55:ed:d6:a1:73:59:e7:44:b0:1a:43:58:59:4f:83:
b3:75:0e:2c:eb:18:e6:f9:fe:d5:7d:ba:0b:f7:e2:
35:09:24:98:9b:2c:68:88:21:04:b9:35:69:88:ef:
39:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:CB:C3:A2:3D:76:E1:CC:FA:88:B2:C8:BC:7C:E2:26:6E:47:6B:07
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rMvDoj124cz6iLLIvHziJm5Hawc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9f:18:85:ed:93:e1:53:51:7c:61:35:04:f6:44:46:f5:8f:18:
9f:33:4d:9a:eb:df:2e:29:66:09:3f:5f:c0:19:58:6a:c5:73:
3f:94:9d:ff:9f:b1:55:b4:c0:91:38:25:55:32:af:f8:30:c7:
5d:70:93:bb:33:3c:4f:d1:9f:20:b9:12:90:ad:dc:19:3c:5e:
23:a1:f9:6c:af:f6:d5:0b:02:1b:61:2a:24:4e:be:7b:0f:83:
0c:01:45:45:03:09:fc:2d:89:cb:f1:e4:04:92:7e:57:06:f0:
93:8e:53:bd:67:18:c5:e5:3f:d4:51:e9:45:ad:4c:06:c2:ec:
6c:08:43:9f:ae:bc:4d:6d:2d:8b:a5:9d:97:73:bc:c9:88:33:
59:1d:47:73:2d:9f:af:5f:fe:b8:47:1e:90:b6:6d:bb:96:0e:
85:a2:a5:e1:8e:5b:aa:66:70:a7:bc:23:a7:58:ed:ab:3f:9c:
48:97:ce:3a:1f:65:37:a4:ae:e9:dd:dd:5f:35:1e:f3:6b:bc:
b4:f3:e4:6c:b7:d9:68:cc:81:9f:24:0f:57:7c:30:6d:39:76:
d8:bf:b1:69:9e:17:0f:19:3b:c9:db:02:a4:0b:eb:db:6c:67:
be:09:11:00:64:c8:45:af:df:0b:66:cc:dc:aa:c6:49:6f:d3:
f0:4f:ad:d2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYt/34FKCXQJytjsk21aAds7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDMwMDkxNzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2NiYzNhMjNkNzZlMWNjZmE4OGIyYzhiYzdjZTIyNjZlNDc2YjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA14hm4InfObiUbLKseG2Ldm9Dz/Nh
mTGRIMi667xYx/Ud3xtZjRlQ4T09bIfEvNpU0NsYh8iuSK40EdLVEX6vA4gmRVf6
h4oRq466V6P3SwE2o52w3dJEpLInfKMSc7iSjkEJR2+1gh4NL4cOBbNAfxNzqc/F
iZg2Bq5606IwJhZeA37MhBIdU9CfVNLZIL6pwDwtWenSzKuXmX4a4K3Zen1GTogU
m0o1wjUV8L7yFVuTCIzAPz2ihS6UyGXrTu9rL+6cu91tF7rKjKgLuqKFaJlV7dah
c1nnRLAaQ1hZT4OzdQ4s6xjm+f7VfboL9+I1CSSYmyxoiCEEuTVpiO85GQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKzLw6I9duHM+oiyyLx84iZuR2sHMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvck12RG9qMTI0Y3o2aUxMSXZIemlKbTVIYXdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ8Yhe2T4VNRfGE1BPZE
RvWPGJ8zTZrr3y4pZgk/X8AZWGrFcz+Unf+fsVW0wJE4JVUyr/gwx11wk7szPE/R
nyC5EpCt3Bk8XiOh+Wyv9tULAhthKiROvnsPgwwBRUUDCfwticvx5ASSflcG8JOO
U71nGMXlP9RR6UWtTAbC7GwIQ5+uvE1tLYulnZdzvMmIM1kdR3Mtn69f/rhHHpC2
bbuWDoWipeGOW6pmcKe8I6dY7as/nEiXzjofZTekrund3V81HvNrvLTz5Gy32WjM
gZ8kD1d8MG05dti/sWmeFw8ZO8nbAqQL69tsZ74JEQBkyEWv3wtmzNyqxklv0/BP
rdI=
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:11:01 2025 by rpki-client