Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rOq8iKWMsi-bWqutsQib5QoMFKk.roa
File: rOq8iKWMsi-bWqutsQib5QoMFKk.roa (raw, json)
Hash identifier: d5r0tRyrzbBYZZo9VNxghA9OrUn1SscfbgyHVkUbT70=
Subject key identifier: AC:EA:BC:88:A5:8C:B2:2F:9B:5A:AB:AD:B1:08:9B:E5:0A:0C:14:A9
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B0F36131FC8347DB80292C7D672188186
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rOq8iKWMsi-bWqutsQib5QoMFKk.roa
Signing time: Sun 08 Oct 2023 12:14:43 +0000
ROA not before: Sun 08 Oct 2023 12:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:0f:36:13:1f:c8:34:7d:b8:02:92:c7:d6:72:18:81:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 8 12:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aceabc88a58cb22f9b5aabadb1089be50a0c14a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d1:65:ce:2e:3e:f2:63:e0:be:f1:21:81:ea:
71:21:71:4a:9a:d7:c0:c1:6a:53:b7:76:15:45:63:
7c:c6:64:e9:e0:d9:95:17:40:dc:d0:e4:91:f1:8e:
69:0c:59:ed:5e:61:37:de:fc:a7:70:32:22:1f:43:
bd:d1:1c:5c:b3:c2:90:42:dc:13:96:f3:e3:6e:03:
79:05:9a:d7:aa:24:85:55:a8:58:b2:15:0b:ab:6e:
de:68:fd:66:c5:6d:ec:bb:6b:aa:09:3c:71:bd:19:
c9:18:45:38:08:65:17:e3:11:7c:bc:e6:d9:3c:2d:
36:28:d9:6f:26:e8:67:3d:b1:ac:37:18:ed:94:e1:
ec:67:39:5e:74:c0:11:46:b4:68:1e:c4:7d:71:cd:
d4:2c:3e:27:e4:79:5a:ca:3a:0e:5a:ce:7a:5b:72:
b4:c3:80:f2:65:fa:1f:38:d6:67:02:1b:c7:27:3a:
36:86:a6:80:f2:87:e1:2a:db:d1:aa:41:41:7b:dd:
da:0b:75:c7:23:fa:9f:18:33:67:07:f7:0f:1d:e1:
1e:0b:27:f0:4f:fa:cd:f3:11:b8:b3:2c:54:06:31:
65:33:78:d0:c0:ad:e7:d3:a7:7d:41:81:75:96:49:
f9:a9:5e:84:fc:89:fb:d1:db:f4:85:31:9d:c2:81:
56:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:EA:BC:88:A5:8C:B2:2F:9B:5A:AB:AD:B1:08:9B:E5:0A:0C:14:A9
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rOq8iKWMsi-bWqutsQib5QoMFKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ca:8c:71:d6:3e:b0:89:32:5b:2d:bc:a7:5f:2e:b1:8d:54:9e:
1e:bb:7d:80:96:4a:5e:8e:c8:a0:68:66:de:4a:a2:c9:c1:55:
da:57:c1:6d:3d:a2:ba:d0:3e:a7:f6:e4:dc:1b:75:bd:1f:34:
e6:60:d2:31:0e:a4:0b:0c:1a:8b:3d:3e:bb:af:d0:b8:40:4f:
68:86:c3:10:66:50:65:a0:fb:79:37:11:1b:cb:0d:21:e5:1f:
a2:82:41:d1:19:a7:f0:c9:1f:33:11:ad:1f:bb:cc:95:13:16:
bd:57:c4:de:35:08:dd:a4:7b:2f:29:26:a0:df:97:a8:b2:87:
cd:2c:c5:f2:73:9d:9e:3e:03:11:bf:66:f7:2f:18:bd:8d:9e:
40:5a:04:f9:08:88:03:7e:24:f3:10:38:b3:95:79:9a:52:d1:
ee:32:67:2d:10:b9:54:26:fe:53:a2:e9:90:31:1a:3b:d2:a1:
2d:6f:df:c0:f1:f8:68:b6:c3:f8:64:f1:04:b3:21:8d:a5:07:
c6:f0:bf:b7:43:b5:47:02:04:bd:64:df:36:d4:42:c9:06:5d:
75:de:2b:48:02:73:5d:17:af:43:69:eb:da:03:0f:56:16:2e:
5e:e8:9b:1f:d1:e2:fb:ff:7f:ed:f8:7d:95:59:6b:7e:65:86:
80:46:d6:ec
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsPNhMfyDR9uAKSx9ZyGIGGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA4MTIxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2VhYmM4OGE1OGNiMjJmOWI1YWFiYWRiMTA4OWJlNTBhMGMxNGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtFlzi4+8mPgvvEhgepxIXFKmtfA
wWpTt3YVRWN8xmTp4NmVF0Dc0OSR8Y5pDFntXmE33vyncDIiH0O90Rxcs8KQQtwT
lvPjbgN5BZrXqiSFVahYshULq27eaP1mxW3su2uqCTxxvRnJGEU4CGUX4xF8vObZ
PC02KNlvJuhnPbGsNxjtlOHsZzledMARRrRoHsR9cc3ULD4n5HlayjoOWs56W3K0
w4DyZfofONZnAhvHJzo2hqaA8ofhKtvRqkFBe93aC3XHI/qfGDNnB/cPHeEeCyfw
T/rN8xG4syxUBjFlM3jQwK3n06d9QYF1lkn5qV6E/In70dv0hTGdwoFWnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKzqvIiljLIvm1qrrbEIm+UKDBSpMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvck9xOGlLV01zaS1iV3F1dHNRaWI1UW9NRktrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMqMcdY+sIkyWy28p18u
sY1Unh67fYCWSl6OyKBoZt5KosnBVdpXwW09orrQPqf25Nwbdb0fNOZg0jEOpAsM
Gos9Pruv0LhAT2iGwxBmUGWg+3k3ERvLDSHlH6KCQdEZp/DJHzMRrR+7zJUTFr1X
xN41CN2key8pJqDfl6iyh80sxfJznZ4+AxG/ZvcvGL2NnkBaBPkIiAN+JPMQOLOV
eZpS0e4yZy0QuVQm/lOi6ZAxGjvSoS1v38Dx+Gi2w/hk8QSzIY2lB8bwv7dDtUcC
BL1k3zbUQskGXXXeK0gCc10Xr0Np69oDD1YWLl7omx/R4vv/f+34fZVZa35lhoBG
1uw=
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:11:49 2025 by rpki-client