Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/riDjlTrNZv8m8BbHrWs8rmppNx0.roa
File: riDjlTrNZv8m8BbHrWs8rmppNx0.roa (raw, json)
Hash identifier: 1kDevDN012Ec+YwcX5sZrOpjFfuipJvPFCZCszgEnDo=
Subject key identifier: AE:20:E3:95:3A:CD:66:FF:26:F0:16:C7:AD:6B:3C:AE:6A:69:37:1D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BD9F78E109396FCFCD5FFB4225FB50F49
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/riDjlTrNZv8m8BbHrWs8rmppNx0.roa
Signing time: Thu 16 Nov 2023 21:09:21 +0000
ROA not before: Thu 16 Nov 2023 21:09:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d9:f7:8e:10:93:96:fc:fc:d5:ff:b4:22:5f:b5:0f:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 16 21:09:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae20e3953acd66ff26f016c7ad6b3cae6a69371d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:a7:86:39:13:43:8e:ab:b0:32:03:a5:fe:d8:
64:42:20:1b:90:1e:fe:d9:03:9a:d4:22:cb:22:90:
e7:fd:08:0f:77:b5:90:81:6f:c7:fa:2f:84:6e:b1:
33:82:55:ad:a8:16:64:ed:5a:98:60:ed:c1:29:72:
04:ac:46:24:45:9f:ff:72:31:fb:b2:00:40:7d:8c:
2a:ec:a6:46:6f:55:d3:0f:49:5f:8c:8d:2f:c3:26:
3f:02:6d:6a:ca:86:47:95:b0:6c:0a:5e:a8:53:47:
a8:a5:8d:d7:ad:48:44:65:05:09:21:2e:fd:5d:26:
ae:16:3b:03:bc:d3:bc:d8:55:58:a4:d0:82:c9:80:
60:d8:b4:b0:f7:86:8c:38:6e:bc:da:02:db:0b:17:
d8:90:18:77:52:0c:05:42:22:a2:f5:66:42:db:23:
95:a8:ab:68:f8:72:3f:18:99:de:d6:c8:63:cb:6b:
00:e0:04:24:b1:e2:3a:39:48:ab:81:80:c6:9f:21:
1d:e2:f1:b7:97:31:36:ae:7d:24:6d:64:76:81:a1:
d7:92:44:0b:dc:63:17:0c:60:70:38:92:3f:4f:80:
a4:3f:f4:c0:20:29:58:cb:a9:ad:45:d9:1a:d4:35:
b7:41:6a:a9:82:f6:e0:61:b4:08:91:d4:fe:65:03:
87:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:20:E3:95:3A:CD:66:FF:26:F0:16:C7:AD:6B:3C:AE:6A:69:37:1D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/riDjlTrNZv8m8BbHrWs8rmppNx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
43:e2:b7:d7:b7:cf:bc:2c:78:02:3a:61:7a:9e:5e:cc:31:69:
60:f9:b0:5b:bb:16:1e:07:1d:81:cf:b1:83:ab:00:e1:ef:ae:
25:fa:5b:a7:ff:53:64:20:79:1d:49:b1:b0:a8:c3:5b:9e:e5:
3c:4f:e9:45:7e:2a:e3:0f:55:1c:3f:36:eb:90:c3:ab:b1:35:
93:47:8d:ca:bb:20:d2:35:32:57:14:88:5b:59:da:1f:5d:20:
83:33:d8:a7:a7:22:66:b2:67:13:8c:b2:6c:97:e5:08:46:b4:
f1:c3:30:ce:dc:ec:a3:34:13:0a:7a:d4:46:3d:17:f0:1d:16:
ec:af:1c:01:4d:51:d5:1d:79:65:21:c3:79:9d:1a:c8:42:7f:
72:09:fe:69:a5:b9:13:bf:e3:8f:da:d1:3c:09:43:9c:7f:20:
8b:97:52:82:56:5c:b1:f4:89:3a:70:97:24:0d:82:1e:eb:eb:
7e:df:bb:b3:e9:04:33:f6:52:f6:86:04:a2:c1:ce:56:ca:ae:
a8:25:20:2c:a3:7b:70:8a:15:8e:c9:96:03:07:8b:d2:c3:f5:
63:12:5c:47:14:b7:be:c4:ad:e0:af:cb:0d:c9:79:8d:4a:67:
d6:bd:d1:0b:88:07:55:ba:e2:bf:6e:e0:86:e3:8d:b0:5b:1d:
16:43:55:87
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvZ944Qk5b8/NX/tCJftQ9JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTE2MjEwOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTIwZTM5NTNhY2Q2NmZmMjZmMDE2YzdhZDZiM2NhZTZhNjkzNzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6eGORNDjquwMgOl/thkQiAbkB7+
2QOa1CLLIpDn/QgPd7WQgW/H+i+EbrEzglWtqBZk7VqYYO3BKXIErEYkRZ//cjH7
sgBAfYwq7KZGb1XTD0lfjI0vwyY/Am1qyoZHlbBsCl6oU0eopY3XrUhEZQUJIS79
XSauFjsDvNO82FVYpNCCyYBg2LSw94aMOG682gLbCxfYkBh3UgwFQiKi9WZC2yOV
qKto+HI/GJne1shjy2sA4AQkseI6OUirgYDGnyEd4vG3lzE2rn0kbWR2gaHXkkQL
3GMXDGBwOJI/T4CkP/TAIClYy6mtRdka1DW3QWqpgvbgYbQIkdT+ZQOH1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK4g45U6zWb/JvAWx61rPK5qaTcdMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvcmlEamxUck5adjhtOEJiSHJXczhybXBwTngwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEPit9e3z7wseAI6YXqe
XswxaWD5sFu7Fh4HHYHPsYOrAOHvriX6W6f/U2QgeR1JsbCow1ue5TxP6UV+KuMP
VRw/NuuQw6uxNZNHjcq7INI1MlcUiFtZ2h9dIIMz2KenImayZxOMsmyX5QhGtPHD
MM7c7KM0Ewp61EY9F/AdFuyvHAFNUdUdeWUhw3mdGshCf3IJ/mmluRO/44/a0TwJ
Q5x/IIuXUoJWXLH0iTpwlyQNgh7r637fu7PpBDP2UvaGBKLBzlbKrqglICyje3CK
FY7JlgMHi9LD9WMSXEcUt77EreCvyw3JeY1KZ9a90QuIB1W64r9u4IbjjbBbHRZD
VYc=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:29:54 2025 by rpki-client