Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/s9X3RjWNX64bIP2AGdVmIGqJ1EY.roa
File: s9X3RjWNX64bIP2AGdVmIGqJ1EY.roa (raw, json)
Hash identifier: gX1EYiQu49/cQYaH3Sp74zdhZiA5IT1vHdvmvjuyqsc=
Subject key identifier: B3:D5:F7:46:35:8D:5F:AE:1B:20:FD:80:19:D5:66:20:6A:89:D4:46
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C2543FC77A8CD157F6CA347550C6203AA
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/s9X3RjWNX64bIP2AGdVmIGqJ1EY.roa
Signing time: Fri 01 Dec 2023 12:04:21 +0000
ROA not before: Fri 01 Dec 2023 12:04:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:2543:bf59/128 maxlen: 128
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:25:43:fc:77:a8:cd:15:7f:6c:a3:47:55:0c:62:03:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 1 12:04:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3d5f746358d5fae1b20fd8019d566206a89d446
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c0:80:a3:da:49:ab:c2:81:d4:42:d9:d1:cb:
f9:e5:e5:72:da:f9:fa:ba:94:20:54:f7:d2:b2:8b:
8f:ac:da:0f:21:4a:19:ec:57:a2:86:be:1d:18:06:
06:d9:89:51:b6:4b:10:1f:01:6c:73:aa:4e:39:3d:
1b:5c:0e:6e:ce:39:0a:bb:be:29:e0:cf:e8:95:d9:
c0:5f:18:0b:eb:9d:79:80:f5:3d:ce:dd:f6:25:aa:
61:56:52:21:4b:0e:f5:c7:42:a6:ab:51:d1:58:95:
e0:cc:9f:38:8d:fd:fb:34:1a:38:27:7d:25:c5:73:
45:68:97:4f:85:6f:9c:2f:69:25:12:e4:55:47:8d:
d1:c7:3a:05:f3:79:1e:6a:db:27:2d:d4:51:c8:c2:
91:c8:e3:db:3d:78:ca:04:95:6b:a7:1d:6b:ea:bf:
db:1b:a8:ff:1a:73:d8:81:6c:3e:f1:b7:e5:e2:2e:
bd:27:10:f2:f6:f3:42:21:42:4f:37:bc:c4:b6:0d:
ae:c8:49:2b:21:b8:12:81:d3:a5:0b:40:c3:f5:c7:
9d:36:60:a6:da:2f:c7:35:9d:1c:45:f3:82:68:ff:
db:28:69:f6:56:a4:21:70:e6:f1:a6:bc:6e:59:2a:
3b:98:98:f9:2f:d2:19:6e:55:80:a3:ce:9f:7e:51:
37:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:D5:F7:46:35:8D:5F:AE:1B:20:FD:80:19:D5:66:20:6A:89:D4:46
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/s9X3RjWNX64bIP2AGdVmIGqJ1EY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c9:b9:75:17:eb:58:7f:d3:b6:4b:36:3a:75:f5:8b:69:76:d3:
55:8f:bf:06:23:d6:2a:17:a4:ba:e8:15:a2:65:cb:27:ba:08:
b3:42:67:98:04:a4:d9:98:35:a9:56:39:96:a7:36:cf:bc:55:
dc:48:84:d5:84:f1:75:38:30:ee:8f:a6:44:c2:5c:fd:47:9d:
c6:0d:c1:8c:f8:98:c8:d3:79:aa:88:43:3e:30:74:c9:e5:fc:
95:62:7d:85:45:cd:10:ee:27:64:b1:e0:d3:a6:72:47:00:2c:
6d:5e:e6:0f:3d:c7:1c:e8:0c:32:c2:30:39:a0:19:31:cc:69:
f2:cf:22:c6:a0:3f:45:57:69:be:52:02:99:aa:b3:06:de:7c:
a5:75:91:ce:25:ae:36:51:14:2d:c8:6d:d5:49:a4:d1:a4:8c:
63:e7:7e:0b:99:b5:b5:c0:06:7b:3d:77:32:b6:ab:77:40:8c:
41:02:fd:37:6c:45:87:37:6e:00:79:f2:7a:93:e5:74:6c:6f:
43:f8:72:fb:eb:dd:d7:3c:5b:b8:03:13:33:2a:d3:bc:8f:2e:
bd:92:f6:b4:15:d1:45:1d:a1:aa:27:5d:eb:c1:8f:47:76:56:
a6:c2:33:67:27:07:1b:c2:9e:23:49:3a:d6:58:ca:64:78:01:
99:5c:0e:14
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwlQ/x3qM0Vf2yjR1UMYgOqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjAxMTIwNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2Q1Zjc0NjM1OGQ1ZmFlMWIyMGZkODAxOWQ1NjYyMDZhODlkNDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsCAo9pJq8KB1ELZ0cv55eVy2vn6
upQgVPfSsouPrNoPIUoZ7Feihr4dGAYG2YlRtksQHwFsc6pOOT0bXA5uzjkKu74p
4M/oldnAXxgL6515gPU9zt32JaphVlIhSw71x0Kmq1HRWJXgzJ84jf37NBo4J30l
xXNFaJdPhW+cL2klEuRVR43RxzoF83keatsnLdRRyMKRyOPbPXjKBJVrpx1r6r/b
G6j/GnPYgWw+8bfl4i69JxDy9vNCIUJPN7zEtg2uyEkrIbgSgdOlC0DD9cedNmCm
2i/HNZ0cRfOCaP/bKGn2VqQhcObxprxuWSo7mJj5L9IZblWAo86fflE3PQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLPV90Y1jV+uGyD9gBnVZiBqidRGMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvczlYM1JqV05YNjRiSVAyQUdkVm1JR3FKMUVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMm5dRfrWH/Ttks2OnX1
i2l201WPvwYj1ioXpLroFaJlyye6CLNCZ5gEpNmYNalWOZanNs+8VdxIhNWE8XU4
MO6PpkTCXP1HncYNwYz4mMjTeaqIQz4wdMnl/JVifYVFzRDuJ2Sx4NOmckcALG1e
5g89xxzoDDLCMDmgGTHMafLPIsagP0VXab5SApmqswbefKV1kc4lrjZRFC3IbdVJ
pNGkjGPnfguZtbXABns9dzK2q3dAjEEC/TdsRYc3bgB58nqT5XRsb0P4cvvr3dc8
W7gDEzMq07yPLr2S9rQV0UUdoaonXevBj0d2VqbCM2cnBxvCniNJOtZYymR4AZlc
DhQ=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:09:26 2025 by rpki-client