Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/sIdtzBu0K5-YSuSHe5nPMLYGeXQ.roa
File: sIdtzBu0K5-YSuSHe5nPMLYGeXQ.roa (raw, json)
Hash identifier: XTZHwEdXQ/OVdP8cN6pfAkQ/FkJTSFe/oEYWm/9U9UM=
Subject key identifier: B0:87:6D:CC:1B:B4:2B:9F:98:4A:E4:87:7B:99:CF:30:B6:06:79:74
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C352E96BC2B6795754069EE29EBB7E8B9
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/sIdtzBu0K5-YSuSHe5nPMLYGeXQ.roa
Signing time: Mon 04 Dec 2023 14:14:54 +0000
ROA not before: Mon 04 Dec 2023 14:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:35:2e:96:bc:2b:67:95:75:40:69:ee:29:eb:b7:e8:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 4 14:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b0876dcc1bb42b9f984ae4877b99cf30b6067974
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:d8:56:96:f4:4d:0d:46:8c:27:2e:56:cc:88:
ff:01:13:9c:b3:7a:e5:81:16:fd:3c:ff:c2:42:3e:
2f:04:7f:6c:71:a2:ef:de:ae:4d:9e:be:10:eb:ad:
93:3b:6a:b1:bb:f5:98:40:0c:ad:7a:7c:ec:a6:58:
ee:37:78:c2:12:cb:93:97:e6:7c:37:17:7a:0e:f0:
af:4c:a8:0b:6e:c7:96:e2:9b:17:94:17:83:12:61:
c0:fb:04:bd:83:cf:da:06:e1:8b:31:a3:72:66:28:
03:25:9c:06:a9:b6:cc:6a:49:da:d8:2f:74:51:3e:
c9:0b:fd:18:4d:d4:00:d1:fe:f9:a0:bd:0f:f3:28:
bd:0a:ec:7a:0e:9a:b5:98:7e:bf:cf:54:3c:cd:df:
b6:a8:46:c7:65:8b:f7:28:4e:34:9c:61:38:89:92:
47:a7:f0:af:b1:b0:f4:85:82:13:0a:cf:c2:92:d4:
d1:59:6b:2c:a9:1f:fe:50:2e:d8:01:19:21:60:8a:
a5:93:a8:fe:57:03:16:80:40:66:c7:ad:cb:42:27:
4b:83:12:68:f5:3e:37:b4:da:89:ec:a9:d8:2b:53:
ab:db:f4:0b:d6:23:11:45:e6:52:0b:72:7c:a4:fd:
14:eb:9c:7e:7a:cf:d2:0d:d7:b5:70:e2:05:ac:a9:
6c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:87:6D:CC:1B:B4:2B:9F:98:4A:E4:87:7B:99:CF:30:B6:06:79:74
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/sIdtzBu0K5-YSuSHe5nPMLYGeXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7c:0c:97:a1:54:df:5d:0c:87:95:bf:3a:0f:45:1b:5d:0e:49:
cc:64:3a:0f:92:5c:28:4f:86:81:e7:70:58:1b:80:bf:74:6b:
61:8c:71:b9:b6:db:44:6a:1a:88:6a:ab:9d:fd:19:28:ae:c1:
b8:d9:e4:4f:02:c6:ee:9a:f9:6d:29:8d:7a:7e:86:68:09:d3:
16:be:0e:76:0c:38:13:ad:b6:24:c5:20:81:c4:12:90:3d:32:
71:46:dd:60:5b:96:2a:57:fa:8b:10:91:7b:a8:ea:97:ba:58:
93:83:30:47:68:11:0f:c0:cc:f2:94:ed:4c:12:2f:e0:6c:b6:
fa:35:0b:90:f1:59:a0:25:41:bd:d5:6e:4f:ed:1e:0e:0f:b2:
b3:cb:9b:84:34:f8:89:9e:3e:ef:d1:80:d8:10:a3:32:60:fc:
d7:ec:c7:1c:aa:d1:17:bf:f1:7e:ea:45:cd:a0:ae:36:ae:25:
d5:45:1c:e4:67:1b:a4:95:47:69:7c:eb:fa:d7:1f:25:51:32:
60:a2:e6:88:85:7e:9c:03:86:2c:d2:5e:86:07:7b:50:82:5d:
cf:7b:53:0d:53:2d:58:65:53:82:95:d4:bc:3c:15:73:f5:ee:
3e:bb:5e:ea:fa:04:8f:fe:ab:bc:65:cb:7d:ea:3e:2b:52:d7:
54:15:34:02
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYw1Lpa8K2eVdUBp7inrt+i5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA0MTQxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDg3NmRjYzFiYjQyYjlmOTg0YWU0ODc3Yjk5Y2YzMGI2MDY3OTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidhWlvRNDUaMJy5WzIj/AROcs3rl
gRb9PP/CQj4vBH9scaLv3q5Nnr4Q662TO2qxu/WYQAytenzspljuN3jCEsuTl+Z8
Nxd6DvCvTKgLbseW4psXlBeDEmHA+wS9g8/aBuGLMaNyZigDJZwGqbbMakna2C90
UT7JC/0YTdQA0f75oL0P8yi9Cux6Dpq1mH6/z1Q8zd+2qEbHZYv3KE40nGE4iZJH
p/CvsbD0hYITCs/CktTRWWssqR/+UC7YARkhYIqlk6j+VwMWgEBmx63LQidLgxJo
9T43tNqJ7KnYK1Or2/QL1iMRReZSC3J8pP0U65x+es/SDde1cOIFrKlsXQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLCHbcwbtCufmErkh3uZzzC2Bnl0MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvc0lkdHpCdTBLNS1ZU3VTSGU1blBNTFlHZVhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHwMl6FU310Mh5W/Og9F
G10OScxkOg+SXChPhoHncFgbgL90a2GMcbm220RqGohqq539GSiuwbjZ5E8Cxu6a
+W0pjXp+hmgJ0xa+DnYMOBOttiTFIIHEEpA9MnFG3WBblipX+osQkXuo6pe6WJOD
MEdoEQ/AzPKU7UwSL+Bstvo1C5DxWaAlQb3Vbk/tHg4PsrPLm4Q0+ImePu/RgNgQ
ozJg/Nfsxxyq0Re/8X7qRc2grjauJdVFHORnG6SVR2l86/rXHyVRMmCi5oiFfpwD
hizSXoYHe1CCXc97Uw1TLVhlU4KV1Lw8FXP17j67Xur6BI/+q7xly33qPitS11QV
NAI=
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:07:27 2025 by rpki-client