Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/sKv8r4HeGA6xAo4TK9j2NLTsjjs.roa
File: sKv8r4HeGA6xAo4TK9j2NLTsjjs.roa (raw, json)
Hash identifier: /dAStCfs5R1uXcvQSEyoOA+DePyAXfxwrsjWScSfun0=
Subject key identifier: B0:AB:FC:AF:81:DE:18:0E:B1:02:8E:13:2B:D8:F6:34:B4:EC:8E:3B
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C7E59892194CEB44AD1DADA2D709932E7
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/sKv8r4HeGA6xAo4TK9j2NLTsjjs.roa
Signing time: Mon 18 Dec 2023 19:14:06 +0000
ROA not before: Mon 18 Dec 2023 19:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7e:59:89:21:94:ce:b4:4a:d1:da:da:2d:70:99:32:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 18 19:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b0abfcaf81de180eb1028e132bd8f634b4ec8e3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:bd:98:0a:94:fc:ca:a4:7f:a7:90:6e:e5:99:
86:17:2a:20:36:1f:48:cf:1d:e0:2a:72:24:b8:27:
90:ef:e6:98:66:ef:0f:9d:6d:1f:8d:8b:bc:24:84:
58:99:1c:d5:3b:f9:35:a1:23:d6:fa:df:0d:71:24:
9b:dc:69:45:46:fd:6a:21:7b:c7:60:16:1e:86:f2:
53:a3:e7:f6:4d:1e:69:e7:57:fc:da:b0:55:55:46:
ed:e7:0a:f4:d8:8e:c2:c8:cc:65:5f:c2:83:20:b4:
6f:ae:9d:a2:ac:0d:d0:45:17:a3:9a:d4:be:2d:b5:
18:1c:25:d5:1c:64:b5:0a:02:43:a3:e7:bd:f8:c3:
0e:9a:17:34:31:e0:ca:2f:1d:14:a6:eb:56:1b:e7:
2c:09:33:ff:ac:6f:af:8b:30:7e:57:0f:b2:a3:32:
f3:61:36:f8:da:a6:ee:4e:31:11:19:29:65:62:a1:
e9:9c:05:7c:a4:f2:f9:38:63:bc:be:aa:18:f4:e9:
48:ef:4a:23:9a:16:fc:a1:b2:ad:6d:15:90:67:61:
7f:7e:b9:0f:5a:6d:04:10:50:8b:a1:22:50:dc:33:
a6:2a:fe:7a:f5:90:22:1f:5f:57:4e:83:c2:a3:59:
32:25:e6:2c:f4:5b:0c:80:54:e1:d6:c1:af:1e:04:
e7:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:AB:FC:AF:81:DE:18:0E:B1:02:8E:13:2B:D8:F6:34:B4:EC:8E:3B
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/sKv8r4HeGA6xAo4TK9j2NLTsjjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8c:e1:3f:0a:8e:2d:5d:1c:16:f2:ee:bd:36:8e:4b:45:85:8a:
61:9e:97:8d:2d:9b:ea:53:74:fd:6e:c9:58:7f:6d:c6:b2:cd:
1b:f5:a4:b2:ca:b8:73:ab:fe:4a:e9:30:a8:c6:f9:0a:b8:d5:
28:b8:33:e7:f5:a1:4e:a7:1d:c6:22:22:d9:39:92:74:e2:6b:
0d:b8:55:c9:45:00:21:7d:3c:b3:f8:89:c0:d9:6e:81:23:67:
9f:32:e9:94:c3:5b:7c:97:a1:af:54:e3:8e:95:48:56:d1:96:
73:12:da:08:a7:dd:9b:91:55:7f:80:50:dd:1a:8e:99:4d:c7:
7b:5b:39:a4:ab:58:2a:ce:cf:6a:ef:8a:90:2e:ed:26:57:a5:
d8:3b:c3:0a:aa:6a:a0:df:ea:bc:26:e4:d3:e9:5a:cc:85:1a:
63:76:8a:84:de:d2:8b:82:78:65:61:ac:a0:86:84:5d:b1:19:
2a:f9:17:23:e0:dd:60:2c:fe:20:10:78:2d:30:a3:c2:97:37:
c4:9a:13:80:02:28:e9:7c:85:28:05:ef:93:25:5d:c3:9c:19:
11:58:3f:7b:fd:b1:e3:e7:86:45:e8:4b:66:37:7d:02:ae:f6:
05:79:23:c8:68:c2:8d:1c:ae:6b:be:63:60:b2:d5:56:e2:c4:
3c:ce:e2:88
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYx+WYkhlM60StHa2i1wmTLnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE4MTkxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGFiZmNhZjgxZGUxODBlYjEwMjhlMTMyYmQ4ZjYzNGI0ZWM4ZTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkr2YCpT8yqR/p5Bu5ZmGFyogNh9I
zx3gKnIkuCeQ7+aYZu8PnW0fjYu8JIRYmRzVO/k1oSPW+t8NcSSb3GlFRv1qIXvH
YBYehvJTo+f2TR5p51f82rBVVUbt5wr02I7CyMxlX8KDILRvrp2irA3QRRejmtS+
LbUYHCXVHGS1CgJDo+e9+MMOmhc0MeDKLx0UputWG+csCTP/rG+vizB+Vw+yozLz
YTb42qbuTjERGSllYqHpnAV8pPL5OGO8vqoY9OlI70ojmhb8obKtbRWQZ2F/frkP
Wm0EEFCLoSJQ3DOmKv569ZAiH19XToPCo1kyJeYs9FsMgFTh1sGvHgTn1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLCr/K+B3hgOsQKOEyvY9jS07I47MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvc0t2OHI0SGVHQTZ4QW80VEs5ajJOTFRzampzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIzhPwqOLV0cFvLuvTaO
S0WFimGel40tm+pTdP1uyVh/bcayzRv1pLLKuHOr/krpMKjG+Qq41Si4M+f1oU6n
HcYiItk5knTiaw24VclFACF9PLP4icDZboEjZ58y6ZTDW3yXoa9U446VSFbRlnMS
2gin3ZuRVX+AUN0ajplNx3tbOaSrWCrOz2rvipAu7SZXpdg7wwqqaqDf6rwm5NPp
WsyFGmN2ioTe0ouCeGVhrKCGhF2xGSr5FyPg3WAs/iAQeC0wo8KXN8SaE4ACKOl8
hSgF75MlXcOcGRFYP3v9sePnhkXoS2Y3fQKu9gV5I8howo0crmu+Y2Cy1VbixDzO
4og=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:17:45 2025 by rpki-client