Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/sRvlqguW4S0UkZmDu9azMNAJHnA.roa
File: sRvlqguW4S0UkZmDu9azMNAJHnA.roa (raw, json)
Hash identifier: jB8NopjPCB02EJ+ZWS8zmMYNZYr3l63q27woBR45ZjY=
Subject key identifier: B1:1B:E5:AA:0B:96:E1:2D:14:91:99:83:BB:D6:B3:30:D0:09:1E:70
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B028D1AE9F86D2E744CC1633722F47470
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/sRvlqguW4S0UkZmDu9azMNAJHnA.roa
Signing time: Fri 06 Oct 2023 01:14:43 +0000
ROA not before: Fri 06 Oct 2023 01:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:02:8d:1a:e9:f8:6d:2e:74:4c:c1:63:37:22:f4:74:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 6 01:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b11be5aa0b96e12d14919983bbd6b330d0091e70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:41:c8:b4:94:86:d1:45:a5:52:d6:76:7f:fa:
e8:1b:93:b7:38:7a:e7:ce:dc:f0:7c:ee:d3:9b:f7:
8d:e8:03:fc:94:f1:00:88:83:bc:c3:66:66:e6:d8:
e3:4f:b7:fe:9e:3e:d2:d9:07:59:77:a3:82:fa:78:
47:37:96:a6:dc:5a:3e:c1:eb:80:f5:1f:b0:bc:7d:
3e:54:d0:90:cc:f7:78:22:f4:9d:37:2d:04:ea:d0:
24:72:c6:77:6a:01:11:50:ed:8b:85:8c:f4:76:9e:
64:f1:71:36:c4:46:83:b9:fe:22:33:dd:22:5e:dc:
29:48:c4:72:da:b8:a9:58:3c:f7:ac:64:a9:70:53:
f0:97:47:f3:06:11:e5:20:e0:30:ff:b5:48:e5:c6:
57:76:db:67:0c:14:2c:2a:97:a9:f2:54:4f:eb:51:
03:d5:ed:7f:b3:3d:18:57:29:8e:49:48:00:7f:3f:
04:54:cd:15:71:fc:10:29:fe:3d:1e:b1:a1:64:3c:
f0:8b:05:67:a1:c8:15:ce:10:c3:0f:9e:eb:c6:d5:
2c:5e:88:3e:76:95:2c:fe:cf:7b:f7:0d:57:f5:51:
fe:f4:05:5c:70:03:e9:48:4c:6d:01:b7:9d:82:d9:
1e:38:c6:e8:ad:c4:b5:ba:e6:6e:bf:20:96:18:32:
4e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:1B:E5:AA:0B:96:E1:2D:14:91:99:83:BB:D6:B3:30:D0:09:1E:70
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/sRvlqguW4S0UkZmDu9azMNAJHnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0f:63:10:d0:c4:34:8d:62:c2:ca:6e:11:07:86:98:15:04:c0:
dd:97:f3:cd:57:11:5f:77:63:08:6c:eb:3d:5b:55:72:2c:52:
35:c4:b0:01:5a:a4:db:5e:86:22:34:a2:39:a3:29:e7:2c:66:
bb:6e:5f:55:f6:a2:d2:4b:2e:66:5f:ed:c3:d1:08:f8:fa:25:
78:c9:5c:aa:4c:0d:ef:a2:1e:87:b0:10:e0:cc:42:a1:e8:7f:
31:06:d5:52:f6:f4:71:74:35:27:85:77:b8:a4:3d:27:0c:fe:
61:5c:27:96:20:aa:b7:e9:66:a0:df:19:b2:bd:fb:ce:58:e7:
91:04:02:ff:e3:e7:d0:32:5e:14:33:50:14:32:be:8e:09:df:
4d:c5:ef:1f:dc:60:a2:f7:48:78:bf:71:14:05:03:5b:2e:29:
da:a1:f2:4d:19:87:f5:25:51:4b:54:2e:ca:c7:ea:4e:e5:b2:
26:e8:34:08:19:35:b8:67:99:db:fb:b8:56:96:d3:0f:56:f1:
c4:30:47:25:0c:ee:6e:28:e2:ee:be:04:0b:3c:3d:69:9a:18:
79:e8:cb:f2:e7:97:6c:16:0b:90:1c:4c:f2:2d:d5:ec:8a:ac:
53:48:f9:02:ff:6a:d6:db:bf:5d:8b:12:7c:32:84:0d:61:0e:
94:aa:81:e9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsCjRrp+G0udEzBYzci9HRwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA2MDExNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTFiZTVhYTBiOTZlMTJkMTQ5MTk5ODNiYmQ2YjMzMGQwMDkxZTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgEHItJSG0UWlUtZ2f/roG5O3OHrn
ztzwfO7Tm/eN6AP8lPEAiIO8w2Zm5tjjT7f+nj7S2QdZd6OC+nhHN5am3Fo+weuA
9R+wvH0+VNCQzPd4IvSdNy0E6tAkcsZ3agERUO2LhYz0dp5k8XE2xEaDuf4iM90i
XtwpSMRy2ripWDz3rGSpcFPwl0fzBhHlIOAw/7VI5cZXdttnDBQsKpep8lRP61ED
1e1/sz0YVymOSUgAfz8EVM0VcfwQKf49HrGhZDzwiwVnocgVzhDDD57rxtUsXog+
dpUs/s979w1X9VH+9AVccAPpSExtAbedgtkeOMborcS1uuZuvyCWGDJOAwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLEb5aoLluEtFJGZg7vWszDQCR5wMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvc1J2bHFndVc0UzBVa1ptRHU5YXpNTkFKSG5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA9jENDENI1iwspuEQeG
mBUEwN2X881XEV93Ywhs6z1bVXIsUjXEsAFapNtehiI0ojmjKecsZrtuX1X2otJL
LmZf7cPRCPj6JXjJXKpMDe+iHoewEODMQqHofzEG1VL29HF0NSeFd7ikPScM/mFc
J5YgqrfpZqDfGbK9+85Y55EEAv/j59AyXhQzUBQyvo4J303F7x/cYKL3SHi/cRQF
A1suKdqh8k0Zh/UlUUtULsrH6k7lsiboNAgZNbhnmdv7uFaW0w9W8cQwRyUM7m4o
4u6+BAs8PWmaGHnoy/Lnl2wWC5AcTPIt1eyKrFNI+QL/atbbv12LEnwyhA1hDpSq
gek=
-----END CERTIFICATE-----
Generated at Sat Apr 19 06:03:21 2025 by rpki-client