Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/sceiLzCnwbCwMq9mucSQM5se-O0.roa
File: sceiLzCnwbCwMq9mucSQM5se-O0.roa (raw, json)
Hash identifier: qvGoxXLhKQ5KInZsABMZB6O9l5IBpvYy+rkQ5FJ3H7E=
Subject key identifier: B1:C7:A2:2F:30:A7:C1:B0:B0:32:AF:66:B9:C4:90:33:9B:1E:F8:ED
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C5A152C810D4F81470E6F8F56C325D5AE
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/sceiLzCnwbCwMq9mucSQM5se-O0.roa
Signing time: Mon 11 Dec 2023 18:13:06 +0000
ROA not before: Mon 11 Dec 2023 18:13:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5a:15:2c:81:0d:4f:81:47:0e:6f:8f:56:c3:25:d5:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 11 18:13:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1c7a22f30a7c1b0b032af66b9c490339b1ef8ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:98:81:40:39:3b:f2:c5:5a:b5:8d:7e:0c:14:
bf:64:5f:f9:59:1c:1d:cd:de:fc:0e:52:97:42:c7:
a1:16:d3:79:89:b3:16:84:67:26:e0:0c:6b:81:cc:
47:24:2e:7d:b4:44:e2:4f:57:c1:6e:b9:76:ca:72:
a0:7b:29:61:d9:1b:13:53:b9:a8:f8:49:da:5f:63:
8b:4e:87:a6:b1:ea:32:01:60:c9:27:48:cf:2c:dd:
ca:a3:e7:48:e6:ac:43:cc:0d:1c:8e:02:d4:80:49:
4c:61:fe:f2:a4:ac:11:6d:f3:5a:29:d7:6f:12:3e:
03:9f:08:96:83:1a:32:ce:ef:ed:42:73:ab:98:11:
59:a0:98:dd:ad:91:18:a7:b0:38:06:ae:34:e8:57:
a1:a8:7b:33:89:bb:c6:f4:67:ba:38:4a:df:d6:3b:
a3:bf:fe:62:bd:b5:b5:8e:b8:b3:80:f6:47:88:5c:
2e:98:5f:97:b5:cb:85:32:4b:7c:5a:6f:81:7d:2b:
f2:d3:c5:e1:73:16:ea:b3:27:53:84:f5:8a:5b:75:
2f:86:ec:0f:fe:6b:b0:83:ba:1b:80:c3:cc:fb:29:
2e:87:6c:5f:98:ea:1f:9b:08:10:d8:18:59:1f:4b:
58:b9:f4:fb:c6:89:62:18:5c:39:13:11:15:fd:17:
2d:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:C7:A2:2F:30:A7:C1:B0:B0:32:AF:66:B9:C4:90:33:9B:1E:F8:ED
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/sceiLzCnwbCwMq9mucSQM5se-O0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0d:64:cf:d4:21:f2:9a:ff:cc:c3:6b:00:1c:fb:31:e0:fa:79:
3d:ce:34:9c:21:7a:ec:bd:ff:4e:55:c1:74:cf:74:5e:66:89:
90:ae:64:0d:3d:ca:61:7e:e5:8a:f2:2a:42:9e:04:36:7a:a7:
83:6b:1f:b6:c1:3e:e8:1b:0a:71:81:a3:94:c7:56:1e:8f:3b:
d6:18:3e:29:55:25:a2:f2:a9:e4:5d:61:86:df:57:a7:03:49:
e2:57:bf:56:02:2e:d9:f3:07:2d:eb:03:ed:6a:66:a2:7a:00:
e3:9f:73:7e:b5:0e:16:62:85:57:d0:0c:f4:69:51:91:18:27:
3e:6a:87:a6:c5:f4:22:1e:ff:3d:f1:02:17:9a:dc:77:d9:4b:
01:93:4c:3f:8d:e6:63:06:b2:6e:e6:46:06:4d:5c:f7:8a:ec:
84:fd:e1:0f:7d:62:19:25:aa:d1:d7:7b:cb:a0:a0:5a:dc:f0:
9c:6c:3d:d6:f8:03:d6:e5:2e:01:8d:13:4a:e8:78:34:74:fe:
a9:56:bc:31:12:6d:5a:ff:b0:09:da:a0:e9:57:53:6f:95:0b:
50:2c:35:09:34:8b:3c:12:d2:3a:4f:6e:e4:dc:47:57:df:2b:
20:d1:50:ee:c1:30:11:b3:08:f0:c0:a2:16:47:18:ca:86:93:
23:ea:5e:8c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxaFSyBDU+BRw5vj1bDJdWuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjExMTgxMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWM3YTIyZjMwYTdjMWIwYjAzMmFmNjZiOWM0OTAzMzliMWVmOGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5iBQDk78sVatY1+DBS/ZF/5WRwd
zd78DlKXQsehFtN5ibMWhGcm4AxrgcxHJC59tETiT1fBbrl2ynKgeylh2RsTU7mo
+EnaX2OLToemseoyAWDJJ0jPLN3Ko+dI5qxDzA0cjgLUgElMYf7ypKwRbfNaKddv
Ej4DnwiWgxoyzu/tQnOrmBFZoJjdrZEYp7A4Bq406FehqHszibvG9Ge6OErf1juj
v/5ivbW1jrizgPZHiFwumF+XtcuFMkt8Wm+BfSvy08XhcxbqsydThPWKW3UvhuwP
/muwg7obgMPM+ykuh2xfmOofmwgQ2BhZH0tYufT7xoliGFw5ExEV/RctkwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLHHoi8wp8GwsDKvZrnEkDObHvjtMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvc2NlaUx6Q253YkN3TXE5bXVjU1FNNXNlLU8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA1kz9Qh8pr/zMNrABz7
MeD6eT3ONJwheuy9/05VwXTPdF5miZCuZA09ymF+5YryKkKeBDZ6p4NrH7bBPugb
CnGBo5THVh6PO9YYPilVJaLyqeRdYYbfV6cDSeJXv1YCLtnzBy3rA+1qZqJ6AOOf
c361DhZihVfQDPRpUZEYJz5qh6bF9CIe/z3xAhea3HfZSwGTTD+N5mMGsm7mRgZN
XPeK7IT94Q99YhklqtHXe8ugoFrc8JxsPdb4A9blLgGNE0roeDR0/qlWvDESbVr/
sAnaoOlXU2+VC1AsNQk0izwS0jpPbuTcR1ffKyDRUO7BMBGzCPDAohZHGMqGkyPq
Xow=
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:16:46 2025 by rpki-client