Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/spmgTPkKxZa5ttud_XXDHEeZYRk.roa
File: spmgTPkKxZa5ttud_XXDHEeZYRk.roa (raw, json)
Hash identifier: 3WF9AVh3iWbpqrkuspNQ+zGU1GI1z+lMr2MKU8dylCk=
Subject key identifier: B2:99:A0:4C:F9:0A:C5:96:B9:B6:DB:9D:FD:75:C3:1C:47:99:61:19
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C733201764ED23C6849142932B3191F38
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/spmgTPkKxZa5ttud_XXDHEeZYRk.roa
Signing time: Sat 16 Dec 2023 15:15:06 +0000
ROA not before: Sat 16 Dec 2023 15:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:73:32:01:76:4e:d2:3c:68:49:14:29:32:b3:19:1f:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 16 15:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b299a04cf90ac596b9b6db9dfd75c31c47996119
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:de:f6:56:da:c0:8e:bb:af:c5:ee:8c:06:81:
3d:60:ff:e7:10:2b:c1:cf:14:ea:f9:94:a2:6a:8a:
d8:e9:00:e4:2e:d6:64:ec:d4:0f:19:c0:9c:b6:6a:
21:b4:8b:60:8c:09:22:a6:6d:13:4b:f2:06:61:c8:
91:02:4a:f3:22:ca:cb:8c:c5:f8:00:67:73:89:91:
09:81:70:cd:3e:14:57:cd:e8:08:d1:81:df:a7:aa:
14:53:97:33:9f:d6:9d:31:15:73:46:2a:10:2c:cd:
5d:fd:0d:a7:8f:4f:14:9a:60:a2:47:75:e9:6d:ae:
12:70:54:e4:50:bc:90:5b:70:e7:9d:0e:a7:6a:9e:
02:13:29:52:39:e1:fa:d3:a1:00:b3:21:b4:bb:4d:
bb:4f:a4:13:3d:48:23:45:93:75:b6:b1:69:af:c5:
b3:21:9d:96:db:ea:d6:7b:2b:cd:13:58:b5:a4:7a:
45:8a:11:b9:9e:29:18:43:88:77:ff:f4:50:10:49:
85:dc:06:2b:90:db:16:68:fd:8e:43:8a:32:64:3e:
7c:97:58:28:d4:2a:b0:dc:27:1b:38:c7:c7:52:72:
51:55:e7:0f:f5:ef:c3:18:14:e6:b0:15:ba:6e:36:
85:e2:b8:f8:c2:d3:50:aa:4b:b1:76:b0:ca:02:5d:
a0:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:99:A0:4C:F9:0A:C5:96:B9:B6:DB:9D:FD:75:C3:1C:47:99:61:19
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/spmgTPkKxZa5ttud_XXDHEeZYRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6b:70:fe:2c:b3:74:8f:68:2c:16:71:8a:17:89:f9:40:f5:b9:
8b:6c:f5:d3:2b:e8:94:87:84:9f:8b:15:63:5d:c9:0f:a2:7e:
22:40:9a:2c:d9:08:df:ae:01:16:56:7f:b6:cf:db:55:96:9a:
aa:e6:f0:e9:65:06:3f:f1:3f:07:35:83:33:49:0f:88:bb:e5:
48:c3:09:3e:9c:36:43:a1:72:a5:f6:c9:86:2b:db:ea:97:ea:
8b:63:d1:79:09:37:53:be:a1:ad:05:6d:56:fb:43:0a:85:a3:
01:1b:94:bc:68:ad:95:cd:fb:2a:11:c6:50:33:a7:48:4d:07:
8d:1f:73:f3:e0:34:94:fd:77:2b:56:18:2a:66:43:58:c4:e8:
89:29:1b:ab:93:50:4f:91:cf:64:34:d3:69:c5:d2:20:3a:09:
10:b0:18:10:05:d1:0f:9d:08:11:4a:92:66:cf:b4:bc:92:a9:
11:f7:15:6e:42:5c:a3:e6:6f:43:f8:3a:9c:56:87:7b:b0:3d:
7d:d3:7b:04:6b:bf:63:55:b8:fd:4e:8d:92:0a:be:c6:47:44:
d6:0b:f6:91:b9:67:05:7c:5c:48:69:80:2d:d1:f9:a7:f9:7c:
7d:8f:b2:83:d6:1e:a8:01:d4:31:63:64:7a:c0:25:63:58:ba:
7e:df:b8:7f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxzMgF2TtI8aEkUKTKzGR84MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE2MTUxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjk5YTA0Y2Y5MGFjNTk2YjliNmRiOWRmZDc1YzMxYzQ3OTk2MTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjt72VtrAjruvxe6MBoE9YP/nECvB
zxTq+ZSiaorY6QDkLtZk7NQPGcCctmohtItgjAkipm0TS/IGYciRAkrzIsrLjMX4
AGdziZEJgXDNPhRXzegI0YHfp6oUU5czn9adMRVzRioQLM1d/Q2nj08UmmCiR3Xp
ba4ScFTkULyQW3DnnQ6nap4CEylSOeH606EAsyG0u027T6QTPUgjRZN1trFpr8Wz
IZ2W2+rWeyvNE1i1pHpFihG5nikYQ4h3//RQEEmF3AYrkNsWaP2OQ4oyZD58l1go
1Cqw3CcbOMfHUnJRVecP9e/DGBTmsBW6bjaF4rj4wtNQqkuxdrDKAl2g3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLKZoEz5CsWWubbbnf11wxxHmWEZMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvc3BtZ1RQa0t4WmE1dHR1ZF9YWERIRWVaWVJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGtw/iyzdI9oLBZxiheJ
+UD1uYts9dMr6JSHhJ+LFWNdyQ+ifiJAmizZCN+uARZWf7bP21WWmqrm8OllBj/x
Pwc1gzNJD4i75UjDCT6cNkOhcqX2yYYr2+qX6otj0XkJN1O+oa0FbVb7QwqFowEb
lLxorZXN+yoRxlAzp0hNB40fc/PgNJT9dytWGCpmQ1jE6IkpG6uTUE+Rz2Q002nF
0iA6CRCwGBAF0Q+dCBFKkmbPtLySqRH3FW5CXKPmb0P4OpxWh3uwPX3TewRrv2NV
uP1OjZIKvsZHRNYL9pG5ZwV8XEhpgC3R+af5fH2PsoPWHqgB1DFjZHrAJWNYun7f
uH8=
-----END CERTIFICATE-----
Generated at Sat Apr 19 05:53:39 2025 by rpki-client