Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/uFnYDQ9z6QNkmdrlQEXyrOXG5jw.roa
File: uFnYDQ9z6QNkmdrlQEXyrOXG5jw.roa (raw, json)
Hash identifier: yM5fJeDzdA4eKpE/TqPVcoG6bIeetlywV9crETizilI=
Subject key identifier: B8:59:D8:0D:0F:73:E9:03:64:99:DA:E5:40:45:F2:AC:E5:C6:E6:3C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B770CE6D6F65E4DE5F08AB69C918B9641
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/uFnYDQ9z6QNkmdrlQEXyrOXG5jw.roa
Signing time: Sat 28 Oct 2023 16:10:15 +0000
ROA not before: Sat 28 Oct 2023 16:10:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:77:0c:e6:d6:f6:5e:4d:e5:f0:8a:b6:9c:91:8b:96:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 28 16:10:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b859d80d0f73e9036499dae54045f2ace5c6e63c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:47:f5:02:f9:0e:68:a9:9e:85:f0:48:b4:2e:
51:b0:64:32:1f:18:a8:06:32:5a:60:96:04:75:d4:
dc:00:1d:0b:d3:d6:fb:7f:81:ba:e9:e8:01:da:82:
6d:17:9a:d2:29:c3:ab:aa:ee:e7:df:32:70:fa:47:
73:29:26:44:d4:22:43:37:3f:f6:03:95:e3:4f:f1:
28:10:50:2f:8e:7b:a9:9b:5b:12:87:0d:97:4a:cb:
24:02:77:ad:ab:3c:67:54:87:03:f4:33:e2:1e:ab:
86:67:36:4d:07:91:c8:c7:24:b0:59:03:37:81:29:
61:30:b5:82:c3:7c:ae:47:15:c0:30:ec:13:a0:a5:
9d:08:99:5c:b4:26:7e:bf:e1:8d:62:d6:5f:1d:bf:
91:4e:c9:4f:4f:42:dc:2b:64:fb:80:5a:39:16:5f:
a4:3b:68:9b:da:fb:20:3f:b1:6d:8a:c6:63:eb:3a:
d6:df:37:f3:1a:e3:f7:57:29:2f:a8:92:b0:1d:7e:
05:9e:4e:7e:53:49:d8:bb:20:af:5d:f8:9e:fa:77:
70:4e:fa:a9:cb:56:39:dd:0f:3f:ff:18:21:fd:ee:
4b:a3:01:c7:42:1e:49:1a:e7:6e:b9:7c:42:f1:98:
8b:b2:4e:eb:09:f5:32:fa:cb:b0:39:0f:2b:30:be:
5c:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:59:D8:0D:0F:73:E9:03:64:99:DA:E5:40:45:F2:AC:E5:C6:E6:3C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/uFnYDQ9z6QNkmdrlQEXyrOXG5jw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0f:90:a0:6c:57:c0:3f:4b:57:d3:e7:02:3a:88:63:8d:c3:14:
e5:8f:10:ce:43:3f:dc:39:79:63:31:d6:0f:18:b8:95:d7:69:
8d:76:ee:fc:5c:c4:f1:f1:79:21:f0:20:35:76:df:de:bd:2a:
41:9f:a6:d4:62:93:27:82:bb:3d:fb:45:8d:0c:b9:25:9d:06:
ad:89:ff:a5:84:85:e2:6b:d9:f3:48:b3:60:8b:b1:5b:1f:d1:
e3:fe:ad:2c:12:59:02:9c:b1:df:d4:59:ca:1d:65:ba:0c:e3:
e4:38:c1:6e:21:9d:66:ef:d5:1d:9e:f9:30:10:c1:2b:77:42:
2f:a6:78:ea:b7:09:dc:e2:fd:34:41:81:b3:d4:dc:3a:b5:74:
5b:79:c8:96:f6:c4:f9:7b:e6:73:79:56:b4:2c:9b:96:bf:62:
cd:fb:f5:9a:ff:a3:7f:13:ed:96:9b:79:7b:b8:5d:9d:e0:3d:
60:d8:5e:f5:fe:72:76:20:63:e6:c2:30:9f:53:3a:21:f1:05:
7c:86:dc:41:01:bb:89:92:4e:a0:45:f1:74:98:dc:32:ea:4e:
d8:38:0d:35:c3:bf:8c:c4:87:39:c6:a4:20:ff:45:55:df:03:
f2:05:6d:52:a1:42:69:c0:77:c9:57:50:56:44:44:a8:35:82:
dd:2e:84:b6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYt3DObW9l5N5fCKtpyRi5ZBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI4MTYxMDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODU5ZDgwZDBmNzNlOTAzNjQ5OWRhZTU0MDQ1ZjJhY2U1YzZlNjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUf1AvkOaKmehfBItC5RsGQyHxio
BjJaYJYEddTcAB0L09b7f4G66egB2oJtF5rSKcOrqu7n3zJw+kdzKSZE1CJDNz/2
A5XjT/EoEFAvjnupm1sShw2XSsskAnetqzxnVIcD9DPiHquGZzZNB5HIxySwWQM3
gSlhMLWCw3yuRxXAMOwToKWdCJlctCZ+v+GNYtZfHb+RTslPT0LcK2T7gFo5Fl+k
O2ib2vsgP7FtisZj6zrW3zfzGuP3VykvqJKwHX4Fnk5+U0nYuyCvXfie+ndwTvqp
y1Y53Q8//xgh/e5LowHHQh5JGuduuXxC8ZiLsk7rCfUy+suwOQ8rML5cCQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLhZ2A0Pc+kDZJna5UBF8qzlxuY8MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdUZuWURROXo2UU5rbWRybFFFWHlyT1hHNWp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA+QoGxXwD9LV9PnAjqI
Y43DFOWPEM5DP9w5eWMx1g8YuJXXaY127vxcxPHxeSHwIDV23969KkGfptRikyeC
uz37RY0MuSWdBq2J/6WEheJr2fNIs2CLsVsf0eP+rSwSWQKcsd/UWcodZboM4+Q4
wW4hnWbv1R2e+TAQwSt3Qi+meOq3Cdzi/TRBgbPU3Dq1dFt5yJb2xPl75nN5VrQs
m5a/Ys379Zr/o38T7ZabeXu4XZ3gPWDYXvX+cnYgY+bCMJ9TOiHxBXyG3EEBu4mS
TqBF8XSY3DLqTtg4DTXDv4zEhznGpCD/RVXfA/IFbVKhQmnAd8lXUFZERKg1gt0u
hLY=
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:32:54 2025 by rpki-client