Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/uGqmwLwHAnhRen8noiA-__AZazQ.roa
File: uGqmwLwHAnhRen8noiA-__AZazQ.roa (raw, json)
Hash identifier: K6QY269GplmI5NRu27vKFmkSofOrz0BpnDpiZkfBdhU=
Subject key identifier: B8:6A:A6:C0:BC:07:02:78:51:7A:7F:27:A2:20:3E:FF:F0:19:6B:34
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ACD57C9ED46CEBF26B9452B97DF806BFE
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/uGqmwLwHAnhRen8noiA-__AZazQ.roa
Signing time: Mon 25 Sep 2023 17:16:37 +0000
ROA not before: Mon 25 Sep 2023 17:16:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cd:57:c9:ed:46:ce:bf:26:b9:45:2b:97:df:80:6b:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 25 17:16:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b86aa6c0bc070278517a7f27a2203efff0196b34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f7:52:78:7e:9f:5f:8a:65:d7:4c:55:84:22:
1d:1c:1d:7c:3d:63:e0:3f:86:2d:64:8d:30:6f:e2:
cb:3d:7b:e9:20:dc:83:23:91:b8:82:7f:7b:90:dd:
a9:47:6f:80:ce:50:ca:48:e0:85:72:8d:bc:87:8c:
28:4d:53:37:08:5d:d8:ac:42:6d:7e:36:19:b3:84:
59:2b:01:5b:23:f2:1e:f4:4f:b3:ba:78:14:81:c7:
01:e1:27:be:78:8a:cc:db:51:2b:dc:f6:c9:f2:11:
82:66:f5:41:12:ab:6b:00:70:12:76:ea:5b:2f:a8:
7c:05:21:66:82:1a:17:bb:4e:c9:c0:dd:45:4c:1b:
0b:77:da:bd:e7:99:82:61:37:14:b6:10:5e:13:67:
04:20:5a:cc:b8:10:d0:f1:d5:dc:05:48:91:91:1b:
d6:88:30:2b:13:8c:0d:c0:61:c6:86:c0:9b:4e:b5:
df:17:96:99:17:33:f3:4d:8c:68:40:c3:7d:84:b5:
df:51:b6:7d:9d:fe:43:da:0e:fd:a8:b0:cd:cf:6f:
1e:88:3e:a7:7d:2d:28:94:f3:6e:fa:38:bf:ea:95:
0d:c7:a2:1f:3d:3c:e3:3c:8d:f4:f3:45:ff:eb:c6:
7e:5c:0d:8f:9e:77:44:82:1f:1e:1f:ab:d4:4c:15:
c4:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:6A:A6:C0:BC:07:02:78:51:7A:7F:27:A2:20:3E:FF:F0:19:6B:34
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/uGqmwLwHAnhRen8noiA-__AZazQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5c:ac:9b:fe:1c:3b:8a:eb:b4:e8:5c:ea:bc:09:be:8c:48:f6:
22:c5:05:b6:98:e3:c8:f9:db:41:af:de:ed:52:5d:ca:0d:7d:
af:08:ae:fd:ef:55:79:3b:e9:37:08:4e:07:ff:19:19:30:7d:
84:be:f8:8a:df:94:b0:02:77:5b:cd:db:d6:29:22:7f:11:e6:
ef:e8:7f:30:3d:8a:25:f6:c1:f9:9e:6e:af:53:2c:8a:41:7b:
13:b7:95:af:de:47:06:82:d4:24:35:cd:25:7c:61:e4:7b:5d:
ff:8d:a5:73:d1:8c:08:9a:97:55:96:7f:6e:c0:a3:96:84:c5:
b5:80:df:92:a9:d9:fd:72:83:16:1c:cd:a4:38:6b:b5:bb:a7:
af:a1:c7:74:66:2b:d9:16:e0:3e:51:f9:ab:da:8f:1e:d5:9b:
9e:18:6e:4f:ca:ce:89:e6:bd:42:7e:76:f1:b6:1d:40:bb:40:
44:c8:7e:c5:a3:5d:b1:05:8e:79:74:a1:2a:d5:00:cc:a6:07:
25:52:46:3b:80:5d:f6:c2:44:6b:68:11:38:45:e1:b9:77:56:
95:a6:54:4b:f4:81:b3:f8:23:45:6a:e0:6a:e0:2a:3b:70:16:
d0:2f:98:38:4a:f9:18:27:34:44:15:d5:5e:e6:f5:89:60:95:
b8:61:6a:25
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrNV8ntRs6/JrlFK5ffgGv+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI1MTcxNjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODZhYTZjMGJjMDcwMjc4NTE3YTdmMjdhMjIwM2VmZmYwMTk2YjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/dSeH6fX4pl10xVhCIdHB18PWPg
P4YtZI0wb+LLPXvpINyDI5G4gn97kN2pR2+AzlDKSOCFco28h4woTVM3CF3YrEJt
fjYZs4RZKwFbI/Ie9E+zungUgccB4Se+eIrM21Er3PbJ8hGCZvVBEqtrAHASdupb
L6h8BSFmghoXu07JwN1FTBsLd9q955mCYTcUthBeE2cEIFrMuBDQ8dXcBUiRkRvW
iDArE4wNwGHGhsCbTrXfF5aZFzPzTYxoQMN9hLXfUbZ9nf5D2g79qLDNz28eiD6n
fS0olPNu+ji/6pUNx6IfPTzjPI3080X/68Z+XA2PnndEgh8eH6vUTBXE1wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLhqpsC8BwJ4UXp/J6IgPv/wGWs0MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdUdxbXdMd0hBbmhSZW44bm9pQS1fX0FaYXpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFysm/4cO4rrtOhc6rwJ
voxI9iLFBbaY48j520Gv3u1SXcoNfa8Irv3vVXk76TcITgf/GRkwfYS++IrflLAC
d1vN29YpIn8R5u/ofzA9iiX2wfmebq9TLIpBexO3la/eRwaC1CQ1zSV8YeR7Xf+N
pXPRjAial1WWf27Ao5aExbWA35Kp2f1ygxYczaQ4a7W7p6+hx3RmK9kW4D5R+ava
jx7Vm54Ybk/KzonmvUJ+dvG2HUC7QETIfsWjXbEFjnl0oSrVAMymByVSRjuAXfbC
RGtoEThF4bl3VpWmVEv0gbP4I0Vq4GrgKjtwFtAvmDhK+RgnNEQV1V7m9Ylglbhh
aiU=
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:35:52 2025 by rpki-client