Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/uR32l-DlUlJi5Gx6QfTPHu8nCPE.roa
File: uR32l-DlUlJi5Gx6QfTPHu8nCPE.roa (raw, json)
Hash identifier: hZSDXGph3Hmj1ByXIdPtobzIIcEuC00FXtvbW2Auy1s=
Subject key identifier: B9:1D:F6:97:E0:E5:52:52:62:E4:6C:7A:41:F4:CF:1E:EF:27:08:F1
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B16492AF1D1AF3511B84286F9EC2B6DB5
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/uR32l-DlUlJi5Gx6QfTPHu8nCPE.roa
Signing time: Mon 09 Oct 2023 21:12:55 +0000
ROA not before: Mon 09 Oct 2023 21:12:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:16:49:2a:f1:d1:af:35:11:b8:42:86:f9:ec:2b:6d:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 9 21:12:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b91df697e0e5525262e46c7a41f4cf1eef2708f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:f1:7e:ed:70:7b:f2:6f:f1:d0:61:4f:e5:21:
4c:fa:4f:3e:fa:28:9a:47:dc:30:ae:72:8d:e7:e1:
b4:ff:32:f8:64:57:7a:89:c1:cc:77:f9:b7:25:36:
09:fc:ef:1d:9c:da:12:79:66:58:13:30:66:2c:a0:
e6:d3:c4:78:73:a9:d9:66:76:d5:b3:ae:7e:cc:23:
cc:5c:08:be:b0:34:f9:19:19:d0:af:47:bf:e5:c9:
4a:07:41:a6:b4:af:6b:4d:f3:29:1a:7f:5a:03:18:
51:4a:84:f5:1e:04:7b:34:a6:36:74:47:77:b3:29:
b3:64:5c:18:b5:8f:60:2d:35:a0:c8:d6:6b:91:15:
9b:46:67:b2:73:f7:a8:a5:aa:48:d8:74:ab:c5:10:
e6:ff:15:1d:e6:85:03:87:96:d9:da:82:74:45:dd:
27:11:83:e6:c0:23:ba:2e:f7:90:59:84:aa:56:1c:
00:c9:9e:66:8c:ec:36:78:3a:2e:14:00:8a:ee:24:
c7:e1:10:22:52:d0:23:94:ed:43:fb:ce:e2:f1:af:
cf:a1:b8:aa:76:39:76:f6:83:59:36:86:12:db:46:
2c:4b:4c:3f:7a:27:a6:ba:4b:06:a3:ac:bb:0e:0f:
a3:43:55:5c:66:db:1b:77:31:26:82:e5:03:4b:ee:
dd:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:1D:F6:97:E0:E5:52:52:62:E4:6C:7A:41:F4:CF:1E:EF:27:08:F1
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/uR32l-DlUlJi5Gx6QfTPHu8nCPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
bd:5f:f4:fc:64:d4:0d:1d:71:01:55:b4:d6:e9:5a:42:ff:36:
7e:17:1a:6e:87:95:03:9f:6c:7a:04:10:88:28:c4:c5:36:d6:
76:a3:be:4f:af:f8:cd:af:22:48:9d:d6:d2:a1:3e:f9:58:b3:
57:87:c5:52:c2:44:09:18:89:81:85:33:42:0f:bb:7b:e6:4e:
8a:a9:9f:36:ff:3c:11:cc:b3:5f:98:b0:80:73:2a:4c:c7:7f:
0f:6e:88:87:c4:e4:e4:ac:37:0f:ed:ec:bd:36:cd:50:cf:85:
fe:0f:be:48:ea:82:dd:70:64:d4:76:c9:1f:99:b5:01:b0:e2:
13:f3:67:bb:b9:30:77:26:1d:1f:32:d8:8e:14:2f:ef:de:e1:
62:7b:ca:13:91:cf:00:71:98:9a:42:88:19:f8:cf:66:b3:3b:
26:26:c0:40:4a:eb:85:5b:5f:27:02:4d:2d:63:31:8c:be:a6:
78:e2:f4:fd:3b:ac:ba:df:82:55:50:d5:16:9a:f9:27:b8:13:
30:3e:31:2f:36:9c:ef:0b:4e:92:c2:b2:b9:8f:ca:3e:49:e6:
ef:59:65:9f:87:16:ba:ad:8f:df:d9:8d:7e:06:0a:9a:16:c4:
26:fe:e2:86:30:b7:5a:5a:e1:e7:19:69:0a:be:21:ba:a1:ae:
d4:87:0a:b7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsWSSrx0a81EbhChvnsK221MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA5MjExMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTFkZjY5N2UwZTU1MjUyNjJlNDZjN2E0MWY0Y2YxZWVmMjcwOGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7PF+7XB78m/x0GFP5SFM+k8++iia
R9wwrnKN5+G0/zL4ZFd6icHMd/m3JTYJ/O8dnNoSeWZYEzBmLKDm08R4c6nZZnbV
s65+zCPMXAi+sDT5GRnQr0e/5clKB0GmtK9rTfMpGn9aAxhRSoT1HgR7NKY2dEd3
symzZFwYtY9gLTWgyNZrkRWbRmeyc/eopapI2HSrxRDm/xUd5oUDh5bZ2oJ0Rd0n
EYPmwCO6LveQWYSqVhwAyZ5mjOw2eDouFACK7iTH4RAiUtAjlO1D+87i8a/Pobiq
djl29oNZNoYS20YsS0w/eiemuksGo6y7Dg+jQ1VcZtsbdzEmguUDS+7daQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLkd9pfg5VJSYuRsekH0zx7vJwjxMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdVIzMmwtRGxVbEppNUd4NlFmVFBIdThuQ1BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAL1f9Pxk1A0dcQFVtNbp
WkL/Nn4XGm6HlQOfbHoEEIgoxMU21najvk+v+M2vIkid1tKhPvlYs1eHxVLCRAkY
iYGFM0IPu3vmToqpnzb/PBHMs1+YsIBzKkzHfw9uiIfE5OSsNw/t7L02zVDPhf4P
vkjqgt1wZNR2yR+ZtQGw4hPzZ7u5MHcmHR8y2I4UL+/e4WJ7yhORzwBxmJpCiBn4
z2azOyYmwEBK64VbXycCTS1jMYy+pnji9P07rLrfglVQ1Raa+Se4EzA+MS82nO8L
TpLCsrmPyj5J5u9ZZZ+HFrqtj9/ZjX4GCpoWxCb+4oYwt1pa4ecZaQq+IbqhrtSH
Crc=
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:07:22 2025 by rpki-client