Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/uYavN7pGxmOI-wpmlDPnZuhyUzo.roa
File: uYavN7pGxmOI-wpmlDPnZuhyUzo.roa (raw, json)
Hash identifier: lwz/4Cm3uYwQg60y9UvG0m0SQn+KexHRhLTvrS/5PgQ=
Subject key identifier: B9:86:AF:37:BA:46:C6:63:88:FB:0A:66:94:33:E7:66:E8:72:53:3A
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C1349440722A6782E02B9902952576BE3
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/uYavN7pGxmOI-wpmlDPnZuhyUzo.roa
Signing time: Tue 28 Nov 2023 00:16:57 +0000
ROA not before: Tue 28 Nov 2023 00:16:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:13:49:44:07:22:a6:78:2e:02:b9:90:29:52:57:6b:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 28 00:16:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b986af37ba46c66388fb0a669433e766e872533a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:21:33:b5:5c:ad:44:9a:2a:fb:63:94:de:fb:
d0:90:5f:bb:a4:8b:48:cd:95:34:f2:35:aa:b7:af:
ad:f4:3e:fa:ff:c7:35:9c:2c:8b:c8:1d:d5:1b:c9:
02:59:4d:bc:65:05:a5:ff:83:d7:92:35:f7:84:cf:
60:3a:63:14:d4:f0:84:c8:2a:e3:11:5f:dc:ff:2f:
17:a1:ed:ff:e8:d4:01:91:fe:95:bd:b2:99:40:1e:
88:67:2c:4f:cb:26:40:ff:37:ad:fb:61:7e:b3:d0:
4b:af:82:8a:2c:88:a6:46:dd:a2:1b:bb:c0:87:ba:
f2:05:77:6d:d2:04:8b:ea:3d:f7:df:39:0c:ee:ac:
16:3b:d6:bd:f0:ba:a0:6c:0a:bc:2b:6a:c8:19:da:
a5:86:d5:c6:18:db:4c:c7:3b:15:fa:06:5f:f7:17:
13:5b:ce:31:92:87:48:09:96:23:0e:53:30:1b:95:
86:7a:98:5d:2e:ca:ee:83:61:e2:01:98:05:14:bd:
6d:e5:18:32:b3:37:d7:b7:98:43:e3:c0:66:bc:73:
a6:f9:51:9e:c9:a5:c0:48:e2:ad:a4:36:55:92:4f:
7a:dd:11:fc:f0:7c:c1:de:35:73:38:30:37:be:70:
2a:d4:1a:24:97:81:03:11:fb:42:b6:93:75:ac:9b:
21:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:86:AF:37:BA:46:C6:63:88:FB:0A:66:94:33:E7:66:E8:72:53:3A
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/uYavN7pGxmOI-wpmlDPnZuhyUzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
36:a2:1a:11:e1:70:27:eb:c7:ef:d7:2a:3d:cc:63:27:3f:e0:
1f:ac:eb:1e:04:3b:6d:08:c1:8b:3a:94:09:13:f8:3a:4b:22:
83:d1:4f:b6:4d:53:02:20:61:96:e3:ec:f9:9b:a6:73:8c:01:
e0:ff:e2:a2:8b:89:8c:05:49:b3:33:ee:a2:5b:10:0a:4f:13:
91:42:8a:6d:a9:e2:fc:1c:cf:7d:84:61:03:b0:d7:71:3c:98:
b0:4a:ca:34:ee:fa:25:6f:0c:4c:45:84:38:b3:dc:9b:5e:45:
86:29:83:41:e1:2f:da:05:55:85:f5:c1:c2:b5:a5:ca:15:87:
da:23:90:2e:a9:8f:b9:45:50:97:35:4e:44:f9:3d:b9:9b:93:
bd:32:ad:c7:7f:b0:f6:d2:31:41:4e:5a:a7:7b:33:51:f6:25:
fb:7b:31:9f:ea:ba:b1:bc:36:ee:1d:4a:d4:58:8b:59:c8:c3:
34:68:1d:4c:78:01:4a:d7:fc:00:52:1a:06:cd:be:1f:ec:bc:
2f:2e:39:5d:87:99:0e:d4:5a:e9:18:6c:c9:b8:96:84:ae:ea:
2e:a7:4b:77:eb:db:52:e6:6d:bc:44:ba:86:62:da:82:0e:55:
f3:c7:b8:f8:fa:7d:31:8f:da:aa:14:03:b8:a9:e3:f0:64:dd:
bb:ca:2c:13
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwTSUQHIqZ4LgK5kClSV2vjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI4MDAxNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTg2YWYzN2JhNDZjNjYzODhmYjBhNjY5NDMzZTc2NmU4NzI1MzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmiEztVytRJoq+2OU3vvQkF+7pItI
zZU08jWqt6+t9D76/8c1nCyLyB3VG8kCWU28ZQWl/4PXkjX3hM9gOmMU1PCEyCrj
EV/c/y8Xoe3/6NQBkf6VvbKZQB6IZyxPyyZA/zet+2F+s9BLr4KKLIimRt2iG7vA
h7ryBXdt0gSL6j333zkM7qwWO9a98LqgbAq8K2rIGdqlhtXGGNtMxzsV+gZf9xcT
W84xkodICZYjDlMwG5WGephdLsrug2HiAZgFFL1t5RgyszfXt5hD48BmvHOm+VGe
yaXASOKtpDZVkk963RH88HzB3jVzODA3vnAq1Bokl4EDEftCtpN1rJshbQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLmGrze6RsZjiPsKZpQz52boclM6MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdVlhdk43cEd4bU9JLXdwbWxEUG5adWh5VXpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADaiGhHhcCfrx+/XKj3M
Yyc/4B+s6x4EO20IwYs6lAkT+DpLIoPRT7ZNUwIgYZbj7PmbpnOMAeD/4qKLiYwF
SbMz7qJbEApPE5FCim2p4vwcz32EYQOw13E8mLBKyjTu+iVvDExFhDiz3JteRYYp
g0HhL9oFVYX1wcK1pcoVh9ojkC6pj7lFUJc1TkT5Pbmbk70yrcd/sPbSMUFOWqd7
M1H2Jft7MZ/qurG8Nu4dStRYi1nIwzRoHUx4AUrX/ABSGgbNvh/svC8uOV2HmQ7U
WukYbMm4loSu6i6nS3fr21LmbbxEuoZi2oIOVfPHuPj6fTGP2qoUA7ip4/Bk3bvK
LBM=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:09:49 2025 by rpki-client