Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/utzPbH1nVL0lUaFQSRe-hmwc5Cs.roa
File: utzPbH1nVL0lUaFQSRe-hmwc5Cs.roa (raw, json)
Hash identifier: SU6CdrXXdVLqyLCHsqZCCQGiKqVhMdF9+JXJizupaRM=
Subject key identifier: BA:DC:CF:6C:7D:67:54:BD:25:51:A1:50:49:17:BE:86:6C:1C:E4:2B
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AE78137BEEC26281C8D2E8744BC87937F
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/utzPbH1nVL0lUaFQSRe-hmwc5Cs.roa
Signing time: Sat 30 Sep 2023 19:11:59 +0000
ROA not before: Sat 30 Sep 2023 19:11:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e7:81:37:be:ec:26:28:1c:8d:2e:87:44:bc:87:93:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 30 19:11:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=badccf6c7d6754bd2551a1504917be866c1ce42b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:22:b2:58:f2:33:85:66:0e:e2:28:aa:1a:c7:
0d:51:0d:02:b3:af:07:95:18:5a:7c:44:3f:88:d1:
2d:59:6d:83:8a:a8:b9:b6:ae:2f:62:22:51:5d:b2:
a8:fc:6e:03:d9:21:ee:fb:41:46:86:6b:c3:af:58:
59:d7:d1:69:cb:5f:17:e7:d8:d0:d6:19:18:8c:b0:
24:ce:72:ee:c0:d1:5f:68:ed:c9:28:a4:5e:26:0c:
e5:c4:05:ed:a3:6f:6a:0c:28:98:df:7e:95:cd:15:
a7:8e:85:2d:f3:93:3c:76:5c:5b:59:1b:c7:cf:0f:
74:c0:0f:94:cf:f8:2a:e7:9b:83:ea:33:d0:7c:02:
ce:7a:15:1a:36:2c:c6:f0:50:0b:fb:b5:61:16:51:
c6:55:ba:79:25:98:c7:ae:41:36:01:f0:21:23:e7:
d0:6f:5f:df:3d:84:9c:46:81:95:00:53:72:12:b8:
35:5c:5c:fd:7b:b4:86:fc:f3:0a:7f:7e:07:5c:33:
38:ac:a9:bb:78:25:4f:04:2f:36:de:ce:6e:5c:08:
11:36:81:56:73:69:c0:77:f3:60:25:2b:c7:77:36:
44:78:0d:46:36:3d:69:78:0f:27:24:8a:da:c6:83:
cd:8e:6f:08:80:01:ea:ed:d2:a3:20:cb:c7:e8:c1:
93:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:DC:CF:6C:7D:67:54:BD:25:51:A1:50:49:17:BE:86:6C:1C:E4:2B
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/utzPbH1nVL0lUaFQSRe-hmwc5Cs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7f:ee:59:8b:69:bb:0b:91:d5:a0:39:17:4f:f0:27:01:04:3c:
7d:71:b2:5d:75:7a:81:82:5e:c1:47:91:d3:be:59:d7:bb:e5:
1d:61:99:a2:85:ef:e4:10:fd:85:06:ea:f4:f8:6c:dd:f8:dd:
ce:d8:a1:26:40:1b:de:1e:01:61:bc:91:4f:8b:e8:69:30:fc:
91:de:44:66:8a:a1:ad:13:5f:e4:87:b7:94:92:90:de:18:dc:
10:a2:24:24:39:e9:d1:29:89:45:30:35:4b:df:3a:d8:f4:da:
4f:d2:73:c2:d0:92:d4:64:8f:09:02:31:8d:7b:2e:25:8f:8f:
c7:f8:39:d4:bb:b2:cd:1b:ff:3c:13:07:87:55:ca:ed:53:ea:
12:c5:09:35:88:01:41:d6:e8:05:3e:ae:73:a6:3d:16:89:58:
58:95:b9:98:40:bf:9d:c1:05:6b:71:65:83:0a:18:92:49:f7:
f2:17:92:13:c2:13:55:9a:06:85:ce:90:88:1e:99:1e:c5:e5:
41:48:db:f6:fd:59:b0:3e:e7:34:c5:59:b2:c7:0d:53:26:d8:
01:80:e9:2a:c5:5b:04:02:44:69:53:6d:21:4e:5b:b6:3c:fd:
41:d4:a7:52:a1:e8:35:66:80:20:81:89:ad:c5:70:2e:f2:15:
16:ce:13:45
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrngTe+7CYoHI0uh0S8h5N/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTMwMTkxMTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWRjY2Y2YzdkNjc1NGJkMjU1MWExNTA0OTE3YmU4NjZjMWNlNDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyKyWPIzhWYO4iiqGscNUQ0Cs68H
lRhafEQ/iNEtWW2Diqi5tq4vYiJRXbKo/G4D2SHu+0FGhmvDr1hZ19Fpy18X59jQ
1hkYjLAkznLuwNFfaO3JKKReJgzlxAXto29qDCiY336VzRWnjoUt85M8dlxbWRvH
zw90wA+Uz/gq55uD6jPQfALOehUaNizG8FAL+7VhFlHGVbp5JZjHrkE2AfAhI+fQ
b1/fPYScRoGVAFNyErg1XFz9e7SG/PMKf34HXDM4rKm7eCVPBC823s5uXAgRNoFW
c2nAd/NgJSvHdzZEeA1GNj1peA8nJIraxoPNjm8IgAHq7dKjIMvH6MGTbQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLrcz2x9Z1S9JVGhUEkXvoZsHOQrMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdXR6UGJIMW5WTDBsVWFGUVNSZS1obXdjNUNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH/uWYtpuwuR1aA5F0/w
JwEEPH1xsl11eoGCXsFHkdO+Wde75R1hmaKF7+QQ/YUG6vT4bN343c7YoSZAG94e
AWG8kU+L6Gkw/JHeRGaKoa0TX+SHt5SSkN4Y3BCiJCQ56dEpiUUwNUvfOtj02k/S
c8LQktRkjwkCMY17LiWPj8f4OdS7ss0b/zwTB4dVyu1T6hLFCTWIAUHW6AU+rnOm
PRaJWFiVuZhAv53BBWtxZYMKGJJJ9/IXkhPCE1WaBoXOkIgemR7F5UFI2/b9WbA+
5zTFWbLHDVMm2AGA6SrFWwQCRGlTbSFOW7Y8/UHUp1Kh6DVmgCCBia3FcC7yFRbO
E0U=
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:30:33 2025 by rpki-client