Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/uvhkDp4giWwfZ_2g_LMrfeWY8II.roa
File: uvhkDp4giWwfZ_2g_LMrfeWY8II.roa (raw, json)
Hash identifier: 71iLXAa5vyRhikFsCRilvRl1iJ9VVfXjUIg4em9AZiU=
Subject key identifier: BA:F8:64:0E:9E:20:89:6C:1F:67:FD:A0:FC:B3:2B:7D:E5:98:F0:82
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AFCB903F64A9F7C37CF9FE8BE9FBFF24D
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/uvhkDp4giWwfZ_2g_LMrfeWY8II.roa
Signing time: Wed 04 Oct 2023 22:04:58 +0000
ROA not before: Wed 04 Oct 2023 22:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:fcb8:4cb0/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fc:b9:03:f6:4a:9f:7c:37:cf:9f:e8:be:9f:bf:f2:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 4 22:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=baf8640e9e20896c1f67fda0fcb32b7de598f082
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:da:ce:99:d0:b3:3b:fd:93:4f:f5:7c:28:dd:
9e:38:81:fe:bb:4c:96:6e:e3:e9:1e:a6:7b:5f:6b:
30:54:fd:bb:02:cb:5c:18:53:7a:7a:2e:58:4a:f1:
e5:6c:4b:4a:0d:33:e1:52:8c:0e:6c:47:37:1c:eb:
43:67:d4:01:3b:b8:6a:d1:bf:41:5e:91:e1:5b:1e:
de:46:48:6b:a0:8b:6d:29:1b:5e:d5:34:53:1c:a6:
6d:fe:55:58:6e:51:82:54:8e:47:9d:ce:9e:66:f2:
d2:d2:8c:a0:18:38:a2:57:f8:f4:25:f6:40:0e:b1:
05:3f:23:c5:06:fd:4a:c7:65:c2:ed:a1:da:d5:2c:
db:a6:d8:fa:fa:e6:3c:8e:ec:2c:6b:47:1c:f6:6d:
ae:27:a0:21:e3:c8:73:1b:bd:ff:ee:0b:5b:8c:d5:
93:8e:f8:7e:d5:60:23:11:8e:15:f3:42:37:59:c4:
22:83:05:74:9b:be:e8:fa:fd:f4:f5:27:2a:44:45:
a7:e6:e4:ae:b6:e6:c3:06:b9:a2:6c:af:4e:d1:3e:
a9:03:c5:8d:0b:09:36:b7:bf:fd:26:9a:5c:3f:58:
5f:c1:30:57:eb:2a:64:0d:e4:d0:c1:b3:db:a5:d8:
08:7a:c3:80:df:29:d2:99:c9:6f:62:7a:2b:97:86:
41:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:F8:64:0E:9E:20:89:6C:1F:67:FD:A0:FC:B3:2B:7D:E5:98:F0:82
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/uvhkDp4giWwfZ_2g_LMrfeWY8II.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1a:35:d7:70:d8:39:f9:55:8a:84:f1:da:42:78:b2:aa:2f:ae:
b7:7a:71:e0:01:96:3a:a1:cc:38:a9:27:85:a7:82:40:32:86:
de:a0:58:41:1c:98:be:a2:a0:c4:3d:80:78:7b:55:e8:1e:27:
64:20:7f:e0:69:a1:2f:95:24:f6:6f:57:c7:03:f4:0c:b6:78:
7c:6a:b8:45:eb:1d:c1:cd:66:83:48:c4:33:0d:2b:cd:d2:53:
b0:b6:f6:12:26:ab:02:86:75:bb:7f:db:ea:80:87:ed:00:61:
47:26:25:4d:ec:f8:eb:98:13:9e:2a:fd:9b:36:48:53:68:f3:
32:4f:3b:cc:97:f2:ca:10:ae:b6:dd:cc:ab:09:7c:d0:a5:6c:
4b:b0:d1:50:f3:fc:2e:12:0e:46:0c:58:f2:5d:51:71:e9:7b:
26:27:9a:44:33:5f:8e:ad:1d:6b:26:2d:32:22:a8:66:46:ee:
eb:f1:d2:96:ca:43:96:1e:e0:79:dd:c1:89:0c:71:55:66:35:
9d:25:db:4a:2b:e1:46:54:80:07:33:c3:c1:70:f5:ae:28:84:
37:ae:26:60:8c:4e:02:b1:2c:09:c6:bb:56:3c:cc:ba:93:eb:
53:c9:69:d8:81:0e:95:a4:c3:b2:d2:99:30:fc:7b:18:bb:3f:
db:65:cb:d5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYr8uQP2Sp98N8+f6L6fv/JNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA0MjIwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWY4NjQwZTllMjA4OTZjMWY2N2ZkYTBmY2IzMmI3ZGU1OThmMDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtrOmdCzO/2TT/V8KN2eOIH+u0yW
buPpHqZ7X2swVP27AstcGFN6ei5YSvHlbEtKDTPhUowObEc3HOtDZ9QBO7hq0b9B
XpHhWx7eRkhroIttKRte1TRTHKZt/lVYblGCVI5Hnc6eZvLS0oygGDiiV/j0JfZA
DrEFPyPFBv1Kx2XC7aHa1Szbptj6+uY8juwsa0cc9m2uJ6Ah48hzG73/7gtbjNWT
jvh+1WAjEY4V80I3WcQigwV0m77o+v309ScqREWn5uSutubDBrmibK9O0T6pA8WN
Cwk2t7/9JppcP1hfwTBX6ypkDeTQwbPbpdgIesOA3ynSmclvYnorl4ZB8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLr4ZA6eIIlsH2f9oPyzK33lmPCCMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdXZoa0RwNGdpV3dmWl8yZ19MTXJmZVdZOElJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABo113DYOflVioTx2kJ4
sqovrrd6ceABljqhzDipJ4WngkAyht6gWEEcmL6ioMQ9gHh7VegeJ2Qgf+BpoS+V
JPZvV8cD9Ay2eHxquEXrHcHNZoNIxDMNK83SU7C29hImqwKGdbt/2+qAh+0AYUcm
JU3s+OuYE54q/Zs2SFNo8zJPO8yX8soQrrbdzKsJfNClbEuw0VDz/C4SDkYMWPJd
UXHpeyYnmkQzX46tHWsmLTIiqGZG7uvx0pbKQ5Ye4HndwYkMcVVmNZ0l20or4UZU
gAczw8Fw9a4ohDeuJmCMTgKxLAnGu1Y8zLqT61PJadiBDpWkw7LSmTD8exi7P9tl
y9U=
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:00:25 2025 by rpki-client