Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/uxEZNw_svJ59-BB3eekS_Y_3kf4.roa
File: uxEZNw_svJ59-BB3eekS_Y_3kf4.roa (raw, json)
Hash identifier: 2M2y1/aR8346zpP+/QYAQGV92u5cTZZGpe+j1sMk+NM=
Subject key identifier: BB:11:19:37:0F:EC:BC:9E:7D:F8:10:77:79:E9:12:FD:8F:F7:91:FE
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C3C786F0C9C1F235C8064B1D99C72328B
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/uxEZNw_svJ59-BB3eekS_Y_3kf4.roa
Signing time: Wed 06 Dec 2023 00:12:54 +0000
ROA not before: Wed 06 Dec 2023 00:12:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3c:78:6f:0c:9c:1f:23:5c:80:64:b1:d9:9c:72:32:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 6 00:12:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb1119370fecbc9e7df8107779e912fd8ff791fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:19:fc:d3:81:df:5f:b6:c6:e5:99:27:98:76:
79:eb:eb:44:70:af:7e:70:bb:7e:71:28:eb:fc:89:
ae:78:37:f0:d8:e6:6f:49:61:f2:f5:be:72:e0:dc:
c9:17:fb:93:1e:65:05:e7:3d:c8:37:b3:c6:5a:0a:
e2:a9:87:9d:02:35:c6:aa:ff:81:bd:f4:59:78:ee:
4a:72:e0:28:f2:02:6d:4d:1b:c1:85:b3:a2:bc:1b:
0b:20:be:a3:10:13:0c:bb:95:18:57:cc:50:27:b9:
64:93:7e:f3:e7:c4:22:59:b9:af:43:73:43:6d:2f:
6f:24:1c:60:05:37:eb:e0:9e:50:8c:58:75:33:69:
50:f8:03:ca:63:46:8d:0d:59:98:e3:ef:0d:95:d0:
1c:9c:c3:b5:61:54:ba:a6:b7:b8:f7:f3:77:9d:08:
6a:d9:4e:e9:f7:da:41:ef:43:d4:07:c5:91:13:be:
e9:1f:3a:62:74:3f:d4:e9:e5:0f:21:57:16:02:7a:
ef:a0:dd:71:d3:db:7b:41:1e:8c:2e:87:1f:bc:3d:
df:53:92:c4:d4:7e:be:a3:fc:df:47:ec:b7:9b:d1:
f4:18:2a:41:25:9f:41:c1:0e:07:91:aa:52:43:ec:
9b:bf:6f:7d:ba:dc:a5:63:e0:8f:a9:ad:ef:1b:da:
14:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:11:19:37:0F:EC:BC:9E:7D:F8:10:77:79:E9:12:FD:8F:F7:91:FE
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/uxEZNw_svJ59-BB3eekS_Y_3kf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5c:42:15:fa:7e:ea:b4:3f:91:e5:d8:33:d3:61:38:ed:a3:65:
e5:c4:04:48:23:1b:3a:a6:93:5e:11:a3:d6:92:cc:6f:58:b1:
7d:c2:25:77:ce:67:04:79:ea:b3:fd:74:ec:dd:10:30:e4:88:
31:d6:a8:ae:f6:c0:f9:e0:b1:61:a8:9f:42:a0:09:01:87:6f:
4e:89:c4:63:ad:a6:90:6e:3b:6d:15:c0:59:a9:3d:06:c0:d4:
0b:48:41:3a:07:b8:9c:f0:1b:da:6d:93:bf:b3:d8:e8:54:11:
b7:ba:14:54:8a:a5:6d:db:8b:3c:cd:67:fb:12:c0:b5:e5:6e:
c0:82:2a:6a:6c:3d:f8:33:5c:c4:98:6b:9a:e2:28:5e:f4:52:
a7:49:a7:66:d4:96:a9:ef:65:5d:2f:7d:55:5b:56:90:e4:27:
78:0f:65:a8:ba:63:ef:b9:2e:fa:f5:be:e4:db:f5:8d:51:44:
75:32:e6:bb:6b:14:d6:5c:26:89:b3:6e:b3:28:24:c8:8f:d8:
3a:20:a3:a9:b3:cb:62:84:96:f0:5d:9d:1a:8e:b6:29:ea:47:
e6:a3:14:b6:35:3e:40:f3:7f:27:57:b4:47:f9:b7:be:d8:39:
dc:e4:90:12:97:f5:35:6c:71:5f:0e:86:69:6e:64:d6:95:0c:
2f:46:4d:d3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYw8eG8MnB8jXIBksdmccjKLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA2MDAxMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjExMTkzNzBmZWNiYzllN2RmODEwNzc3OWU5MTJmZDhmZjc5MWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBn804HfX7bG5ZknmHZ56+tEcK9+
cLt+cSjr/ImueDfw2OZvSWHy9b5y4NzJF/uTHmUF5z3IN7PGWgriqYedAjXGqv+B
vfRZeO5KcuAo8gJtTRvBhbOivBsLIL6jEBMMu5UYV8xQJ7lkk37z58QiWbmvQ3ND
bS9vJBxgBTfr4J5QjFh1M2lQ+APKY0aNDVmY4+8NldAcnMO1YVS6pre49/N3nQhq
2U7p99pB70PUB8WRE77pHzpidD/U6eUPIVcWAnrvoN1x09t7QR6MLocfvD3fU5LE
1H6+o/zfR+y3m9H0GCpBJZ9BwQ4HkapSQ+ybv299utylY+CPqa3vG9oUcwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLsRGTcP7LyeffgQd3npEv2P95H+MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdXhFWk53X3N2SjU5LUJCM2Vla1NfWV8za2Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFxCFfp+6rQ/keXYM9Nh
OO2jZeXEBEgjGzqmk14Ro9aSzG9YsX3CJXfOZwR56rP9dOzdEDDkiDHWqK72wPng
sWGon0KgCQGHb06JxGOtppBuO20VwFmpPQbA1AtIQToHuJzwG9ptk7+z2OhUEbe6
FFSKpW3bizzNZ/sSwLXlbsCCKmpsPfgzXMSYa5riKF70UqdJp2bUlqnvZV0vfVVb
VpDkJ3gPZai6Y++5Lvr1vuTb9Y1RRHUy5rtrFNZcJomzbrMoJMiP2Dogo6mzy2KE
lvBdnRqOtinqR+ajFLY1PkDzfydXtEf5t77YOdzkkBKX9TVscV8OhmluZNaVDC9G
TdM=
-----END CERTIFICATE-----
Generated at Sat Apr 19 06:01:28 2025 by rpki-client