Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/wULkQpRZB1hlpnH7dSAg23gRsmA.roa
File: wULkQpRZB1hlpnH7dSAg23gRsmA.roa (raw, json)
Hash identifier: gHGik52wXUDULzhYn2FWVzTzd8unXlHwFtlVDzukZzQ=
Subject key identifier: C1:42:E4:42:94:59:07:58:65:A6:71:FB:75:20:20:DB:78:11:B2:60
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C60F3E7081F60ECCFEC6F01FAB5D7B9DF
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/wULkQpRZB1hlpnH7dSAg23gRsmA.roa
Signing time: Wed 13 Dec 2023 02:14:06 +0000
ROA not before: Wed 13 Dec 2023 02:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:60:f3:e7:08:1f:60:ec:cf:ec:6f:01:fa:b5:d7:b9:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 13 02:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c142e4429459075865a671fb752020db7811b260
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:83:d5:96:ee:d4:66:c0:02:02:ad:12:aa:fc:
b5:36:7a:e7:c2:7d:68:3a:a0:d8:bc:1f:b2:22:78:
56:5e:35:1d:42:43:52:12:71:2c:29:12:79:80:a5:
69:31:76:42:51:e7:2a:57:dc:db:96:36:ac:1e:69:
6a:5b:28:15:02:75:24:3c:ae:6c:05:ac:14:d8:1a:
ad:d9:bf:5d:f9:50:3b:9e:b2:ec:6f:c3:03:ac:f2:
2c:46:45:0e:f4:8a:86:0b:94:f3:7f:77:1a:9f:32:
75:5b:fa:22:30:e6:a7:fd:5d:12:4e:81:00:f4:24:
a8:31:6f:ab:94:ff:d7:43:02:8a:b3:4e:35:78:79:
49:14:ec:22:ca:6c:42:bf:82:51:4b:f4:44:5a:82:
95:a8:6d:64:58:09:ee:47:15:54:ef:f9:f8:f3:5a:
40:76:05:4b:8a:01:c5:20:2b:b3:95:e8:b9:79:f4:
1f:7e:92:08:2e:03:35:9d:fb:4e:cf:bb:d6:55:34:
17:d6:02:de:37:d5:0b:c9:3f:f3:4c:b6:96:c3:eb:
64:fd:5e:d4:ab:a0:29:ea:74:90:af:f5:9e:64:0c:
49:b2:27:dc:ee:7b:74:2a:92:34:da:c7:43:3b:06:
0c:12:e7:15:90:18:5f:0d:4e:a0:a7:5e:12:0e:1c:
04:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:42:E4:42:94:59:07:58:65:A6:71:FB:75:20:20:DB:78:11:B2:60
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/wULkQpRZB1hlpnH7dSAg23gRsmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
12:37:13:49:d4:df:79:88:0d:0b:94:96:4b:99:1b:82:ef:ae:
70:2c:99:e0:b4:3d:8f:53:9c:67:08:b2:b5:22:89:7a:36:4e:
0f:26:89:30:8d:b4:b1:f3:54:1e:30:32:47:d5:21:94:d1:0a:
43:ca:15:9b:d1:91:2c:fe:34:28:df:0f:d9:8a:fd:2f:f9:4b:
f1:f9:ae:21:fa:ef:db:4d:75:85:12:e4:fd:d4:d8:03:6a:68:
32:71:a3:4f:1a:c9:a0:43:9e:c0:ba:a2:47:7d:dd:97:a5:ce:
4c:2e:1b:79:fe:ed:ba:da:83:0a:95:28:cc:63:53:9a:10:08:
2f:f4:a5:85:e5:a3:8c:aa:dd:c8:c1:da:d5:18:8c:6c:33:df:
f9:26:31:47:45:c3:12:29:fb:fc:02:86:f2:0b:c4:67:d5:7b:
14:8f:93:50:2d:09:56:e7:a7:62:fb:68:70:63:64:51:93:48:
3a:7c:e1:00:cd:f9:bf:10:61:a5:6a:1a:c7:2a:92:77:3d:f3:
cf:3a:48:eb:cf:a5:c4:44:ad:fd:27:04:7c:24:dc:d2:c0:a6:
df:86:8b:fe:6a:c2:66:8d:c7:96:72:15:c7:0f:fd:df:d2:68:
46:1e:83:4d:73:36:89:dc:da:10:25:2f:b1:e0:82:e9:ba:88:
57:af:21:31
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxg8+cIH2Dsz+xvAfq117nfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjEzMDIxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTQyZTQ0Mjk0NTkwNzU4NjVhNjcxZmI3NTIwMjBkYjc4MTFiMjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgoPVlu7UZsACAq0Sqvy1Nnrnwn1o
OqDYvB+yInhWXjUdQkNSEnEsKRJ5gKVpMXZCUecqV9zbljasHmlqWygVAnUkPK5s
BawU2Bqt2b9d+VA7nrLsb8MDrPIsRkUO9IqGC5Tzf3canzJ1W/oiMOan/V0SToEA
9CSoMW+rlP/XQwKKs041eHlJFOwiymxCv4JRS/REWoKVqG1kWAnuRxVU7/n481pA
dgVLigHFICuzlei5efQffpIILgM1nftOz7vWVTQX1gLeN9ULyT/zTLaWw+tk/V7U
q6Ap6nSQr/WeZAxJsifc7nt0KpI02sdDOwYMEucVkBhfDU6gp14SDhwEqQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMFC5EKUWQdYZaZx+3UgINt4EbJgMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvd1VMa1FwUlpCMWhscG5IN2RTQWcyM2dSc21BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABI3E0nU33mIDQuUlkuZ
G4LvrnAsmeC0PY9TnGcIsrUiiXo2Tg8miTCNtLHzVB4wMkfVIZTRCkPKFZvRkSz+
NCjfD9mK/S/5S/H5riH679tNdYUS5P3U2ANqaDJxo08ayaBDnsC6okd93Zelzkwu
G3n+7bragwqVKMxjU5oQCC/0pYXlo4yq3cjB2tUYjGwz3/kmMUdFwxIp+/wChvIL
xGfVexSPk1AtCVbnp2L7aHBjZFGTSDp84QDN+b8QYaVqGscqknc98886SOvPpcRE
rf0nBHwk3NLApt+Gi/5qwmaNx5ZyFccP/d/SaEYeg01zNonc2hAlL7Hggum6iFev
ITE=
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:10:05 2025 by rpki-client