Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/08_4LSXmK4CCN7P_QKIiSLH8wkw.roa
File: 08_4LSXmK4CCN7P_QKIiSLH8wkw.roa (raw, json)
Hash identifier: H8U4x/JAuhLuJBBheE0cwS1HvGDBakWuuyMXVeT1pOk=
Subject key identifier: D3:CF:F8:2D:25:E6:2B:80:82:37:B3:FF:40:A2:22:48:B1:FC:C2:4C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B054E0F8D2A39335C407ACB6FAF517054
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/08_4LSXmK4CCN7P_QKIiSLH8wkw.roa
Signing time: Fri 06 Oct 2023 14:04:43 +0000
ROA not before: Fri 06 Oct 2023 14:04:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:54d:c8d0/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:05:4e:0f:8d:2a:39:33:5c:40:7a:cb:6f:af:51:70:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 6 14:04:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3cff82d25e62b808237b3ff40a22248b1fcc24c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:0e:dc:b6:fe:1d:de:b6:76:8d:82:3f:ec:26:
de:c2:d1:e0:dd:44:59:d2:a1:7e:69:83:16:ea:cf:
ab:55:75:eb:c6:9d:d2:68:1a:ab:6a:98:4d:21:68:
7f:ee:ad:dd:c2:7b:5a:e3:c6:cb:3d:8a:0f:f8:54:
08:2d:76:66:68:49:81:ee:ec:a2:d6:5b:42:eb:5d:
73:88:d4:8d:09:3c:76:13:88:9c:b4:46:8f:84:ce:
2d:d1:0a:8c:98:fe:96:11:1a:83:56:87:44:ff:72:
cd:63:fb:06:6a:c5:e1:d0:1d:17:9a:ee:8d:3d:c2:
5b:50:c1:b0:8c:50:94:1c:b2:52:af:e9:d4:c1:5e:
ca:9c:6c:dd:21:24:4b:2f:de:8b:e8:f9:e0:34:a3:
05:29:8a:02:6a:55:bf:6f:00:48:01:cf:e0:9e:3b:
53:a6:e9:19:b8:2a:6d:49:e7:9b:bc:92:4f:75:46:
65:f0:f6:01:ea:51:24:62:5a:99:3f:04:0c:22:12:
4d:0a:8c:dc:fa:47:a9:a0:64:0f:51:f8:56:27:0d:
0d:ab:be:7b:69:ba:70:63:96:e6:eb:98:d0:79:e4:
b7:a5:22:a6:4e:09:84:30:14:f3:7e:a6:e7:93:3f:
ad:b5:17:6a:36:69:c0:74:d1:1e:ac:ea:3d:9f:dc:
dd:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:CF:F8:2D:25:E6:2B:80:82:37:B3:FF:40:A2:22:48:B1:FC:C2:4C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/08_4LSXmK4CCN7P_QKIiSLH8wkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2a:f3:27:e0:72:c8:78:a1:0a:40:2c:7b:27:9e:a5:96:7d:67:
bc:9d:ad:69:48:f1:de:c2:b3:5a:2c:15:6c:90:b2:7b:23:6e:
df:64:12:71:c2:10:84:a8:6f:7c:97:8b:81:4c:47:ae:32:18:
41:5e:a4:13:14:b3:16:48:1f:be:82:fe:6c:12:63:10:e4:eb:
a4:09:77:82:64:f7:72:84:e2:64:b0:a9:2c:a8:d0:85:bd:53:
53:8f:d3:4d:0f:6b:ed:8c:6a:e6:18:5b:3c:f7:c2:ca:62:7a:
ba:8b:fa:bf:fa:67:3c:6d:d0:ef:72:40:3d:db:f5:3a:d0:b2:
ec:30:f2:79:8f:2a:c4:2b:38:77:06:a1:c0:da:b1:08:b7:0a:
e0:87:16:c8:75:1c:d7:4d:74:f2:2a:76:ff:69:9b:a1:ff:40:
39:92:5f:93:8b:c9:d5:e2:54:69:3f:0f:1f:ea:14:01:90:0e:
ad:6f:bc:42:52:a1:3e:db:9b:b2:0f:b9:e8:2f:ba:1f:26:78:
6c:02:b3:3b:4b:25:cb:81:02:38:43:b6:ac:f5:e6:90:19:8b:
a4:44:84:43:d5:79:83:fa:9b:c9:e2:d9:da:53:0d:6f:72:b8:
d0:2b:f5:14:f4:78:b4:60:59:04:1f:db:83:12:5c:9d:e1:33:
91:ab:30:68
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsFTg+NKjkzXEB6y2+vUXBUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA2MTQwNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2NmZjgyZDI1ZTYyYjgwODIzN2IzZmY0MGEyMjI0OGIxZmNjMjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArg7ctv4d3rZ2jYI/7CbewtHg3URZ
0qF+aYMW6s+rVXXrxp3SaBqraphNIWh/7q3dwnta48bLPYoP+FQILXZmaEmB7uyi
1ltC611ziNSNCTx2E4ictEaPhM4t0QqMmP6WERqDVodE/3LNY/sGasXh0B0Xmu6N
PcJbUMGwjFCUHLJSr+nUwV7KnGzdISRLL96L6PngNKMFKYoCalW/bwBIAc/gnjtT
pukZuCptSeebvJJPdUZl8PYB6lEkYlqZPwQMIhJNCozc+kepoGQPUfhWJw0Nq757
abpwY5bm65jQeeS3pSKmTgmEMBTzfqbnkz+ttRdqNmnAdNEerOo9n9zdDwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNPP+C0l5iuAgjez/0CiIkix/MJMMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMDhfNExTWG1LNENDTjdQX1FLSWlTTEg4d2t3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACrzJ+ByyHihCkAseyee
pZZ9Z7ydrWlI8d7Cs1osFWyQsnsjbt9kEnHCEISob3yXi4FMR64yGEFepBMUsxZI
H76C/mwSYxDk66QJd4Jk93KE4mSwqSyo0IW9U1OP000Pa+2MauYYWzz3wspierqL
+r/6Zzxt0O9yQD3b9TrQsuww8nmPKsQrOHcGocDasQi3CuCHFsh1HNdNdPIqdv9p
m6H/QDmSX5OLydXiVGk/Dx/qFAGQDq1vvEJSoT7bm7IPuegvuh8meGwCsztLJcuB
AjhDtqz15pAZi6REhEPVeYP6m8ni2dpTDW9yuNAr9RT0eLRgWQQf24MSXJ3hM5Gr
MGg=
-----END CERTIFICATE-----
Generated at Sat May 10 12:32:39 2025 by rpki-client