Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-Ph2MCZ4xcuiwpQ3czB4YhIDXAA.roa
File: 1-Ph2MCZ4xcuiwpQ3czB4YhIDXAA.roa (raw, json)
Hash identifier: YAoloD2Byje7j+2BPj3qa+1EV2H+KrEMVXkOXKkwKpk=
Subject key identifier: F8:F8:76:30:26:78:C5:CB:A2:C2:94:37:73:30:78:62:12:03:5C:00
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BD8066D92F94C262CCBFFCCF46A93D1CD
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-Ph2MCZ4xcuiwpQ3czB4YhIDXAA.roa
Signing time: Thu 16 Nov 2023 12:06:21 +0000
ROA not before: Thu 16 Nov 2023 12:06:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
2001:67c:64:ffff:0:18b:d805:893f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:06:6d:92:f9:4c:26:2c:cb:ff:cc:f4:6a:93:d1:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 16 12:06:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8f876302678c5cba2c294377330786212035c00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:da:78:ab:a9:4f:dd:51:f0:9f:60:67:56:6b:
5f:9f:2f:83:10:8c:2a:ff:ef:f8:e9:47:6e:6c:ca:
8c:05:d0:4d:5e:92:ac:31:5f:36:89:a3:d1:19:85:
c8:17:1e:cc:91:1e:7e:a2:42:9e:39:52:ca:98:c7:
d5:e6:d8:54:a6:19:1d:8d:3c:88:69:94:3c:26:35:
84:d8:4e:83:8d:8c:c3:f1:01:1a:00:49:60:54:5b:
88:ff:3e:e1:82:5b:6d:4b:3e:a5:20:1a:36:ea:95:
11:cb:27:52:0f:33:69:17:1a:a0:43:56:74:8a:43:
02:2e:27:77:bc:77:4d:a3:0d:87:60:10:50:f4:d6:
71:9d:e8:44:e8:86:30:fa:08:21:32:ce:d0:fb:34:
a9:d7:19:09:ad:a5:b8:c3:18:95:9a:0b:68:90:07:
b7:86:c3:d7:67:fa:53:96:e1:a4:f7:60:8e:74:74:
58:e0:12:a6:7d:b8:5f:de:26:73:88:a2:bd:b6:3d:
b8:3b:33:c6:05:f2:be:01:c2:f9:2e:4c:0f:a0:49:
b4:22:7f:b5:f3:44:a1:a4:4e:50:0f:c2:3f:48:77:
e5:d9:73:fd:d8:6d:ce:1b:42:d3:8d:1f:f1:40:bb:
58:73:24:f0:2a:6b:40:f0:2b:03:09:56:15:6a:69:
e2:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:F8:76:30:26:78:C5:CB:A2:C2:94:37:73:30:78:62:12:03:5C:00
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-Ph2MCZ4xcuiwpQ3czB4YhIDXAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
97:d3:d7:89:ca:0d:7a:0d:ed:e9:d2:4e:65:49:61:3d:07:62:
36:63:12:62:21:9c:ae:0c:3c:a6:91:54:46:86:6f:e7:43:99:
3b:ea:a1:c6:68:fd:20:33:da:6c:17:2e:91:d6:ef:81:72:e2:
35:b6:ce:2b:00:eb:83:23:fc:68:1b:5a:c0:09:f5:ed:1d:5d:
fc:21:89:ee:4d:61:f3:70:d5:a7:84:8a:51:39:a1:b2:83:7f:
ee:ad:81:05:d4:f2:f9:ec:d7:36:46:81:da:42:51:9c:bf:ab:
ab:b8:94:c4:71:c8:53:ea:45:cd:4b:ce:be:d0:1d:6c:74:07:
5a:61:60:47:b5:30:91:ba:bd:34:fb:d1:9d:c6:9f:a6:70:0b:
21:d1:cb:5e:c6:76:34:6b:2d:d0:be:d2:20:e8:0a:e0:49:7e:
83:ab:1c:68:35:ff:be:4e:d3:e9:a4:b2:b9:86:b7:e9:9d:b4:
66:c0:07:60:d9:ff:29:1c:35:d7:7d:a5:4c:d2:a5:1e:03:e3:
cc:e1:ab:1a:99:29:20:95:4d:35:aa:4d:29:0f:53:81:3e:49:
3c:34:23:e9:95:ab:9f:9f:76:df:de:9d:97:9a:eb:61:71:ce:
a4:eb:3a:eb:c3:23:19:7b:07:1e:65:2f:9e:9b:aa:11:b5:d2:
b6:12:55:ac
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYvYBm2S+UwmLMv/zPRqk9HNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTE2MTIwNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGY4NzYzMDI2NzhjNWNiYTJjMjk0Mzc3MzMwNzg2MjEyMDM1YzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9p4q6lP3VHwn2BnVmtfny+DEIwq
/+/46UdubMqMBdBNXpKsMV82iaPRGYXIFx7MkR5+okKeOVLKmMfV5thUphkdjTyI
aZQ8JjWE2E6DjYzD8QEaAElgVFuI/z7hglttSz6lIBo26pURyydSDzNpFxqgQ1Z0
ikMCLid3vHdNow2HYBBQ9NZxnehE6IYw+gghMs7Q+zSp1xkJraW4wxiVmgtokAe3
hsPXZ/pTluGk92COdHRY4BKmfbhf3iZziKK9tj24OzPGBfK+AcL5LkwPoEm0In+1
80ShpE5QD8I/SHfl2XP92G3OG0LTjR/xQLtYcyTwKmtA8CsDCVYVamni0wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPj4djAmeMXLosKUN3MweGISA1wAMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMS1QaDJNQ1o0eGN1aXdwUTNjekI0WWhJRFhBQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzgvZjYwMTc4LTk5MWEtNDI2MS05NmEwLWRkNWMzMDBiZTU0
ZS8xL1F3T2FhQk1QR1dNZUZTZVViaDRTZmJIby1kay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQCX09eJyg16De3p0k5l
SWE9B2I2YxJiIZyuDDymkVRGhm/nQ5k76qHGaP0gM9psFy6R1u+BcuI1ts4rAOuD
I/xoG1rACfXtHV38IYnuTWHzcNWnhIpROaGyg3/urYEF1PL57Nc2RoHaQlGcv6ur
uJTEcchT6kXNS86+0B1sdAdaYWBHtTCRur00+9Gdxp+mcAsh0ctexnY0ay3QvtIg
6ArgSX6DqxxoNf++TtPppLK5hrfpnbRmwAdg2f8pHDXXfaVM0qUeA+PM4asamSkg
lU01qk0pD1OBPkk8NCPplaufn3bf3p2Xmuthcc6k6zrrwyMZewceZS+em6oRtdK2
ElWs
-----END CERTIFICATE-----
Generated at Sun May 11 17:00:48 2025 by rpki-client