Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2k6r7MySsbZeapzIwGR6_4z3Pcg.roa
File: 2k6r7MySsbZeapzIwGR6_4z3Pcg.roa (raw, json)
Hash identifier: PSD+rZ4hxVumnZBHXmzn2YOiwCD11qj5h8Y3nTfS9NA=
Subject key identifier: DA:4E:AB:EC:CC:92:B1:B6:5E:6A:9C:C8:C0:64:7A:FF:8C:F7:3D:C8
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C0443B9B5D3E07FB2662FB4D005703B43
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2k6r7MySsbZeapzIwGR6_4z3Pcg.roa
Signing time: Sat 25 Nov 2023 02:16:36 +0000
ROA not before: Sat 25 Nov 2023 02:16:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:04:43:b9:b5:d3:e0:7f:b2:66:2f:b4:d0:05:70:3b:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 25 02:16:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da4eabeccc92b1b65e6a9cc8c0647aff8cf73dc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:67:d9:6d:32:4c:5c:8d:90:12:62:fb:63:17:
af:bc:c0:02:54:6b:cd:fc:27:c7:26:c2:2e:6c:cf:
24:d2:35:4a:fd:fa:f2:c8:fa:fe:e3:00:3d:ef:00:
f7:4d:23:f0:f5:d7:43:d1:a4:45:37:d0:ee:51:b5:
ae:ec:a0:26:00:c7:98:78:80:f2:c0:34:e4:89:ee:
56:10:ff:71:1b:46:78:a2:54:02:bf:06:67:02:c0:
1e:9f:fe:8c:68:3c:91:31:da:dd:eb:c8:a3:75:a7:
67:04:4c:5b:39:7b:72:13:80:5f:fa:52:5e:20:7e:
f3:d2:31:17:0d:9b:22:62:57:5b:38:7b:5a:94:4b:
aa:b0:03:ba:36:ee:25:70:3e:80:2f:e5:8c:36:7a:
86:7f:9b:ed:07:3d:3a:10:de:45:b8:5e:c4:31:9d:
a5:f9:5c:86:2c:99:a0:44:49:e7:75:df:b9:68:38:
ed:12:bd:38:0f:e3:3c:8b:f1:27:82:a4:36:b3:3b:
dd:8f:8f:0b:2d:6d:c3:2b:b4:c8:b8:1f:af:c6:69:
83:80:8c:cb:bc:28:85:a3:7a:bd:e6:bd:9b:7f:44:
82:7e:88:60:25:63:c1:2c:00:2c:ac:0f:40:6e:bf:
76:be:c1:d0:73:4f:15:37:70:99:79:f3:b7:08:6f:
63:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:4E:AB:EC:CC:92:B1:B6:5E:6A:9C:C8:C0:64:7A:FF:8C:F7:3D:C8
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2k6r7MySsbZeapzIwGR6_4z3Pcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
94:d5:3c:77:5e:ed:bc:5d:13:b3:a3:ce:1a:e2:29:16:3b:b5:
91:4d:47:f2:10:d5:85:0a:21:a6:e8:11:3d:3a:1f:3c:7e:1a:
8b:60:4d:8f:2e:46:d5:74:3b:b0:7d:34:06:75:09:e2:cc:b7:
03:bb:eb:36:3c:89:05:c6:14:05:24:0d:2d:c9:b6:32:75:bd:
75:17:74:03:35:8d:90:13:66:bf:1a:8a:93:3e:54:72:2c:60:
5c:e1:97:f3:5d:c4:92:6e:51:83:b3:5f:41:2f:51:ca:3e:fd:
58:60:cb:85:a5:80:25:72:e7:ec:42:12:1c:8a:06:34:10:20:
ab:25:29:4e:ca:7a:fe:d4:f3:c2:29:f1:ed:db:5b:96:6e:52:
8a:d0:20:64:1d:4c:f0:fd:12:df:04:21:90:72:83:ab:35:63:
4a:f1:f5:9a:55:79:a0:b3:67:4e:ae:74:13:c1:f0:b8:41:15:
c2:16:76:f4:0d:3d:1a:65:f4:ef:0b:c0:54:47:87:f4:e1:cb:
f5:17:1d:4f:8a:51:b1:a1:91:ec:c7:1d:f6:dd:02:1a:0f:bf:
59:39:78:e2:7d:8f:db:3d:0a:cb:b8:34:50:a9:f5:0b:b1:0a:
24:0c:a5:84:96:05:ab:82:b0:d7:98:07:ac:23:5f:65:e6:7d:
7c:64:21:54
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwEQ7m10+B/smYvtNAFcDtDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI1MDIxNjM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTRlYWJlY2NjOTJiMWI2NWU2YTljYzhjMDY0N2FmZjhjZjczZGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWfZbTJMXI2QEmL7YxevvMACVGvN
/CfHJsIubM8k0jVK/fryyPr+4wA97wD3TSPw9ddD0aRFN9DuUbWu7KAmAMeYeIDy
wDTkie5WEP9xG0Z4olQCvwZnAsAen/6MaDyRMdrd68ijdadnBExbOXtyE4Bf+lJe
IH7z0jEXDZsiYldbOHtalEuqsAO6Nu4lcD6AL+WMNnqGf5vtBz06EN5FuF7EMZ2l
+VyGLJmgREnndd+5aDjtEr04D+M8i/EngqQ2szvdj48LLW3DK7TIuB+vxmmDgIzL
vCiFo3q95r2bf0SCfohgJWPBLAAsrA9Abr92vsHQc08VN3CZefO3CG9jSwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNpOq+zMkrG2XmqcyMBkev+M9z3IMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMms2cjdNeVNzYlplYXB6SXdHUjZfNHozUGNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJTVPHde7bxdE7Ojzhri
KRY7tZFNR/IQ1YUKIaboET06Hzx+GotgTY8uRtV0O7B9NAZ1CeLMtwO76zY8iQXG
FAUkDS3JtjJ1vXUXdAM1jZATZr8aipM+VHIsYFzhl/NdxJJuUYOzX0EvUco+/Vhg
y4WlgCVy5+xCEhyKBjQQIKslKU7Kev7U88Ip8e3bW5ZuUorQIGQdTPD9Et8EIZBy
g6s1Y0rx9ZpVeaCzZ06udBPB8LhBFcIWdvQNPRpl9O8LwFRHh/Thy/UXHU+KUbGh
kezHHfbdAhoPv1k5eOJ9j9s9Csu4NFCp9QuxCiQMpYSWBauCsNeYB6wjX2XmfXxk
IVQ=
-----END CERTIFICATE-----
Generated at Sat May 10 11:34:29 2025 by rpki-client