Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2pN-Y90dGkUBApD9u13EvViijwk.roa
File: 2pN-Y90dGkUBApD9u13EvViijwk.roa (raw, json)
Hash identifier: nA5B5Lf6aX4Ile/JXQ5CA4WPzKbw8MN0No52PrQlcFE=
Subject key identifier: DA:93:7E:63:DD:1D:1A:45:01:02:90:FD:BB:5D:C4:BD:58:A2:8F:09
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B2C9924922E47C26D5BC70463A6A53DB5
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2pN-Y90dGkUBApD9u13EvViijwk.roa
Signing time: Sat 14 Oct 2023 05:11:55 +0000
ROA not before: Sat 14 Oct 2023 05:11:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:2c:99:24:92:2e:47:c2:6d:5b:c7:04:63:a6:a5:3d:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 14 05:11:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da937e63dd1d1a45010290fdbb5dc4bd58a28f09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:75:bd:ca:40:32:63:58:ff:55:0e:44:34:b3:
80:2d:34:e9:b7:d8:0a:22:8f:f5:a2:ee:ff:15:a5:
53:6f:f8:d9:a9:e8:40:0d:90:68:7d:1f:36:80:5d:
cf:7a:10:61:fd:7f:f9:30:16:57:0c:50:09:4e:fc:
f0:0a:2c:d1:10:b2:9e:7f:47:9d:62:90:58:97:65:
13:70:00:4e:49:48:21:81:58:97:a2:db:9c:d4:d8:
77:71:3c:a6:56:69:1a:6e:f7:bf:c0:9c:55:10:e0:
84:65:08:a3:13:de:30:d8:a0:66:cc:0e:e2:f9:7c:
1d:26:32:16:2e:d4:21:89:b1:0c:0e:e3:de:e7:1f:
b8:8e:6f:74:90:c1:45:a3:7c:b3:4c:26:c7:58:61:
8c:4f:02:a9:75:96:c6:7e:cb:fa:62:b6:9c:2d:72:
aa:a2:fa:b8:5f:4a:11:60:da:a7:32:b5:e1:49:6e:
b6:6f:b8:0b:34:8b:77:4a:b0:24:1a:f2:61:43:3e:
47:c0:06:df:1c:c8:d5:d8:6c:c0:39:d4:d9:6f:96:
e5:ec:91:be:49:c4:40:e3:09:99:70:e9:e6:e5:77:
76:4c:e6:ee:1b:0d:43:1f:03:63:aa:60:14:63:36:
df:9a:88:d5:c3:e1:57:ee:cd:d9:99:30:47:53:0b:
48:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:93:7E:63:DD:1D:1A:45:01:02:90:FD:BB:5D:C4:BD:58:A2:8F:09
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2pN-Y90dGkUBApD9u13EvViijwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
d1:7b:53:d5:23:b0:9b:c6:e0:97:d1:3a:56:27:95:d4:79:5b:
94:d9:33:ca:10:0c:35:fc:32:cb:38:08:74:1e:c1:20:6a:0d:
5d:4b:58:ca:2c:4a:7d:d1:8f:3e:c3:44:4f:c9:8f:45:bd:d8:
94:9c:14:74:6f:f7:79:d2:c3:94:f0:d0:0a:ac:7c:5c:ee:e4:
77:92:98:9a:e8:c0:e0:b0:5a:28:8a:9c:cc:d3:71:ec:3b:d3:
17:bb:0b:44:79:09:f1:0b:c2:c5:46:2a:e4:14:84:ed:d7:8d:
19:cf:42:81:b0:5c:8c:28:85:dc:6a:36:87:ab:e7:48:11:7f:
42:3f:3a:5e:11:d0:12:e8:f6:63:65:af:6d:46:64:a4:a9:a2:
1d:65:ba:e3:fe:39:e5:20:3a:95:c0:32:7d:88:3f:67:71:2f:
87:45:6c:c6:ba:36:0a:49:d7:13:12:a2:a6:00:1d:15:68:1f:
9b:39:b0:2c:be:1c:e7:8f:35:4b:ad:7f:03:79:56:81:80:00:
ea:2f:7a:4d:83:9d:58:c9:60:e9:a5:6f:25:96:2c:d0:45:87:
0e:b4:e7:fe:b6:1f:e3:1b:e3:f4:4b:42:73:13:36:99:a9:c6:
30:ff:81:90:af:53:bd:59:f7:c4:cd:3d:d1:8e:c4:ef:64:f5:
47:34:7c:8d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYssmSSSLkfCbVvHBGOmpT21MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE0MDUxMTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTkzN2U2M2RkMWQxYTQ1MDEwMjkwZmRiYjVkYzRiZDU4YTI4ZjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXW9ykAyY1j/VQ5ENLOALTTpt9gK
Io/1ou7/FaVTb/jZqehADZBofR82gF3PehBh/X/5MBZXDFAJTvzwCizRELKef0ed
YpBYl2UTcABOSUghgViXotuc1Nh3cTymVmkabve/wJxVEOCEZQijE94w2KBmzA7i
+XwdJjIWLtQhibEMDuPe5x+4jm90kMFFo3yzTCbHWGGMTwKpdZbGfsv6YracLXKq
ovq4X0oRYNqnMrXhSW62b7gLNIt3SrAkGvJhQz5HwAbfHMjV2GzAOdTZb5bl7JG+
ScRA4wmZcOnm5Xd2TObuGw1DHwNjqmAUYzbfmojVw+FX7s3ZmTBHUwtI8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNqTfmPdHRpFAQKQ/btdxL1Yoo8JMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMnBOLVk5MGRHa1VCQXBEOXUxM0V2VmlpandrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBANF7U9UjsJvG4JfROlYn
ldR5W5TZM8oQDDX8Mss4CHQewSBqDV1LWMosSn3Rjz7DRE/Jj0W92JScFHRv93nS
w5Tw0AqsfFzu5HeSmJrowOCwWiiKnMzTcew70xe7C0R5CfELwsVGKuQUhO3XjRnP
QoGwXIwohdxqNoer50gRf0I/Ol4R0BLo9mNlr21GZKSpoh1luuP+OeUgOpXAMn2I
P2dxL4dFbMa6NgpJ1xMSoqYAHRVoH5s5sCy+HOePNUutfwN5VoGAAOovek2DnVjJ
YOmlbyWWLNBFhw605/62H+Mb4/RLQnMTNpmpxjD/gZCvU71Z98TNPdGOxO9k9Uc0
fI0=
-----END CERTIFICATE-----
Generated at Sat May 10 11:05:34 2025 by rpki-client