Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/69sBwGXrF4e8_iyxPh3QUt2umWo.roa
File: 69sBwGXrF4e8_iyxPh3QUt2umWo.roa (raw, json)
Hash identifier: 70OO2BEM8JKrYTwbzBerCk0kzFbm1HiUSBTn4pGtOSU=
Subject key identifier: EB:DB:01:C0:65:EB:17:87:BC:FE:2C:B1:3E:1D:D0:52:DD:AE:99:6A
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B01036E42FAAA5630E936D02ABB7B17C2
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/69sBwGXrF4e8_iyxPh3QUt2umWo.roa
Signing time: Thu 05 Oct 2023 18:04:43 +0000
ROA not before: Thu 05 Oct 2023 18:04:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18b:103:2e85/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:01:03:6e:42:fa:aa:56:30:e9:36:d0:2a:bb:7b:17:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 5 18:04:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ebdb01c065eb1787bcfe2cb13e1dd052ddae996a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:2e:04:3b:45:1e:37:d4:02:ec:c2:73:82:54:
6f:9b:26:62:5e:f8:fb:19:a4:77:1d:5c:93:e1:54:
99:04:d2:90:d8:01:de:69:fc:61:71:fc:54:29:ba:
56:69:12:4f:9d:dd:b0:1c:a2:9c:bb:4f:7c:d6:4e:
68:9b:40:05:39:5f:04:a6:e8:34:7a:ea:3d:5e:eb:
e9:31:6f:a3:41:91:84:c5:0a:c3:8c:ac:3c:b4:0d:
13:dc:fe:54:9c:68:4f:fc:e4:28:4e:23:60:aa:cf:
6e:98:ed:8d:f4:85:31:4d:48:e7:5d:a1:2f:85:5b:
a2:7a:b7:9a:aa:b7:15:c7:29:c2:db:0e:f8:51:69:
10:44:15:d5:be:09:58:36:ab:5d:02:6b:81:29:e9:
53:35:5f:88:17:dd:f6:d2:c1:8d:eb:0a:af:d5:02:
8a:83:49:c1:f1:be:e5:95:ea:fb:6d:0c:40:84:5e:
5b:2f:8c:f5:7d:09:0b:1c:be:f8:19:b0:70:5c:4a:
e5:d8:9e:c1:73:0d:d4:97:d4:4d:c3:7d:9e:08:03:
79:06:51:d2:2b:b1:0d:ca:fe:8e:49:e7:b7:31:1c:
2f:1a:48:92:bd:92:92:c9:1e:71:08:16:be:95:c9:
7a:79:49:31:c1:98:0d:78:f4:15:1f:09:15:ac:76:
50:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:DB:01:C0:65:EB:17:87:BC:FE:2C:B1:3E:1D:D0:52:DD:AE:99:6A
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/69sBwGXrF4e8_iyxPh3QUt2umWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
76:ba:b3:b6:f3:36:c1:49:10:03:11:c0:c2:47:b0:9b:3e:9a:
b1:e5:27:47:fa:ec:07:bd:d5:71:6f:e6:a4:0b:7d:62:44:e1:
26:d5:92:25:40:cf:e7:f9:e4:fc:22:42:84:2e:55:45:1a:7e:
d1:36:64:59:4b:49:be:bd:9f:22:b1:0e:c8:fe:36:72:42:55:
44:82:08:bc:f0:b7:8b:37:b5:ac:cc:b5:47:29:bc:1c:25:21:
e8:17:8a:79:d0:59:65:fc:5a:20:1d:a0:e6:97:db:a9:9e:a7:
47:8f:77:08:6f:66:7a:6f:b7:2e:f7:00:fe:25:eb:69:5c:64:
26:58:8e:3f:c1:24:9a:5d:ef:9d:fe:5e:8e:c4:4f:ce:65:08:
da:ce:1c:58:b4:3c:91:f5:d6:82:9a:94:bb:b5:94:0e:f5:6c:
85:75:a0:c7:10:6d:1c:10:f0:f0:2d:eb:05:ba:20:c5:a4:20:
46:77:c2:b7:c5:34:45:29:d7:2f:c7:27:81:9a:82:41:ea:11:
82:3c:6c:61:43:62:bf:cf:4c:b7:53:5a:a0:5e:80:17:dc:1e:
7e:99:f7:fd:b1:15:6b:c9:ab:b1:dc:88:26:ab:66:03:54:cf:
1f:15:dc:68:62:58:94:6c:82:c5:b8:13:53:6a:ca:0f:75:c7:
b5:59:c7:8e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsBA25C+qpWMOk20Cq7exfCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA1MTgwNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmRiMDFjMDY1ZWIxNzg3YmNmZTJjYjEzZTFkZDA1MmRkYWU5OTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvi4EO0UeN9QC7MJzglRvmyZiXvj7
GaR3HVyT4VSZBNKQ2AHeafxhcfxUKbpWaRJPnd2wHKKcu0981k5om0AFOV8Epug0
euo9XuvpMW+jQZGExQrDjKw8tA0T3P5UnGhP/OQoTiNgqs9umO2N9IUxTUjnXaEv
hVuiereaqrcVxynC2w74UWkQRBXVvglYNqtdAmuBKelTNV+IF9320sGN6wqv1QKK
g0nB8b7ller7bQxAhF5bL4z1fQkLHL74GbBwXErl2J7Bcw3Ul9RNw32eCAN5BlHS
K7ENyv6OSee3MRwvGkiSvZKSyR5xCBa+lcl6eUkxwZgNePQVHwkVrHZQ0QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOvbAcBl6xeHvP4ssT4d0FLdrplqMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvNjlzQndHWHJGNGU4X2l5eFBoM1FVdDJ1bVdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHa6s7bzNsFJEAMRwMJH
sJs+mrHlJ0f67Ae91XFv5qQLfWJE4SbVkiVAz+f55PwiQoQuVUUaftE2ZFlLSb69
nyKxDsj+NnJCVUSCCLzwt4s3tazMtUcpvBwlIegXinnQWWX8WiAdoOaX26mep0eP
dwhvZnpvty73AP4l62lcZCZYjj/BJJpd753+Xo7ET85lCNrOHFi0PJH11oKalLu1
lA71bIV1oMcQbRwQ8PAt6wW6IMWkIEZ3wrfFNEUp1y/HJ4GagkHqEYI8bGFDYr/P
TLdTWqBegBfcHn6Z9/2xFWvJq7HciCarZgNUzx8V3GhiWJRsgsW4E1Nqyg91x7VZ
x44=
-----END CERTIFICATE-----
Generated at Wed May 14 20:48:37 2025 by rpki-client