Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/8609PpI_QF92Wk901oSWvCA2JX0.roa
File: 8609PpI_QF92Wk901oSWvCA2JX0.roa (raw, json)
Hash identifier: FtzJ8ZShJq+T83orFXwNCwtzJ00FVIbwIF1vCtMTAfk=
Subject key identifier: F3:AD:3D:3E:92:3F:40:5F:76:5A:4F:74:D6:84:96:BC:20:36:25:7D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B07744C2305C2E6F090A16FE71F28E18A
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/8609PpI_QF92Wk901oSWvCA2JX0.roa
Signing time: Sat 07 Oct 2023 00:05:43 +0000
ROA not before: Sat 07 Oct 2023 00:05:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:773:931d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:07:74:4c:23:05:c2:e6:f0:90:a1:6f:e7:1f:28:e1:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 7 00:05:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f3ad3d3e923f405f765a4f74d68496bc2036257d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e3:d0:af:ef:94:d3:89:67:69:ac:a1:2f:65:
73:08:95:73:02:10:ac:07:30:ff:ef:51:c4:e4:2c:
6a:69:8c:7c:f9:89:0a:59:48:a7:50:7b:ea:4a:9b:
0d:8a:58:1a:a2:50:df:c2:5e:a7:e2:5d:fd:25:5b:
f2:81:30:3e:57:90:f3:67:ba:56:46:a3:c9:5a:26:
15:ed:a5:e2:6e:a2:b5:de:cc:b3:0d:c5:31:41:b4:
32:c7:56:f3:28:d9:d1:1d:1b:c1:26:fb:e5:e7:21:
ce:b8:1b:aa:da:ca:dc:f0:83:cc:fd:21:44:66:96:
d3:b7:6b:ac:ab:33:c9:6e:35:2e:e2:91:f8:da:64:
1e:16:fd:8a:a2:9d:c9:07:e2:2d:b8:aa:30:e7:d4:
00:be:8f:6c:41:3a:14:b1:aa:4d:ca:d3:67:38:30:
c1:5b:ed:87:68:54:59:6d:4b:59:29:b5:7b:59:79:
28:a9:e7:8a:4c:35:2c:cc:ed:b7:fb:2e:0d:56:1f:
07:1e:3a:6d:a6:24:3f:93:23:b3:cb:8b:e6:54:3e:
27:5f:c6:29:89:66:98:0a:86:96:51:20:3e:f6:28:
ac:09:94:ec:25:02:d3:26:69:ca:3d:b3:76:8c:9a:
f5:6a:59:40:cc:e2:03:03:53:f3:15:7b:83:45:67:
a4:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:AD:3D:3E:92:3F:40:5F:76:5A:4F:74:D6:84:96:BC:20:36:25:7D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/8609PpI_QF92Wk901oSWvCA2JX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c9:d0:c5:70:4b:fa:01:42:7e:ce:71:c9:bd:96:61:7d:d8:74:
40:28:ea:e7:84:9e:7e:81:a7:d7:ba:10:35:e8:44:47:80:ed:
72:2f:a0:52:65:9b:1b:b1:07:78:87:0a:32:c6:69:6c:5e:b4:
0a:b2:38:cc:03:42:93:ab:ab:4b:8b:19:16:ee:ab:89:a7:06:
d0:2f:6e:e2:c4:57:bc:26:a9:74:b8:ef:d4:37:af:13:b7:8e:
65:2f:c9:14:f7:06:a7:ee:79:26:4f:95:84:97:fc:13:22:c2:
17:0e:41:a5:06:70:a4:5c:c6:b0:5c:b7:ee:56:e6:35:4d:df:
30:c8:60:fb:29:dc:72:c4:53:cc:13:91:74:43:06:6f:42:ef:
01:0f:b3:07:5a:a4:48:37:66:8a:c5:9d:cc:a9:52:ab:03:60:
b9:2e:ce:85:fd:ff:3e:44:75:40:e3:09:e6:ad:a4:97:f6:84:
10:57:9a:e8:58:e5:21:79:c2:eb:7f:0e:86:aa:c4:b9:03:8a:
d0:d6:ba:92:b8:ce:cd:f4:b6:bc:31:5f:c9:17:77:f8:bd:90:
e0:b2:8d:d7:8f:7c:3c:a6:01:b2:dd:b2:c3:27:2e:ed:eb:b0:
0b:52:e4:69:16:ab:3e:b8:38:3f:19:31:eb:60:76:04:07:7a:
64:e6:79:0e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsHdEwjBcLm8JChb+cfKOGKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA3MDAwNTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2FkM2QzZTkyM2Y0MDVmNzY1YTRmNzRkNjg0OTZiYzIwMzYyNTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+PQr++U04lnaayhL2VzCJVzAhCs
BzD/71HE5CxqaYx8+YkKWUinUHvqSpsNilgaolDfwl6n4l39JVvygTA+V5DzZ7pW
RqPJWiYV7aXibqK13syzDcUxQbQyx1bzKNnRHRvBJvvl5yHOuBuq2src8IPM/SFE
ZpbTt2usqzPJbjUu4pH42mQeFv2Kop3JB+ItuKow59QAvo9sQToUsapNytNnODDB
W+2HaFRZbUtZKbV7WXkoqeeKTDUszO23+y4NVh8HHjptpiQ/kyOzy4vmVD4nX8Yp
iWaYCoaWUSA+9iisCZTsJQLTJmnKPbN2jJr1allAzOIDA1PzFXuDRWek5wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPOtPT6SP0BfdlpPdNaElrwgNiV9MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvODYwOVBwSV9RRjkyV2s5MDFvU1d2Q0EySlgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMnQxXBL+gFCfs5xyb2W
YX3YdEAo6ueEnn6Bp9e6EDXoREeA7XIvoFJlmxuxB3iHCjLGaWxetAqyOMwDQpOr
q0uLGRbuq4mnBtAvbuLEV7wmqXS479Q3rxO3jmUvyRT3BqfueSZPlYSX/BMiwhcO
QaUGcKRcxrBct+5W5jVN3zDIYPsp3HLEU8wTkXRDBm9C7wEPswdapEg3ZorFncyp
UqsDYLkuzoX9/z5EdUDjCeatpJf2hBBXmuhY5SF5wut/DoaqxLkDitDWupK4zs30
trwxX8kXd/i9kOCyjdePfDymAbLdssMnLu3rsAtS5GkWqz64OD8ZMetgdgQHemTm
eQ4=
-----END CERTIFICATE-----
Generated at Sun May 11 17:12:47 2025 by rpki-client