Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/9YXNgpWpM8G-ntCwkx6h3tRUmPA.roa
File: 9YXNgpWpM8G-ntCwkx6h3tRUmPA.roa (raw, json)
Hash identifier: wesnxv2kE8zCVBuiNFlGVQ+TDfZYIefKzF+87VxLsCQ=
Subject key identifier: F5:85:CD:82:95:A9:33:C1:BE:9E:D0:B0:93:1E:A1:DE:D4:54:98:F0
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C4169B0C495C8537865CE794CD76C2C82
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/9YXNgpWpM8G-ntCwkx6h3tRUmPA.roa
Signing time: Wed 06 Dec 2023 23:14:54 +0000
ROA not before: Wed 06 Dec 2023 23:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:41:69:b0:c4:95:c8:53:78:65:ce:79:4c:d7:6c:2c:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 6 23:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f585cd8295a933c1be9ed0b0931ea1ded45498f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:0b:83:9e:af:f9:9a:7e:f3:58:94:ca:5d:6f:
46:eb:35:df:9f:93:2f:76:0d:56:dc:25:02:77:67:
16:ca:89:e9:35:71:34:bc:0f:08:80:d9:9c:b2:6c:
08:60:e6:d7:cd:fc:e5:5d:7a:25:b2:67:86:eb:e6:
21:56:bf:97:fc:70:7c:39:9f:20:3a:b6:33:ff:86:
b2:4d:61:6c:1d:50:44:54:0e:6e:fb:d4:cd:43:91:
5a:ff:22:34:9b:73:04:7d:81:8d:44:74:e5:da:5e:
60:5b:e3:7a:32:3e:38:c9:da:0a:53:f7:bc:87:81:
74:86:54:6b:21:41:14:9a:0a:29:75:be:b7:e4:c4:
96:d1:31:4b:64:e7:0c:69:31:99:0a:a6:2a:01:13:
b4:4b:d8:f9:bd:32:d1:f4:25:5f:40:d6:99:8b:24:
be:5c:e9:b8:61:06:a4:cf:37:37:af:69:a9:54:86:
ba:85:c1:d9:61:f2:8f:87:bf:d3:32:21:06:d1:12:
28:1e:da:3e:7f:e7:3d:7d:47:1a:a9:b0:b6:8c:b9:
24:e7:fd:63:4b:60:fb:fe:f6:0c:00:26:9f:24:09:
df:9f:b4:33:82:50:e4:cd:30:e3:e7:dd:1b:58:ee:
23:e2:21:ea:5e:2b:ff:46:cb:77:dd:05:f2:45:74:
d7:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:85:CD:82:95:A9:33:C1:BE:9E:D0:B0:93:1E:A1:DE:D4:54:98:F0
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/9YXNgpWpM8G-ntCwkx6h3tRUmPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
33:07:ed:ce:bb:68:1a:0c:ae:9d:79:03:ac:88:eb:44:08:69:
67:84:f5:a9:9d:3e:3b:6d:76:75:04:f7:98:c4:4d:bf:52:74:
13:f4:f0:a7:d7:85:89:c0:1d:26:0f:7e:6c:92:84:8a:5a:7d:
7f:a3:ac:0e:cb:69:03:c1:8e:35:e9:27:d0:fa:a8:e2:2d:87:
c4:f2:a6:24:e3:05:80:7e:21:e1:1a:7f:df:c7:ef:af:66:2f:
4a:39:d3:ad:8c:0c:55:2a:e0:b3:a6:fb:15:21:b8:82:3b:87:
62:3d:2d:89:3d:a6:65:0f:95:26:77:a9:ec:1d:7c:31:7d:53:
5f:bb:91:e8:d3:f6:c3:2f:31:68:02:2d:6e:ca:30:5a:e5:1e:
8e:99:79:b8:b4:ee:99:1a:f6:28:78:0a:bc:37:3b:76:8e:1a:
7f:3c:e1:cf:4b:b0:58:be:13:cd:14:9b:73:6f:02:35:6d:7e:
65:a7:38:8e:d8:02:1c:39:27:7e:b6:0c:f8:9a:59:2d:f1:12:
20:35:da:58:5e:c2:7b:c8:f6:2d:8e:28:a5:1c:d6:00:ee:9b:
5a:f0:66:ae:e7:bf:08:0a:a7:75:e2:0d:00:4b:68:5b:48:04:
ce:65:12:89:40:a3:4d:72:72:9e:50:42:10:c2:70:b4:b4:b8:
31:4a:2b:81
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxBabDElchTeGXOeUzXbCyCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA2MjMxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTg1Y2Q4Mjk1YTkzM2MxYmU5ZWQwYjA5MzFlYTFkZWQ0NTQ5OGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiguDnq/5mn7zWJTKXW9G6zXfn5Mv
dg1W3CUCd2cWyonpNXE0vA8IgNmcsmwIYObXzfzlXXolsmeG6+YhVr+X/HB8OZ8g
OrYz/4ayTWFsHVBEVA5u+9TNQ5Fa/yI0m3MEfYGNRHTl2l5gW+N6Mj44ydoKU/e8
h4F0hlRrIUEUmgopdb635MSW0TFLZOcMaTGZCqYqARO0S9j5vTLR9CVfQNaZiyS+
XOm4YQakzzc3r2mpVIa6hcHZYfKPh7/TMiEG0RIoHto+f+c9fUcaqbC2jLkk5/1j
S2D7/vYMACafJAnfn7QzglDkzTDj590bWO4j4iHqXiv/Rst33QXyRXTX8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPWFzYKVqTPBvp7QsJMeod7UVJjwMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvOVlYTmdwV3BNOEctbnRDd2t4NmgzdFJVbVBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADMH7c67aBoMrp15A6yI
60QIaWeE9amdPjttdnUE95jETb9SdBP08KfXhYnAHSYPfmyShIpafX+jrA7LaQPB
jjXpJ9D6qOIth8TypiTjBYB+IeEaf9/H769mL0o5062MDFUq4LOm+xUhuII7h2I9
LYk9pmUPlSZ3qewdfDF9U1+7kejT9sMvMWgCLW7KMFrlHo6Zebi07pka9ih4Crw3
O3aOGn884c9LsFi+E80Um3NvAjVtfmWnOI7YAhw5J362DPiaWS3xEiA12lhewnvI
9i2OKKUc1gDum1rwZq7nvwgKp3XiDQBLaFtIBM5lEolAo01ycp5QQhDCcLS0uDFK
K4E=
-----END CERTIFICATE-----
Generated at Thu May 15 22:39:46 2025 by rpki-client