Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/AiD8tygG_VL0aFfiYjFo1x9qeoY.roa
File: AiD8tygG_VL0aFfiYjFo1x9qeoY.roa (raw, json)
Hash identifier: igQY5JucbZLCUxnKpz2GefVQWcRePkAdTcuC1Zbm5o8=
Subject key identifier: 02:20:FC:B7:28:06:FD:52:F4:68:57:E2:62:31:68:D7:1F:6A:7A:86
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C52270F15D220611F69DCA8CE40AE70C0
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/AiD8tygG_VL0aFfiYjFo1x9qeoY.roa
Signing time: Sun 10 Dec 2023 05:15:40 +0000
ROA not before: Sun 10 Dec 2023 05:15:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:52:27:0f:15:d2:20:61:1f:69:dc:a8:ce:40:ae:70:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 10 05:15:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0220fcb72806fd52f46857e2623168d71f6a7a86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:0d:34:72:14:d4:e4:8d:3c:24:11:89:83:aa:
69:72:91:a4:46:59:a5:73:db:5c:b8:b6:1b:a7:b1:
af:63:64:c6:d0:84:47:e3:ec:22:14:4c:1a:88:20:
3f:d0:3b:f9:a6:45:94:cb:e6:3a:58:af:6d:66:c8:
dd:e6:de:b6:4d:82:62:d2:af:26:5e:5f:c1:53:90:
58:e5:f5:88:23:91:66:4e:f9:69:01:7f:f9:9b:db:
cf:ef:bd:35:d5:55:8f:6e:0a:a4:ae:ab:3f:9a:d0:
c2:ec:a4:b5:24:18:ca:e2:bf:4a:f4:6c:b9:65:4d:
ad:1d:4c:7b:a4:27:a8:ec:f7:7a:41:d0:c1:ae:06:
96:81:48:2f:82:80:fd:78:b1:5c:11:3a:f0:47:a9:
31:4e:77:bd:e0:6e:90:51:dc:52:d6:6f:07:73:af:
f9:30:e6:c1:4a:e5:86:18:ce:5b:74:12:8e:31:ea:
d5:23:15:8a:50:7a:91:6f:28:d1:6b:60:67:61:55:
f8:90:69:33:96:17:01:c3:16:f2:68:58:37:d5:9b:
b1:68:f3:e2:97:6c:05:d8:99:bf:cb:63:e0:fb:f2:
b6:b1:1b:3a:c8:37:c7:79:43:26:0e:4c:e4:4f:81:
eb:cc:f7:20:0a:f8:22:df:97:9a:78:00:a3:26:16:
25:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:20:FC:B7:28:06:FD:52:F4:68:57:E2:62:31:68:D7:1F:6A:7A:86
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/AiD8tygG_VL0aFfiYjFo1x9qeoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
42:8f:71:77:16:93:18:42:8d:c3:68:f7:15:42:6f:ba:26:d2:
6d:90:7b:d5:48:2a:d8:84:11:02:89:7f:30:73:bb:d9:b9:84:
ad:19:1a:78:4a:dc:43:87:07:62:2f:7e:ea:2f:f3:b3:4f:1b:
b3:22:91:55:65:c8:7e:75:69:37:c6:1a:53:c5:eb:4e:e7:b9:
0d:34:20:32:8e:67:53:2d:b2:e1:e4:c4:ee:d5:3a:f0:40:3a:
0e:8c:7d:0e:82:88:cb:e1:e2:3e:8e:7d:cf:d1:69:50:85:b3:
73:2a:d5:a6:fa:94:3a:c7:f4:39:be:0f:5b:7f:94:07:4a:a0:
2d:25:46:19:d0:79:52:ec:fb:ac:67:8e:00:d1:f4:a6:65:3c:
b6:fe:66:73:88:fb:13:7c:bb:e0:85:6e:a1:fc:56:1e:5d:d4:
11:d2:81:da:86:48:5f:c1:c0:c8:64:5b:8b:1b:1e:8b:0f:8c:
a0:0c:60:9f:ec:a2:54:b7:19:bb:f2:6d:09:ef:03:3d:77:8f:
20:bf:c9:3b:c2:42:8b:ea:ca:68:0a:15:b5:9f:e3:cc:91:1f:
c4:79:54:78:6d:ef:e0:f4:bf:c0:dd:e9:e9:6e:15:28:37:c2:
25:b9:44:28:a0:7d:97:a6:1c:c0:04:a9:23:bb:4c:bb:61:c5:
0d:d3:db:ee
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxSJw8V0iBhH2ncqM5ArnDAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjEwMDUxNTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjIwZmNiNzI4MDZmZDUyZjQ2ODU3ZTI2MjMxNjhkNzFmNmE3YTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuw00chTU5I08JBGJg6ppcpGkRlml
c9tcuLYbp7GvY2TG0IRH4+wiFEwaiCA/0Dv5pkWUy+Y6WK9tZsjd5t62TYJi0q8m
Xl/BU5BY5fWII5FmTvlpAX/5m9vP77011VWPbgqkrqs/mtDC7KS1JBjK4r9K9Gy5
ZU2tHUx7pCeo7Pd6QdDBrgaWgUgvgoD9eLFcETrwR6kxTne94G6QUdxS1m8Hc6/5
MObBSuWGGM5bdBKOMerVIxWKUHqRbyjRa2BnYVX4kGkzlhcBwxbyaFg31ZuxaPPi
l2wF2Jm/y2Pg+/K2sRs6yDfHeUMmDkzkT4HrzPcgCvgi35eaeACjJhYl7QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAIg/LcoBv1S9GhX4mIxaNcfanqGMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQWlEOHR5Z0dfVkwwYUZmaVlqRm8xeDlxZW9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEKPcXcWkxhCjcNo9xVC
b7om0m2Qe9VIKtiEEQKJfzBzu9m5hK0ZGnhK3EOHB2Ivfuov87NPG7MikVVlyH51
aTfGGlPF607nuQ00IDKOZ1MtsuHkxO7VOvBAOg6MfQ6CiMvh4j6Ofc/RaVCFs3Mq
1ab6lDrH9Dm+D1t/lAdKoC0lRhnQeVLs+6xnjgDR9KZlPLb+ZnOI+xN8u+CFbqH8
Vh5d1BHSgdqGSF/BwMhkW4sbHosPjKAMYJ/solS3GbvybQnvAz13jyC/yTvCQovq
ymgKFbWf48yRH8R5VHht7+D0v8Dd6eluFSg3wiW5RCigfZemHMAEqSO7TLthxQ3T
2+4=
-----END CERTIFICATE-----
Generated at Sun May 11 22:43:57 2025 by rpki-client