Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/CSbyCTEZqTUkJ7a-_qMQidlORaM.roa
File: CSbyCTEZqTUkJ7a-_qMQidlORaM.roa (raw, json)
Hash identifier: t0yG3u4w/GqYzrUwFav3mkYaEnjLXmeMZnGcTyOqOUY=
Subject key identifier: 09:26:F2:09:31:19:A9:35:24:27:B6:BE:FE:A3:10:89:D9:4E:45:A3
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B2DE2BB54872B403C79307CF179A5BF24
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/CSbyCTEZqTUkJ7a-_qMQidlORaM.roa
Signing time: Sat 14 Oct 2023 11:11:55 +0000
ROA not before: Sat 14 Oct 2023 11:11:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:2d:e2:bb:54:87:2b:40:3c:79:30:7c:f1:79:a5:bf:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 14 11:11:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0926f2093119a9352427b6befea31089d94e45a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:60:41:21:05:ac:78:ab:bf:cb:b3:a8:3a:3c:
e2:73:73:d2:f4:40:d2:0e:aa:e2:93:57:4e:05:24:
81:81:0d:a1:6e:7a:32:49:9e:11:47:56:ff:9b:4a:
80:2c:a8:d4:3b:35:40:18:9e:56:96:fd:8d:a0:3a:
2c:a3:57:50:ae:b7:1e:9e:9b:77:24:4b:89:29:8e:
84:f3:0f:49:a8:7f:1e:c2:c5:11:2f:53:8b:57:be:
22:09:2d:7b:db:c7:85:3e:40:c1:5a:75:79:52:2b:
0a:5e:a1:83:b4:65:fc:2c:38:ad:40:5c:62:8f:6d:
e2:bd:2d:4e:be:a8:db:f7:15:73:fa:e6:a9:7c:a6:
89:24:84:ea:88:b2:15:e2:30:0e:6e:5c:82:2d:de:
ec:da:c2:03:80:57:f2:a1:56:2e:e8:c7:b2:89:16:
e8:d0:02:6c:0e:f9:37:4e:bd:59:81:70:02:e6:19:
24:f6:ef:8d:2f:b9:cb:a0:ae:8b:80:ff:36:5b:47:
3c:59:0e:cd:d7:9a:ee:7b:03:bc:ab:ed:28:35:48:
24:09:07:52:69:4d:ab:55:e4:6a:6f:4f:72:26:14:
3c:38:aa:ba:54:ac:e8:bd:28:f0:40:8f:3c:eb:f2:
95:3a:ef:14:f2:99:e7:67:e8:33:cb:7a:20:c7:78:
42:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:26:F2:09:31:19:A9:35:24:27:B6:BE:FE:A3:10:89:D9:4E:45:A3
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/CSbyCTEZqTUkJ7a-_qMQidlORaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6d:a7:74:ce:c5:c5:d7:0d:3b:15:e4:ac:c4:e3:b2:ff:aa:8d:
a2:4c:c5:d6:a4:9b:47:08:12:42:96:32:72:f9:86:75:a6:aa:
64:c6:cc:54:53:d2:4d:a6:58:1a:0c:de:cc:86:17:08:13:7d:
77:ca:ad:46:23:57:40:ad:11:8b:66:bc:2d:60:3d:90:7c:c8:
9b:05:7b:17:e3:5c:34:34:a0:e1:4e:3f:dd:a7:98:0a:11:16:
20:6b:f8:16:dd:4c:9a:fd:24:13:73:1d:f1:b1:be:6a:c3:3f:
fe:7e:1c:67:f3:b2:f9:2a:e7:2c:18:87:95:98:bf:b0:c4:bb:
01:6b:b6:99:eb:d0:20:54:fe:04:c3:d6:66:af:a9:b5:a5:f6:
0c:6b:98:d9:08:3d:ba:5b:4f:1c:07:12:38:cc:5b:9e:43:26:
8c:5b:fe:56:fd:e6:be:aa:7f:64:4d:f3:c1:6b:e3:16:64:67:
3f:48:60:e2:73:bf:0f:e0:79:de:a4:35:9f:a2:aa:62:a2:af:
d4:6f:92:11:94:7c:b2:47:4f:7e:ea:90:84:bb:53:d0:0d:a4:
46:05:39:48:ca:21:3d:58:49:b2:26:28:15:35:f4:58:d1:e2:
e9:3c:43:e2:45:61:b4:29:59:bb:2d:fe:a8:10:ff:8a:86:ed:
82:d6:6d:7a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYst4rtUhytAPHkwfPF5pb8kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE0MTExMTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTI2ZjIwOTMxMTlhOTM1MjQyN2I2YmVmZWEzMTA4OWQ5NGU0NWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7GBBIQWseKu/y7OoOjzic3PS9EDS
Dqrik1dOBSSBgQ2hbnoySZ4RR1b/m0qALKjUOzVAGJ5Wlv2NoDoso1dQrrcenpt3
JEuJKY6E8w9JqH8ewsURL1OLV74iCS1728eFPkDBWnV5UisKXqGDtGX8LDitQFxi
j23ivS1Ovqjb9xVz+uapfKaJJITqiLIV4jAOblyCLd7s2sIDgFfyoVYu6MeyiRbo
0AJsDvk3Tr1ZgXAC5hkk9u+NL7nLoK6LgP82W0c8WQ7N15ruewO8q+0oNUgkCQdS
aU2rVeRqb09yJhQ8OKq6VKzovSjwQI886/KVOu8U8pnnZ+gzy3ogx3hCnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAkm8gkxGak1JCe2vv6jEInZTkWjMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQ1NieUNURVpxVFVrSjdhLV9xTVFpZGxPUmFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG2ndM7FxdcNOxXkrMTj
sv+qjaJMxdakm0cIEkKWMnL5hnWmqmTGzFRT0k2mWBoM3syGFwgTfXfKrUYjV0Ct
EYtmvC1gPZB8yJsFexfjXDQ0oOFOP92nmAoRFiBr+BbdTJr9JBNzHfGxvmrDP/5+
HGfzsvkq5ywYh5WYv7DEuwFrtpnr0CBU/gTD1mavqbWl9gxrmNkIPbpbTxwHEjjM
W55DJoxb/lb95r6qf2RN88Fr4xZkZz9IYOJzvw/ged6kNZ+iqmKir9RvkhGUfLJH
T37qkIS7U9ANpEYFOUjKIT1YSbImKBU19FjR4uk8Q+JFYbQpWbst/qgQ/4qG7YLW
bXo=
-----END CERTIFICATE-----
Generated at Sat May 10 14:14:27 2025 by rpki-client