Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Mdhw1bLq1SFt9sJ66jaaGckEOio.roa
File: Mdhw1bLq1SFt9sJ66jaaGckEOio.roa (raw, json)
Hash identifier: knivrtmFSpGc3PJr1ZuGWRXmupA5nVyP2eahHhiIWPw=
Subject key identifier: 31:D8:70:D5:B2:EA:D5:21:6D:F6:C2:7A:EA:36:9A:19:C9:04:3A:2A
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C197E114996C7CB6AD838138C21772CD1
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Mdhw1bLq1SFt9sJ66jaaGckEOio.roa
Signing time: Wed 29 Nov 2023 05:12:21 +0000
ROA not before: Wed 29 Nov 2023 05:12:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:19:7e:11:49:96:c7:cb:6a:d8:38:13:8c:21:77:2c:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 29 05:12:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31d870d5b2ead5216df6c27aea369a19c9043a2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:65:31:03:5d:cb:bd:8a:2a:82:7a:68:15:a5:
57:4d:32:4e:1b:35:2a:09:11:87:77:03:94:f5:f4:
3e:96:52:5d:ed:54:cf:1d:5d:d0:8f:e3:87:75:95:
90:b7:8f:3f:1c:c5:51:22:b9:54:cf:61:a4:4a:ef:
d7:1c:3f:8a:df:73:9a:10:2c:b2:59:a9:cd:06:dd:
7a:cf:0d:99:a6:04:05:c8:7a:5e:03:04:eb:60:c2:
00:10:30:e6:4a:dc:be:3f:c0:e6:7f:38:cd:47:7d:
1d:0d:66:e2:33:d1:fb:a6:f5:fc:6a:fd:e4:8e:ec:
e5:04:94:bc:df:6f:bd:ec:06:70:80:72:08:83:e2:
df:d4:54:df:31:c7:21:96:bf:d3:73:4d:57:e7:93:
b0:6c:e8:68:80:4d:4c:18:82:51:e5:49:77:50:9d:
17:3d:34:59:1e:70:85:f9:ca:c5:09:84:b2:c6:fc:
51:5d:ff:7a:50:c7:62:3a:dd:18:75:66:69:34:cd:
75:ee:d6:1b:63:1f:ab:c8:9a:63:d9:c9:45:0a:22:
08:a1:4a:94:67:10:fa:f5:37:3f:95:07:1b:3b:86:
00:b5:c3:a0:66:6e:30:0f:ef:f2:d8:e7:11:98:69:
48:4b:f8:0a:f4:26:4c:24:8e:74:36:1d:42:cd:6a:
ad:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:D8:70:D5:B2:EA:D5:21:6D:F6:C2:7A:EA:36:9A:19:C9:04:3A:2A
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Mdhw1bLq1SFt9sJ66jaaGckEOio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
67:f7:de:4e:0f:ca:32:86:ce:17:8b:16:31:23:06:3f:12:94:
f5:6b:8a:7b:d2:13:c8:f8:09:ee:0b:bc:6d:38:7d:b8:d3:35:
ce:a4:e1:0e:e0:76:ec:32:c5:6a:1f:96:01:cb:d0:54:a6:4e:
90:8e:ac:3d:50:22:36:19:aa:6c:ca:b1:f1:77:6b:89:62:66:
71:f0:79:9b:da:6c:86:11:f2:32:4b:01:6d:d3:94:3b:fa:dc:
c6:f4:34:23:61:1e:b4:0a:90:64:64:eb:97:7b:ff:07:4a:99:
62:f8:b4:92:a6:90:a3:f6:72:61:0f:9c:e7:a4:5d:20:02:2b:
47:55:58:a4:f2:d4:ae:24:a9:69:4b:e4:c8:35:03:d4:86:40:
c6:a1:06:1a:b8:51:f6:6a:ec:10:0c:e8:ad:c6:56:c1:28:3f:
ec:21:08:32:06:b0:63:c8:c2:3c:78:db:89:a7:a5:a7:46:69:
23:7e:e3:6c:ac:a9:e8:87:bb:f0:74:4d:95:ea:c5:17:b8:e7:
2b:54:34:c6:61:53:d6:4c:54:ac:10:e4:84:60:53:01:48:98:
93:bf:f9:96:ad:46:51:c9:02:3b:e3:aa:0f:51:ca:f0:fc:15:
ce:e5:1f:95:6a:01:e5:a1:50:a4:36:8b:2e:c2:e4:9e:11:55:
0f:fe:74:5a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwZfhFJlsfLatg4E4whdyzRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI5MDUxMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWQ4NzBkNWIyZWFkNTIxNmRmNmMyN2FlYTM2OWExOWM5MDQzYTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimUxA13LvYoqgnpoFaVXTTJOGzUq
CRGHdwOU9fQ+llJd7VTPHV3Qj+OHdZWQt48/HMVRIrlUz2GkSu/XHD+K33OaECyy
WanNBt16zw2ZpgQFyHpeAwTrYMIAEDDmSty+P8DmfzjNR30dDWbiM9H7pvX8av3k
juzlBJS832+97AZwgHIIg+Lf1FTfMcchlr/Tc01X55OwbOhogE1MGIJR5Ul3UJ0X
PTRZHnCF+crFCYSyxvxRXf96UMdiOt0YdWZpNM117tYbYx+ryJpj2clFCiIIoUqU
ZxD69Tc/lQcbO4YAtcOgZm4wD+/y2OcRmGlIS/gK9CZMJI50Nh1CzWqtYQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDHYcNWy6tUhbfbCeuo2mhnJBDoqMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvTWRodzFiTHExU0Z0OXNKNjZqYWFHY2tFT2lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGf33k4PyjKGzheLFjEj
Bj8SlPVrinvSE8j4Ce4LvG04fbjTNc6k4Q7gduwyxWoflgHL0FSmTpCOrD1QIjYZ
qmzKsfF3a4liZnHweZvabIYR8jJLAW3TlDv63Mb0NCNhHrQKkGRk65d7/wdKmWL4
tJKmkKP2cmEPnOekXSACK0dVWKTy1K4kqWlL5Mg1A9SGQMahBhq4UfZq7BAM6K3G
VsEoP+whCDIGsGPIwjx424mnpadGaSN+42ysqeiHu/B0TZXqxRe45ytUNMZhU9ZM
VKwQ5IRgUwFImJO/+ZatRlHJAjvjqg9RyvD8Fc7lH5VqAeWhUKQ2iy7C5J4RVQ/+
dFo=
-----END CERTIFICATE-----
Generated at Sun May 11 18:47:32 2025 by rpki-client