Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/N0Lh5BaLX7fpqihxCx5WQsH4Aoo.roa
File: N0Lh5BaLX7fpqihxCx5WQsH4Aoo.roa (raw, json)
Hash identifier: o5sVcGy4t0BUegoH6A4iiygLqYWhalimVLdBJR3b+e4=
Subject key identifier: 37:42:E1:E4:16:8B:5F:B7:E9:AA:28:71:0B:1E:56:42:C1:F8:02:8A
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C5E29CA9CFE77C339FD82310EB5488E6D
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/N0Lh5BaLX7fpqihxCx5WQsH4Aoo.roa
Signing time: Tue 12 Dec 2023 13:14:06 +0000
ROA not before: Tue 12 Dec 2023 13:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5e:29:ca:9c:fe:77:c3:39:fd:82:31:0e:b5:48:8e:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 12 13:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3742e1e4168b5fb7e9aa28710b1e5642c1f8028a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:61:a9:9a:3d:46:de:5e:78:2e:6f:78:c3:2f:
5f:5a:04:b8:47:47:60:c9:4a:8d:c8:4c:7f:26:33:
35:dd:ca:f5:62:aa:7e:d7:38:23:1c:29:1b:e6:3a:
aa:49:f5:77:49:eb:5a:e3:a0:4e:4e:18:83:66:c8:
16:99:b8:38:52:95:66:d6:af:b6:31:fb:40:96:08:
b3:a7:6c:f9:0d:e8:7f:2a:6c:0b:83:4b:3c:67:65:
21:ec:48:31:5d:1e:c2:de:aa:e0:15:b4:cd:b3:12:
4e:e3:88:41:8a:59:c5:89:d3:57:3e:d5:74:d4:44:
e5:96:6f:5b:96:5e:40:c9:37:dd:13:5f:5c:7b:b7:
37:18:a9:bd:7e:0d:fc:2b:4d:aa:ad:f8:16:e4:e4:
fe:47:db:aa:90:19:77:47:52:0f:f6:bf:80:f8:97:
1f:54:82:83:10:ee:07:04:17:6a:03:99:60:c2:92:
fe:06:94:70:aa:c4:39:e0:db:09:d5:93:da:48:86:
fa:75:22:b9:27:ab:77:97:cf:c1:0c:42:56:45:d1:
58:f3:a5:53:77:a0:09:d3:d6:c5:8b:25:63:00:c0:
a6:2b:60:6b:30:17:23:d2:9f:4f:6f:38:16:3c:35:
d7:c6:86:7e:ec:b0:75:b9:77:4d:25:af:dc:11:c1:
6b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:42:E1:E4:16:8B:5F:B7:E9:AA:28:71:0B:1E:56:42:C1:F8:02:8A
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/N0Lh5BaLX7fpqihxCx5WQsH4Aoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0a:a7:02:50:e3:b0:dd:22:95:1a:14:aa:65:3b:c5:b3:3e:ca:
39:52:7c:e1:7b:73:ef:3a:37:23:39:b9:8c:5b:43:5c:8f:df:
a7:fc:12:6d:34:09:f8:7d:9c:83:00:8a:16:bf:f6:f9:77:ba:
59:a5:49:50:70:28:2d:32:e5:16:e6:02:51:47:95:4b:9c:ab:
22:d0:b5:e0:9c:b7:e0:6c:03:a2:86:12:48:b5:0d:2d:18:ed:
82:ef:e8:d9:fc:3d:e0:f8:f2:d6:6b:fe:5d:f4:4c:c2:3a:78:
54:7c:d6:2c:bb:cf:d1:87:24:9b:86:72:a3:8d:a9:14:59:de:
e9:95:89:0a:be:4f:6e:ad:8a:dc:3d:38:f5:53:40:60:4d:d7:
4e:dd:37:54:ed:6b:a3:13:ad:3f:e5:bc:45:e9:0d:a1:21:75:
74:35:a1:ff:af:f5:16:23:a2:d1:14:4a:c6:5e:09:24:7f:30:
94:1a:11:3f:3a:94:dc:72:9a:c2:58:04:c4:84:fa:3b:89:02:
3c:e6:02:b1:d4:46:d6:52:09:33:aa:21:93:1e:ed:8e:b1:23:
06:02:dd:92:9e:1e:e5:d3:ac:c4:6f:ec:f5:13:a1:35:c1:c2:
64:1e:3c:f6:43:60:5c:c8:6f:f0:6a:7c:a5:4e:72:b6:c3:ca:
a9:78:c4:62
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxeKcqc/nfDOf2CMQ61SI5tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjEyMTMxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzQyZTFlNDE2OGI1ZmI3ZTlhYTI4NzEwYjFlNTY0MmMxZjgwMjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2Gpmj1G3l54Lm94wy9fWgS4R0dg
yUqNyEx/JjM13cr1Yqp+1zgjHCkb5jqqSfV3Seta46BOThiDZsgWmbg4UpVm1q+2
MftAlgizp2z5Deh/KmwLg0s8Z2Uh7EgxXR7C3qrgFbTNsxJO44hBilnFidNXPtV0
1ETllm9bll5AyTfdE19ce7c3GKm9fg38K02qrfgW5OT+R9uqkBl3R1IP9r+A+Jcf
VIKDEO4HBBdqA5lgwpL+BpRwqsQ54NsJ1ZPaSIb6dSK5J6t3l8/BDEJWRdFY86VT
d6AJ09bFiyVjAMCmK2BrMBcj0p9PbzgWPDXXxoZ+7LB1uXdNJa/cEcFr2wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDdC4eQWi1+36aoocQseVkLB+AKKMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvTjBMaDVCYUxYN2ZwcWloeEN4NVdRc0g0QW9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAqnAlDjsN0ilRoUqmU7
xbM+yjlSfOF7c+86NyM5uYxbQ1yP36f8Em00Cfh9nIMAiha/9vl3ulmlSVBwKC0y
5RbmAlFHlUucqyLQteCct+BsA6KGEki1DS0Y7YLv6Nn8PeD48tZr/l30TMI6eFR8
1iy7z9GHJJuGcqONqRRZ3umViQq+T26titw9OPVTQGBN107dN1Tta6MTrT/lvEXp
DaEhdXQ1of+v9RYjotEUSsZeCSR/MJQaET86lNxymsJYBMSE+juJAjzmArHURtZS
CTOqIZMe7Y6xIwYC3ZKeHuXTrMRv7PUToTXBwmQePPZDYFzIb/BqfKVOcrbDyql4
xGI=
-----END CERTIFICATE-----
Generated at Sat May 10 18:47:31 2025 by rpki-client