Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/NUmJm7NNt5eXgoYYXmN_Pq7B-qo.roa
File: NUmJm7NNt5eXgoYYXmN_Pq7B-qo.roa (raw, json)
Hash identifier: pbB7Qx4pmOzJm6pirGADQvDaiKrrPtP8QBGQYS3HH88=
Subject key identifier: 35:49:89:9B:B3:4D:B7:97:97:82:86:18:5E:63:7F:3E:AE:C1:FA:AA
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B8FC15C535DCA4B8BE3F850F8804F4F60
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/NUmJm7NNt5eXgoYYXmN_Pq7B-qo.roa
Signing time: Thu 02 Nov 2023 11:18:15 +0000
ROA not before: Thu 02 Nov 2023 11:18:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8f:c1:5c:53:5d:ca:4b:8b:e3:f8:50:f8:80:4f:4f:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 2 11:18:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3549899bb34db797978286185e637f3eaec1faaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:74:e0:81:6b:29:c1:43:ac:1c:33:0b:2b:46:
d3:7f:ce:88:ed:ab:10:d1:03:7f:5a:7f:09:07:1f:
70:6e:0b:7d:41:cf:53:f5:90:94:fe:e6:2d:8f:dc:
48:62:0a:e2:ff:d1:15:1b:b4:e4:0b:2a:82:be:45:
dc:72:ca:8b:10:f6:d1:86:74:33:6f:e2:21:cd:b4:
4f:33:69:8d:91:2c:ee:3e:5b:9a:40:85:0b:ee:f8:
a0:b3:a6:c8:65:ec:16:e4:f8:e2:c7:4d:6b:78:46:
5f:cd:9e:15:90:f2:01:41:e9:74:09:6c:a5:b6:9b:
58:1e:4a:32:bb:8e:c3:5e:a4:7e:05:bd:7b:95:92:
47:3c:a6:aa:57:08:a8:69:5c:a2:f4:01:b1:1e:8c:
13:fd:64:e0:b8:6b:de:94:44:4e:32:fd:e1:0e:3d:
67:3a:75:6b:32:bd:19:47:e5:4c:e8:54:e1:6f:dd:
32:58:19:9b:ab:6e:68:ed:eb:0b:9f:9b:24:62:23:
97:3c:be:8d:1c:8a:27:54:1f:67:3e:d1:fb:68:0d:
fa:0e:0f:58:61:b7:a0:db:99:c1:b2:38:df:24:e3:
93:51:48:c8:1a:82:a7:55:36:6a:5a:4e:fe:e4:2e:
09:e1:b2:37:62:57:20:7d:90:bd:8c:22:04:58:66:
f4:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:49:89:9B:B3:4D:B7:97:97:82:86:18:5E:63:7F:3E:AE:C1:FA:AA
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/NUmJm7NNt5eXgoYYXmN_Pq7B-qo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c1:62:da:92:fb:9b:10:11:7d:75:5e:cd:f0:8f:7e:ea:72:3e:
8d:a2:e8:24:78:91:a1:8d:5b:3f:ed:f3:1d:74:3e:8e:50:d8:
5c:b2:d3:e4:52:a5:1f:7e:6e:72:d3:76:b0:65:b8:20:76:d4:
c4:bc:10:5c:df:5d:5d:48:0e:07:f3:13:c7:3d:4a:88:21:f7:
90:63:41:94:e7:16:25:b6:3d:d2:84:af:ce:33:ff:25:a8:b8:
7c:a2:43:38:75:31:23:11:e4:21:c8:4c:35:68:96:9a:35:07:
6c:c4:43:cc:53:7d:79:9c:8e:d5:93:26:44:57:f0:30:f1:3a:
fe:09:00:34:cd:34:bb:30:53:c0:c3:1e:b3:8f:19:03:19:94:
89:bd:70:78:92:b7:f5:e7:00:03:4f:38:87:f4:64:f9:3c:e3:
63:89:d4:ce:40:7f:9f:5f:97:61:bf:88:5a:4d:d5:69:ab:93:
de:62:00:ee:24:13:4c:c7:0e:29:54:b6:76:18:68:5f:ce:ef:
c7:be:2c:41:29:b0:2b:dd:e7:9f:e7:00:9f:3d:b3:d9:7e:37:
5e:b1:ce:27:d7:67:f6:0a:6f:dc:f8:68:f2:ce:08:c3:81:f6:
92:ae:0b:a4:74:cf:7e:26:4f:7c:e2:03:83:3a:59:e1:70:70:
8e:2f:74:60
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuPwVxTXcpLi+P4UPiAT09gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTAyMTExODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTQ5ODk5YmIzNGRiNzk3OTc4Mjg2MTg1ZTYzN2YzZWFlYzFmYWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHTggWspwUOsHDMLK0bTf86I7asQ
0QN/Wn8JBx9wbgt9Qc9T9ZCU/uYtj9xIYgri/9EVG7TkCyqCvkXccsqLEPbRhnQz
b+IhzbRPM2mNkSzuPluaQIUL7vigs6bIZewW5Pjix01reEZfzZ4VkPIBQel0CWyl
tptYHkoyu47DXqR+Bb17lZJHPKaqVwioaVyi9AGxHowT/WTguGvelEROMv3hDj1n
OnVrMr0ZR+VM6FThb90yWBmbq25o7esLn5skYiOXPL6NHIonVB9nPtH7aA36Dg9Y
Ybeg25nBsjjfJOOTUUjIGoKnVTZqWk7+5C4J4bI3YlcgfZC9jCIEWGb0HQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDVJiZuzTbeXl4KGGF5jfz6uwfqqMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvTlVtSm03Tk50NWVYZ29ZWVhtTl9QcTdCLXFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMFi2pL7mxARfXVezfCP
fupyPo2i6CR4kaGNWz/t8x10Po5Q2Fyy0+RSpR9+bnLTdrBluCB21MS8EFzfXV1I
DgfzE8c9Sogh95BjQZTnFiW2PdKEr84z/yWouHyiQzh1MSMR5CHITDVolpo1B2zE
Q8xTfXmcjtWTJkRX8DDxOv4JADTNNLswU8DDHrOPGQMZlIm9cHiSt/XnAANPOIf0
ZPk842OJ1M5Af59fl2G/iFpN1Wmrk95iAO4kE0zHDilUtnYYaF/O78e+LEEpsCvd
55/nAJ89s9l+N16xzifXZ/YKb9z4aPLOCMOB9pKuC6R0z34mT3ziA4M6WeFwcI4v
dGA=
-----END CERTIFICATE-----
Generated at Sat May 10 14:56:24 2025 by rpki-client