Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/NxksNq4kyAzkjh8VQZ9EPOJQkTw.roa
File: NxksNq4kyAzkjh8VQZ9EPOJQkTw.roa (raw, json)
Hash identifier: +dRKdlaAXFmREQ/p1UTJOfYwyhcKXiVNBx2plzD97qY=
Subject key identifier: 37:19:2C:36:AE:24:C8:0C:E4:8E:1F:15:41:9F:44:3C:E2:50:91:3C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B6F8AD4B2F750A34F46AF6DFBA3C27CFA
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/NxksNq4kyAzkjh8VQZ9EPOJQkTw.roa
Signing time: Fri 27 Oct 2023 05:10:51 +0000
ROA not before: Fri 27 Oct 2023 05:10:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:6f85:b3c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6f:8a:d4:b2:f7:50:a3:4f:46:af:6d:fb:a3:c2:7c:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 27 05:10:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37192c36ae24c80ce48e1f15419f443ce250913c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d6:42:fd:41:c2:2c:02:3c:a8:c7:63:a6:9f:
c1:ec:58:ea:0f:59:40:d4:38:cc:e7:c2:23:0e:fb:
60:68:0f:c4:7b:fb:00:89:35:79:fc:81:63:bf:51:
6b:c7:12:e4:fc:77:05:e1:bf:58:45:96:11:e3:b5:
fd:be:8c:ff:0d:99:19:ca:45:e7:3c:ab:85:a6:70:
43:81:bc:c4:b5:e4:b3:d8:00:e7:fa:9e:70:45:e2:
1c:3a:2c:2a:b5:7c:45:08:af:9e:6e:45:3b:f4:fd:
a6:d7:d4:06:75:60:47:9c:d6:e6:5b:d8:d3:0a:f2:
d4:15:5c:63:cd:bf:ba:23:fd:7f:30:fc:b3:e1:47:
25:c1:8c:57:91:9a:7f:6c:89:64:d5:6c:f4:36:5f:
b8:73:e9:d1:ce:a2:54:a5:7d:cb:be:b9:8d:d1:ef:
0a:0e:17:1b:6c:ca:56:49:29:10:79:d3:c9:fe:71:
e6:17:e7:2f:0e:00:b0:fa:b3:19:20:75:5e:a1:e7:
4e:1e:90:42:9d:98:5e:08:04:5f:a9:16:8a:55:43:
8d:8f:3b:e9:34:8f:5e:bb:c1:83:0a:91:bf:86:5c:
b8:c0:4f:39:eb:65:80:c0:f0:9a:ea:02:71:84:f8:
68:cc:82:1f:37:fa:e3:76:ba:aa:9f:08:1a:c7:04:
b7:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:19:2C:36:AE:24:C8:0C:E4:8E:1F:15:41:9F:44:3C:E2:50:91:3C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/NxksNq4kyAzkjh8VQZ9EPOJQkTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
19:06:30:04:89:d5:59:be:0c:a8:58:ad:b1:02:34:50:1f:94:
22:a9:76:f2:62:f9:f5:9e:8b:08:4f:c5:ac:44:67:cb:92:49:
d3:d8:aa:b3:ac:e3:e2:08:7a:11:0d:31:b8:62:fa:39:15:e9:
4e:4e:ff:45:fa:b5:7f:e2:d9:45:14:2f:1e:f8:21:ee:d1:09:
68:b5:35:d3:5a:09:f2:cb:f0:f2:52:cb:dc:54:a0:bd:65:72:
fd:05:ce:f5:42:c3:b8:d4:5a:bb:c5:69:48:f5:c0:8b:cf:56:
c5:3c:50:9f:5c:73:85:f8:8c:aa:d3:80:cb:80:74:ee:7e:8a:
47:94:e2:b5:90:8c:44:62:0c:20:f8:c7:35:ba:48:4f:fd:fc:
4c:55:64:ce:8d:20:b4:2b:01:80:12:4e:fb:41:de:46:c3:6d:
9a:a7:ec:bb:99:52:d2:ef:38:11:7b:31:0f:3c:ef:08:3e:29:
f1:36:c8:e9:cf:4e:19:f6:d6:67:03:af:b7:c0:a8:8c:0e:dd:
a2:dd:f2:fc:1a:20:e0:5e:54:99:58:42:ea:ec:f2:81:1b:fe:
71:ca:6f:eb:4f:39:9f:d0:2e:21:f7:fb:fb:2e:a9:c6:12:42:
1f:40:c7:38:2a:af:7a:18:cd:df:e1:0a:52:05:4f:91:a3:58:
af:b6:ce:03
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtvitSy91CjT0avbfujwnz6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI3MDUxMDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzE5MmMzNmFlMjRjODBjZTQ4ZTFmMTU0MTlmNDQzY2UyNTA5MTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNZC/UHCLAI8qMdjpp/B7FjqD1lA
1DjM58IjDvtgaA/Ee/sAiTV5/IFjv1FrxxLk/HcF4b9YRZYR47X9voz/DZkZykXn
PKuFpnBDgbzEteSz2ADn+p5wReIcOiwqtXxFCK+ebkU79P2m19QGdWBHnNbmW9jT
CvLUFVxjzb+6I/1/MPyz4UclwYxXkZp/bIlk1Wz0Nl+4c+nRzqJUpX3LvrmN0e8K
DhcbbMpWSSkQedPJ/nHmF+cvDgCw+rMZIHVeoedOHpBCnZheCARfqRaKVUONjzvp
NI9eu8GDCpG/hly4wE8562WAwPCa6gJxhPhozIIfN/rjdrqqnwgaxwS3qQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDcZLDauJMgM5I4fFUGfRDziUJE8MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvTnhrc05xNGt5QXpramg4VlFaOUVQT0pRa1R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABkGMASJ1Vm+DKhYrbEC
NFAflCKpdvJi+fWeiwhPxaxEZ8uSSdPYqrOs4+IIehENMbhi+jkV6U5O/0X6tX/i
2UUULx74Ie7RCWi1NdNaCfLL8PJSy9xUoL1lcv0FzvVCw7jUWrvFaUj1wIvPVsU8
UJ9cc4X4jKrTgMuAdO5+ikeU4rWQjERiDCD4xzW6SE/9/ExVZM6NILQrAYASTvtB
3kbDbZqn7LuZUtLvOBF7MQ887wg+KfE2yOnPThn21mcDr7fAqIwO3aLd8vwaIOBe
VJlYQurs8oEb/nHKb+tPOZ/QLiH3+/suqcYSQh9Axzgqr3oYzd/hClIFT5GjWK+2
zgM=
-----END CERTIFICATE-----
Generated at Mon May 12 04:02:54 2025 by rpki-client