Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PTDcURezBtymdvJ6nGgd6uYMyG0.roa
File: PTDcURezBtymdvJ6nGgd6uYMyG0.roa (raw, json)
Hash identifier: Wz3kiXIeUjcPrloh4i4jkUZ0fKf3WEhDmb3bmn3lbE0=
Subject key identifier: 3D:30:DC:51:17:B3:06:DC:A6:76:F2:7A:9C:68:1D:EA:E6:0C:C8:6D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C34EE8020BCD87A91A635A7E6F4D8DEF8
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PTDcURezBtymdvJ6nGgd6uYMyG0.roa
Signing time: Mon 04 Dec 2023 13:04:54 +0000
ROA not before: Mon 04 Dec 2023 13:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:34ed:e1f7/128 maxlen: 128
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:34:ee:80:20:bc:d8:7a:91:a6:35:a7:e6:f4:d8:de:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 4 13:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d30dc5117b306dca676f27a9c681deae60cc86d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:0e:85:9b:a6:ba:79:16:8e:1e:82:2a:e8:da:
41:c5:78:25:bf:44:52:fb:3b:c2:0e:a8:2c:3d:1f:
57:d9:ad:b8:35:0d:d2:47:ad:09:da:d3:5f:47:22:
0b:ae:6a:99:77:85:d1:8a:bf:8e:4b:50:71:b6:7d:
ae:84:e8:e6:a9:bb:01:a8:35:af:af:55:eb:45:61:
7d:74:d9:bb:f1:6c:47:ed:ef:42:e6:b2:90:d0:f1:
f0:d9:61:d4:5b:1f:38:00:05:17:3c:61:51:f1:29:
63:e4:0f:e3:b6:f4:69:24:6b:43:24:f0:4c:af:24:
1e:77:0c:01:98:c6:b2:d2:ee:11:0d:7b:8f:4e:45:
5b:1b:07:96:11:bb:a5:b5:3b:30:ec:6d:dc:0e:2b:
e7:b8:2e:67:00:0f:b0:e9:df:42:20:bb:b6:ae:44:
40:ae:23:26:14:eb:7e:e1:6d:49:6a:91:cb:ef:29:
3e:7b:14:ce:6e:70:f6:cb:92:5f:57:2e:48:a1:20:
95:ac:d1:e8:b3:d6:82:df:aa:03:fc:e1:d2:b1:47:
c9:56:cc:22:8d:e0:b3:50:67:34:c4:09:82:81:ca:
7e:da:96:07:21:53:58:c3:4c:58:a6:34:91:76:3e:
ce:3f:74:c6:c5:20:75:13:12:17:95:96:48:66:db:
da:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:30:DC:51:17:B3:06:DC:A6:76:F2:7A:9C:68:1D:EA:E6:0C:C8:6D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PTDcURezBtymdvJ6nGgd6uYMyG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
79:d2:39:7a:bf:af:e2:35:dd:64:29:69:b2:c1:ec:14:11:b6:
fd:1e:0b:b3:51:16:8e:a0:6c:cc:ab:49:0c:e8:0a:fa:92:5c:
ae:89:d5:e8:12:e1:74:3d:64:b0:44:11:13:e8:87:f3:10:45:
e1:ce:73:a3:33:26:8f:52:5d:ea:fa:a8:50:6d:d4:1b:00:a8:
2a:9b:52:cd:b0:a5:2f:d0:2d:f0:c1:f0:eb:05:79:40:ad:d0:
33:25:b6:bd:51:69:57:85:26:33:2b:9c:d4:7d:d1:30:af:31:
4e:f7:74:a6:df:bb:39:6a:83:7e:dd:8a:97:bb:c0:2f:05:08:
dc:f3:c3:75:57:ef:5d:5c:0d:6a:50:a3:96:10:76:01:38:00:
0a:80:92:9d:e4:18:07:2f:6e:f4:22:38:38:98:7a:df:76:69:
42:33:f5:61:c9:57:72:79:cb:a4:80:ab:c3:93:dd:da:60:8b:
6a:f0:d6:c4:76:53:f7:b3:7d:44:28:21:47:fa:9f:66:96:bb:
ae:21:40:62:28:a9:67:87:b0:aa:fd:9b:25:54:3e:17:82:79:
c8:90:3f:05:98:87:d4:7d:ae:0e:85:50:17:00:c2:b1:4d:d0:
6a:6b:f3:f7:f0:3c:bc:9b:09:f6:cc:ec:c5:25:87:74:a3:e6:
9d:ed:94:ba
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYw07oAgvNh6kaY1p+b02N74MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA0MTMwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDMwZGM1MTE3YjMwNmRjYTY3NmYyN2E5YzY4MWRlYWU2MGNjODZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqg6Fm6a6eRaOHoIq6NpBxXglv0RS
+zvCDqgsPR9X2a24NQ3SR60J2tNfRyILrmqZd4XRir+OS1Bxtn2uhOjmqbsBqDWv
r1XrRWF9dNm78WxH7e9C5rKQ0PHw2WHUWx84AAUXPGFR8Slj5A/jtvRpJGtDJPBM
ryQedwwBmMay0u4RDXuPTkVbGweWEbultTsw7G3cDivnuC5nAA+w6d9CILu2rkRA
riMmFOt+4W1JapHL7yk+exTObnD2y5JfVy5IoSCVrNHos9aC36oD/OHSsUfJVswi
jeCzUGc0xAmCgcp+2pYHIVNYw0xYpjSRdj7OP3TGxSB1ExIXlZZIZtvazwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD0w3FEXswbcpnbyepxoHermDMhtMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUFREY1VSZXpCdHltZHZKNm5HZ2Q2dVlNeUcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHnSOXq/r+I13WQpabLB
7BQRtv0eC7NRFo6gbMyrSQzoCvqSXK6J1egS4XQ9ZLBEERPoh/MQReHOc6MzJo9S
Xer6qFBt1BsAqCqbUs2wpS/QLfDB8OsFeUCt0DMltr1RaVeFJjMrnNR90TCvMU73
dKbfuzlqg37dipe7wC8FCNzzw3VX711cDWpQo5YQdgE4AAqAkp3kGAcvbvQiODiY
et92aUIz9WHJV3J5y6SAq8OT3dpgi2rw1sR2U/ezfUQoIUf6n2aWu64hQGIoqWeH
sKr9myVUPheCeciQPwWYh9R9rg6FUBcAwrFN0Gpr8/fwPLybCfbM7MUlh3Sj5p3t
lLo=
-----END CERTIFICATE-----
Generated at Mon May 12 04:29:13 2025 by rpki-client