Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/SfV4GQ1zxHehvIbLEgDHASuwoL0.roa
File: SfV4GQ1zxHehvIbLEgDHASuwoL0.roa (raw, json)
Hash identifier: mWnaGMX2H1O878HBNbpdOb8QQLU+TtOhKVLVmjIV/G4=
Subject key identifier: 49:F5:78:19:0D:73:C4:77:A1:BC:86:CB:12:00:C7:01:2B:B0:A0:BD
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AD9230BAC12C10FA4295352801E5D84F4
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/SfV4GQ1zxHehvIbLEgDHASuwoL0.roa
Signing time: Thu 28 Sep 2023 00:14:27 +0000
ROA not before: Thu 28 Sep 2023 00:14:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d9:23:0b:ac:12:c1:0f:a4:29:53:52:80:1e:5d:84:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 28 00:14:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49f578190d73c477a1bc86cb1200c7012bb0a0bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:60:6a:94:21:cb:ae:f8:55:2d:59:54:2b:1f:
58:3b:6e:a5:8e:df:1c:b5:e8:96:16:39:0e:0c:c7:
41:01:23:89:2b:21:b4:ad:44:42:61:80:18:8e:d5:
e0:b5:11:a6:c7:55:a9:0e:e1:b3:4f:3b:1d:a2:b2:
55:12:09:a7:53:11:fd:70:7a:b7:fc:db:8c:76:35:
52:3d:7c:9c:1a:06:e3:05:6c:78:ed:91:8f:78:ec:
20:14:57:b4:35:b8:23:c5:ef:0c:ad:c0:2e:95:38:
cb:93:c5:26:0e:9c:95:3d:7d:16:1f:66:99:93:2b:
5f:1f:ec:a0:05:d8:8e:31:8a:3c:bc:17:b6:32:cd:
cd:c6:48:e4:c5:45:07:73:a6:b5:11:f8:6e:da:cb:
da:e3:90:fe:39:6f:da:e6:1a:eb:40:b9:f3:43:02:
34:89:ad:14:4f:e6:75:a8:31:f5:87:bb:ad:cd:7f:
fe:aa:9c:84:80:28:9e:0a:ae:9d:e5:ab:54:26:d2:
63:1f:c5:cb:5e:e5:ae:b9:11:71:42:cb:29:35:d7:
03:01:e7:8d:93:33:89:83:58:7b:04:b1:20:e1:61:
1d:b1:ed:8b:90:f0:d8:85:86:c5:82:f2:56:bf:15:
9f:f9:e5:25:12:fd:ce:40:8b:12:37:b5:fa:ef:c7:
4e:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:F5:78:19:0D:73:C4:77:A1:BC:86:CB:12:00:C7:01:2B:B0:A0:BD
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/SfV4GQ1zxHehvIbLEgDHASuwoL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
12:eb:c5:d3:3c:43:d9:0e:a6:e9:5c:1b:3b:c2:18:8c:04:b7:
f6:ce:02:8d:ef:45:e5:c3:82:3b:43:ca:b0:f4:a1:6e:e7:57:
bc:7c:1c:e6:47:8b:d9:3d:43:71:bf:92:79:43:6a:e8:29:e8:
12:30:c3:b2:cd:b6:43:68:9c:dc:9e:93:5c:77:e9:89:3d:dc:
8d:84:b2:9f:1a:e2:29:db:a4:01:ae:4a:81:78:57:1c:8d:d0:
f9:cb:ce:f0:49:56:f2:01:32:46:ed:cb:19:f8:3f:fb:fd:fa:
1a:77:a9:2b:64:74:82:ee:81:f2:5d:72:22:ac:81:b1:54:87:
9b:21:ef:3f:1b:e2:a7:5d:15:6b:2a:8f:58:d8:41:3f:27:37:
af:ab:b4:c4:18:04:3f:16:6c:0b:c6:d6:e2:9d:62:94:06:3f:
79:cf:a2:75:5a:b0:a4:46:f7:bd:9c:ef:08:46:e0:80:b3:f8:
40:21:c6:6f:ad:99:97:cf:57:d6:53:fe:e9:f4:a3:9d:f1:d2:
47:8e:bc:76:d9:97:d0:f6:cb:bb:86:d7:cd:04:67:b3:6e:d3:
4b:15:f4:aa:17:4d:9f:bc:db:83:f5:f8:9e:42:13:82:2b:4a:
df:b4:76:07:79:56:ad:6b:d4:f3:b0:85:ff:1f:90:b5:3a:89:
ef:87:0b:29
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrZIwusEsEPpClTUoAeXYT0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI4MDAxNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWY1NzgxOTBkNzNjNDc3YTFiYzg2Y2IxMjAwYzcwMTJiYjBhMGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGBqlCHLrvhVLVlUKx9YO26ljt8c
teiWFjkODMdBASOJKyG0rURCYYAYjtXgtRGmx1WpDuGzTzsdorJVEgmnUxH9cHq3
/NuMdjVSPXycGgbjBWx47ZGPeOwgFFe0Nbgjxe8MrcAulTjLk8UmDpyVPX0WH2aZ
kytfH+ygBdiOMYo8vBe2Ms3NxkjkxUUHc6a1Efhu2sva45D+OW/a5hrrQLnzQwI0
ia0UT+Z1qDH1h7utzX/+qpyEgCieCq6d5atUJtJjH8XLXuWuuRFxQsspNdcDAeeN
kzOJg1h7BLEg4WEdse2LkPDYhYbFgvJWvxWf+eUlEv3OQIsSN7X678dOBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEn1eBkNc8R3obyGyxIAxwErsKC9MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvU2ZWNEdRMXp4SGVodkliTEVnREhBU3V3b0wwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABLrxdM8Q9kOpulcGzvC
GIwEt/bOAo3vReXDgjtDyrD0oW7nV7x8HOZHi9k9Q3G/knlDaugp6BIww7LNtkNo
nNyek1x36Yk93I2Esp8a4inbpAGuSoF4VxyN0PnLzvBJVvIBMkbtyxn4P/v9+hp3
qStkdILugfJdciKsgbFUh5sh7z8b4qddFWsqj1jYQT8nN6+rtMQYBD8WbAvG1uKd
YpQGP3nPonVasKRG972c7whG4ICz+EAhxm+tmZfPV9ZT/un0o53x0keOvHbZl9D2
y7uG180EZ7Nu00sV9KoXTZ+824P1+J5CE4IrSt+0dgd5Vq1r1POwhf8fkLU6ie+H
Cyk=
-----END CERTIFICATE-----
Generated at Sun May 11 10:27:47 2025 by rpki-client