Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TltQS9QVpb-aJEvwN_bUjmnKaS8.roa
File: TltQS9QVpb-aJEvwN_bUjmnKaS8.roa (raw, json)
Hash identifier: WjQCPuAw7r/q+Fle10G0S1SZ1LtV4qNky7XCR2kknWY=
Subject key identifier: 4E:5B:50:4B:D4:15:A5:BF:9A:24:4B:F0:37:F6:D4:8E:69:CA:69:2F
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BD0BEF4F3997B610010C886BAD433A31A
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TltQS9QVpb-aJEvwN_bUjmnKaS8.roa
Signing time: Wed 15 Nov 2023 02:10:57 +0000
ROA not before: Wed 15 Nov 2023 02:10:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d0:be:f4:f3:99:7b:61:00:10:c8:86:ba:d4:33:a3:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 15 02:10:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e5b504bd415a5bf9a244bf037f6d48e69ca692f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:48:a9:08:f4:67:e6:55:a8:3c:35:a0:f4:81:
34:bb:5b:6c:eb:93:34:34:7f:ca:c5:4b:9e:de:b4:
da:20:e6:bf:3e:2c:2e:81:5b:b0:bc:67:34:22:10:
d1:49:48:94:e1:47:b6:24:0c:21:09:86:85:f8:b1:
ab:47:4a:79:9c:66:04:06:f8:2c:3b:b1:1a:17:9f:
57:b9:68:4c:9d:89:6a:59:36:28:c9:aa:72:02:ac:
d6:7b:94:2a:45:6d:1b:8a:4c:53:7c:1d:7d:e0:c3:
5b:a0:9e:7b:a7:9c:f6:93:69:e6:f6:cd:33:e0:81:
92:b0:fc:1f:61:4a:09:39:08:37:9e:e0:d3:f9:3b:
79:e9:7c:a4:13:2b:cd:f8:ba:e0:70:37:3e:4a:cd:
43:8d:8d:9f:d8:03:81:56:f4:94:35:59:0d:bc:d3:
ca:5b:c3:dc:c6:2a:9a:83:e7:e4:e5:12:89:63:4b:
d6:6c:d2:2b:7b:63:84:6a:7c:ea:99:cd:f6:19:39:
84:18:79:ec:05:35:26:10:32:d7:38:6a:19:b0:51:
d4:d9:0c:33:37:03:1e:ee:38:35:ff:d1:0c:2a:ea:
5c:7d:35:4c:a9:c8:29:6b:88:17:45:c9:93:97:b0:
28:92:2c:ac:af:8e:f4:5e:b2:c3:07:e5:89:50:48:
1e:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:5B:50:4B:D4:15:A5:BF:9A:24:4B:F0:37:F6:D4:8E:69:CA:69:2F
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TltQS9QVpb-aJEvwN_bUjmnKaS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
13:cc:b1:13:ca:cd:7e:3a:e7:6d:f3:0f:c4:88:89:c3:09:b4:
e5:0a:bf:ee:f8:77:14:5c:91:a7:8f:84:51:8b:0e:55:6b:ec:
c8:5f:25:64:49:21:c9:ba:e7:98:4e:4e:f0:18:e9:ae:fb:9b:
ad:e2:1a:bd:81:5f:92:0e:49:d2:65:86:b5:c3:68:91:f9:9f:
1c:bc:be:f9:b2:82:29:1d:73:2d:1a:03:cf:3d:27:7b:84:44:
3f:c6:5a:6d:8e:08:e4:ab:88:6e:b0:9e:35:33:14:50:b5:e3:
df:6d:9b:9f:aa:2d:e6:5c:4f:be:c2:15:20:be:33:b0:2d:f1:
00:77:4a:fc:fe:33:73:86:05:35:11:56:b7:ea:92:80:28:67:
1c:54:ed:9d:1b:d9:29:ba:f3:39:d1:be:b7:04:4a:7f:f2:8f:
3d:45:e4:34:41:71:cc:71:19:f6:45:c8:53:86:cf:20:eb:10:
33:78:6e:ff:64:31:82:96:72:69:df:b9:95:1b:84:5d:46:b4:
af:38:71:fe:4d:72:e5:a6:fd:41:b9:04:00:50:5b:bc:4c:47:
02:db:50:18:53:d3:28:e9:83:b0:28:7c:70:df:be:d7:a7:23:
67:49:32:22:48:67:07:29:5b:c2:17:96:3b:89:69:22:63:98:
ed:43:c7:60
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvQvvTzmXthABDIhrrUM6MaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTE1MDIxMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTViNTA0YmQ0MTVhNWJmOWEyNDRiZjAzN2Y2ZDQ4ZTY5Y2E2OTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0ipCPRn5lWoPDWg9IE0u1ts65M0
NH/KxUue3rTaIOa/PiwugVuwvGc0IhDRSUiU4Ue2JAwhCYaF+LGrR0p5nGYEBvgs
O7EaF59XuWhMnYlqWTYoyapyAqzWe5QqRW0bikxTfB194MNboJ57p5z2k2nm9s0z
4IGSsPwfYUoJOQg3nuDT+Tt56XykEyvN+LrgcDc+Ss1DjY2f2AOBVvSUNVkNvNPK
W8Pcxiqag+fk5RKJY0vWbNIre2OEanzqmc32GTmEGHnsBTUmEDLXOGoZsFHU2Qwz
NwMe7jg1/9EMKupcfTVMqcgpa4gXRcmTl7Aokiysr470XrLDB+WJUEgeLwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE5bUEvUFaW/miRL8Df21I5pymkvMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVGx0UVM5UVZwYi1hSkV2d05fYlVqbW5LYVM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABPMsRPKzX46523zD8SI
icMJtOUKv+74dxRckaePhFGLDlVr7MhfJWRJIcm655hOTvAY6a77m63iGr2BX5IO
SdJlhrXDaJH5nxy8vvmygikdcy0aA889J3uERD/GWm2OCOSriG6wnjUzFFC1499t
m5+qLeZcT77CFSC+M7At8QB3Svz+M3OGBTURVrfqkoAoZxxU7Z0b2Sm68znRvrcE
Sn/yjz1F5DRBccxxGfZFyFOGzyDrEDN4bv9kMYKWcmnfuZUbhF1GtK84cf5NcuWm
/UG5BABQW7xMRwLbUBhT0yjpg7AofHDfvtenI2dJMiJIZwcpW8IXljuJaSJjmO1D
x2A=
-----END CERTIFICATE-----
Generated at Mon May 12 12:45:46 2025 by rpki-client