Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TnOMNbccyFEj3HoIsHZMujwl8sM.roa
File: TnOMNbccyFEj3HoIsHZMujwl8sM.roa (raw, json)
Hash identifier: JcTlakO1IMZWZWRIBJqrf1FUqPDJTeJYVrJOLVUcEqA=
Subject key identifier: 4E:73:8C:35:B7:1C:C8:51:23:DC:7A:08:B0:76:4C:BA:3C:25:F2:C3
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BDA64808BE15A45FB9597FAFF8D15ED8F
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TnOMNbccyFEj3HoIsHZMujwl8sM.roa
Signing time: Thu 16 Nov 2023 23:08:21 +0000
ROA not before: Thu 16 Nov 2023 23:08:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:da:64:80:8b:e1:5a:45:fb:95:97:fa:ff:8d:15:ed:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 16 23:08:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e738c35b71cc85123dc7a08b0764cba3c25f2c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:1e:2b:e9:be:a4:a5:f3:45:71:a7:b7:da:68:
5a:7e:a7:5a:5c:5c:1f:3b:33:18:dc:f6:81:e6:56:
38:a3:cd:f9:ec:90:27:66:3d:c7:58:0d:b8:c5:f1:
fe:83:c2:47:d7:3c:b3:a3:d3:5f:39:0a:e7:17:ea:
40:0a:4a:4c:df:4b:a4:e4:76:67:5e:02:42:05:8e:
66:c6:cb:f3:bf:f1:24:43:e0:59:cc:f7:e6:1b:11:
35:9c:b4:3b:12:6e:01:03:bb:62:32:84:c4:64:64:
a9:4d:9d:b8:04:0f:86:6a:86:82:d4:c1:0c:73:2f:
8a:d2:29:01:ec:6a:c8:c6:08:a7:bc:69:56:ae:9c:
4f:3d:74:25:71:b9:98:aa:7b:8d:25:36:f4:d9:db:
70:e0:1a:ad:bd:3c:23:43:dd:0e:41:f2:28:fe:51:
fa:df:09:2a:26:25:a8:17:d8:67:69:fb:44:aa:2c:
a4:f0:80:24:55:d5:49:c0:d9:27:80:a2:12:0d:24:
d9:df:70:ad:32:14:35:80:9c:46:a0:bc:cc:1e:e5:
7f:10:de:da:ca:16:a4:a8:ed:0b:cf:51:19:db:3c:
0c:bf:b3:d0:dd:45:01:3f:76:0c:ad:5b:ea:ac:63:
68:83:4d:82:a5:36:5e:aa:03:1f:80:17:2a:23:88:
f7:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:73:8C:35:B7:1C:C8:51:23:DC:7A:08:B0:76:4C:BA:3C:25:F2:C3
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TnOMNbccyFEj3HoIsHZMujwl8sM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7b:fc:80:a5:e7:bd:9b:64:e0:85:a4:38:a9:a5:34:e8:a0:64:
0a:33:76:1f:52:09:ff:3c:b3:3c:12:22:e0:0a:1a:fd:eb:8f:
81:ab:3a:8d:9b:d3:42:e8:9a:66:3d:51:66:17:80:ae:05:dc:
f1:91:2a:e4:50:b6:71:cf:59:2f:73:36:53:c3:73:a9:c2:c8:
4e:68:6f:c3:9a:f3:d5:53:7e:29:e6:e6:f7:1f:d2:85:60:47:
5e:74:c8:d1:ef:10:9c:a1:e9:f2:7f:af:0b:16:66:59:58:86:
04:19:ee:61:b1:0b:25:21:62:76:16:3f:fc:34:44:ff:9c:ca:
4f:de:55:61:ae:c9:a8:18:b9:ad:4e:c1:2a:7e:58:cc:13:a3:
46:76:bf:da:d1:25:ca:bb:c1:91:47:fd:ed:56:32:b5:92:d1:
25:9d:21:29:72:b7:97:f7:89:18:ae:5d:e7:23:c4:66:9c:4f:
09:e1:28:97:ce:68:e8:a5:ab:75:9a:27:31:37:7a:eb:8d:27:
d7:de:b5:7b:a2:dc:cb:2c:23:e7:a9:87:d5:0c:1c:df:7b:29:
bc:26:c9:f4:81:1b:50:8f:d2:31:e6:21:05:08:49:16:88:74:
09:91:ab:b0:e3:b8:d1:09:8b:1c:db:52:b7:db:71:22:60:9f:
b1:83:99:32
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvaZICL4VpF+5WX+v+NFe2PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTE2MjMwODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTczOGMzNWI3MWNjODUxMjNkYzdhMDhiMDc2NGNiYTNjMjVmMmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkB4r6b6kpfNFcae32mhafqdaXFwf
OzMY3PaB5lY4o8357JAnZj3HWA24xfH+g8JH1zyzo9NfOQrnF+pACkpM30uk5HZn
XgJCBY5mxsvzv/EkQ+BZzPfmGxE1nLQ7Em4BA7tiMoTEZGSpTZ24BA+GaoaC1MEM
cy+K0ikB7GrIxginvGlWrpxPPXQlcbmYqnuNJTb02dtw4BqtvTwjQ90OQfIo/lH6
3wkqJiWoF9hnaftEqiyk8IAkVdVJwNkngKISDSTZ33CtMhQ1gJxGoLzMHuV/EN7a
yhakqO0Lz1EZ2zwMv7PQ3UUBP3YMrVvqrGNog02CpTZeqgMfgBcqI4j3fwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE5zjDW3HMhRI9x6CLB2TLo8JfLDMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVG5PTU5iY2N5RkVqM0hvSXNIWk11andsOHNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHv8gKXnvZtk4IWkOKml
NOigZAozdh9SCf88szwSIuAKGv3rj4GrOo2b00LommY9UWYXgK4F3PGRKuRQtnHP
WS9zNlPDc6nCyE5ob8Oa89VTfinm5vcf0oVgR150yNHvEJyh6fJ/rwsWZllYhgQZ
7mGxCyUhYnYWP/w0RP+cyk/eVWGuyagYua1OwSp+WMwTo0Z2v9rRJcq7wZFH/e1W
MrWS0SWdISlyt5f3iRiuXecjxGacTwnhKJfOaOilq3WaJzE3euuNJ9fetXui3Mss
I+eph9UMHN97KbwmyfSBG1CP0jHmIQUISRaIdAmRq7DjuNEJixzbUrfbcSJgn7GD
mTI=
-----END CERTIFICATE-----
Generated at Sat May 10 11:41:34 2025 by rpki-client