Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/U4kMQ6ExlSPvmCZleLe2QhDe50s.roa
File: U4kMQ6ExlSPvmCZleLe2QhDe50s.roa (raw, json)
Hash identifier: wD2j7HwwxXIUmG3zUF2epPeM+nQbX3y9bnZweEB6/y0=
Subject key identifier: 53:89:0C:43:A1:31:95:23:EF:98:26:65:78:B7:B6:42:10:DE:E7:4B
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C820071CCB30CCAB43A81C0A539648BC5
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/U4kMQ6ExlSPvmCZleLe2QhDe50s.roa
Signing time: Tue 19 Dec 2023 12:15:16 +0000
ROA not before: Tue 19 Dec 2023 12:15:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:82:00:71:cc:b3:0c:ca:b4:3a:81:c0:a5:39:64:8b:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 19 12:15:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53890c43a1319523ef98266578b7b64210dee74b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:f0:5c:71:1b:cb:80:01:34:3f:ba:28:8f:0a:
23:f9:f7:69:18:fb:d4:07:bf:fc:2e:10:7f:d9:6f:
5b:3b:e0:30:6b:95:13:d6:f8:0e:ca:59:2f:6e:2b:
ba:f5:e8:91:ba:4d:ef:5a:1b:e8:4b:af:3a:de:da:
cb:33:5d:6d:60:b0:29:5c:33:be:9b:cd:24:5d:02:
af:99:30:ad:68:18:92:11:14:f1:8a:79:49:97:77:
f9:7b:1e:d2:3a:20:6c:34:2c:2a:9d:7c:0f:46:c6:
bc:44:87:e9:96:cc:ba:f0:a3:d7:d1:15:c2:74:74:
1b:c0:9d:59:03:7b:8e:e7:75:50:2a:d7:dd:24:2d:
b1:56:bb:29:21:0b:c9:78:71:d7:c9:44:e5:8b:ea:
2c:71:cd:f4:79:b7:ec:c9:22:15:4c:21:61:5e:47:
70:e8:13:7a:da:ba:9d:6d:85:68:a8:c7:69:73:44:
b5:81:8c:26:12:da:e5:d5:bd:f9:7b:c8:3e:54:1d:
85:49:ef:64:4b:4b:e0:55:c9:a8:71:94:8e:21:1d:
16:a4:1d:fa:a3:b2:81:f7:82:0e:26:d5:f0:3e:70:
d1:74:ff:cb:6b:f7:1b:63:8e:cc:07:3c:03:81:cb:
86:4b:7c:ff:6b:10:12:fa:3c:6d:fe:5c:2f:6d:bb:
aa:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:89:0C:43:A1:31:95:23:EF:98:26:65:78:B7:B6:42:10:DE:E7:4B
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/U4kMQ6ExlSPvmCZleLe2QhDe50s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3b:68:09:63:7f:48:aa:79:e8:cb:ae:80:a5:ef:b1:eb:e2:cd:
c8:c2:f8:59:ed:9c:4c:1c:52:3e:63:85:87:f4:8c:d6:c7:fb:
00:f0:10:26:73:37:83:e7:c5:7b:d9:16:5c:94:f2:bd:48:eb:
4f:dc:d2:f6:9b:6c:65:77:cc:af:70:92:48:32:7b:d7:4c:24:
d5:15:d8:6c:11:c8:d7:11:04:dd:31:df:66:ff:55:94:9c:c5:
07:84:15:97:c5:23:c3:2a:5b:7a:f6:c3:86:b5:d1:ff:ee:bf:
cd:9a:7b:a7:ca:7d:5e:8e:d6:a4:12:82:7d:f7:a7:76:3a:15:
1a:d5:17:07:58:19:72:a4:d5:e2:f8:e6:8b:e9:6c:aa:ac:be:
38:e9:a0:4d:1e:7a:73:19:50:91:d7:85:27:fd:55:fb:c3:bb:
06:13:c8:71:af:38:3d:f6:0f:ee:5a:b7:86:54:2b:6a:b5:aa:
0d:67:e7:70:a8:14:f1:43:cd:57:61:0e:cc:1a:88:75:55:eb:
81:33:2d:b2:9f:fa:43:5a:8f:0f:67:a8:61:32:94:77:10:ce:
dc:3e:25:d8:1f:75:f7:7c:03:72:d9:1e:35:c7:4f:f3:1a:8e:
2d:05:fe:2e:7b:69:f9:58:da:29:c7:58:51:db:ab:40:6c:3e:
29:36:8c:cf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyCAHHMswzKtDqBwKU5ZIvFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE5MTIxNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mzg5MGM0M2ExMzE5NTIzZWY5ODI2NjU3OGI3YjY0MjEwZGVlNzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfBccRvLgAE0P7oojwoj+fdpGPvU
B7/8LhB/2W9bO+Awa5UT1vgOylkvbiu69eiRuk3vWhvoS6863trLM11tYLApXDO+
m80kXQKvmTCtaBiSERTxinlJl3f5ex7SOiBsNCwqnXwPRsa8RIfplsy68KPX0RXC
dHQbwJ1ZA3uO53VQKtfdJC2xVrspIQvJeHHXyUTli+oscc30ebfsySIVTCFhXkdw
6BN62rqdbYVoqMdpc0S1gYwmEtrl1b35e8g+VB2FSe9kS0vgVcmocZSOIR0WpB36
o7KB94IOJtXwPnDRdP/La/cbY47MBzwDgcuGS3z/axAS+jxt/lwvbbuqnQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFOJDEOhMZUj75gmZXi3tkIQ3udLMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVTRrTVE2RXhsU1B2bUNabGVMZTJRaERlNTBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADtoCWN/SKp56MuugKXv
sevizcjC+FntnEwcUj5jhYf0jNbH+wDwECZzN4PnxXvZFlyU8r1I60/c0vabbGV3
zK9wkkgye9dMJNUV2GwRyNcRBN0x32b/VZScxQeEFZfFI8MqW3r2w4a10f/uv82a
e6fKfV6O1qQSgn33p3Y6FRrVFwdYGXKk1eL45ovpbKqsvjjpoE0eenMZUJHXhSf9
VfvDuwYTyHGvOD32D+5at4ZUK2q1qg1n53CoFPFDzVdhDswaiHVV64EzLbKf+kNa
jw9nqGEylHcQztw+Jdgfdfd8A3LZHjXHT/Maji0F/i57aflY2inHWFHbq0BsPik2
jM8=
-----END CERTIFICATE-----
Generated at Mon May 12 12:28:29 2025 by rpki-client