Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/U9qCWhYHdo7X1S4K_-5Kz7ICi7g.roa
File: U9qCWhYHdo7X1S4K_-5Kz7ICi7g.roa (raw, json)
Hash identifier: qlY1gmyyex88TlUlXmxoEjPLFXVqVI2cwz9tt4D0NNk=
Subject key identifier: 53:DA:82:5A:16:07:76:8E:D7:D5:2E:0A:FF:EE:4A:CF:B2:02:8B:B8
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BFCF82B7B5C11E29A2070A12C248E629B
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/U9qCWhYHdo7X1S4K_-5Kz7ICi7g.roa
Signing time: Thu 23 Nov 2023 16:16:44 +0000
ROA not before: Thu 23 Nov 2023 16:16:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fc:f8:2b:7b:5c:11:e2:9a:20:70:a1:2c:24:8e:62:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 23 16:16:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53da825a1607768ed7d52e0affee4acfb2028bb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:0f:89:29:ae:f3:aa:e1:c4:8c:08:f2:ad:3a:
a7:ec:2e:83:ec:fc:ca:14:d0:ee:2a:dd:73:53:41:
64:74:54:c4:2f:87:30:3b:72:f9:15:69:86:0a:74:
5f:bd:2e:28:9c:c1:52:f9:80:0c:2d:ff:58:b0:b7:
84:5d:ae:58:3a:e5:3f:dd:5c:bf:8a:6b:a2:4b:84:
41:40:88:a8:f5:5c:7e:2e:d9:4c:bf:73:ec:7f:62:
bc:99:6a:35:91:9d:29:7e:b7:b1:4f:18:49:b5:ef:
cd:11:4c:c8:82:fa:02:58:56:12:6f:2d:c7:a8:fd:
f4:18:f8:57:58:9a:71:e8:f2:0f:be:22:60:bc:6f:
b9:f9:f2:dd:35:3b:3d:2e:ba:fe:7d:e8:1e:bd:d5:
8a:5c:16:44:4b:ec:dc:73:be:d8:16:6e:ad:d5:b4:
4b:01:77:ca:b0:ec:ec:16:e9:ed:6e:13:66:a9:6d:
50:18:bf:06:a6:c1:b4:c4:24:d1:ec:08:21:c5:89:
d1:7e:4d:9b:fd:74:71:8a:93:c3:cc:d4:5c:b8:0e:
55:35:f8:18:a0:4d:91:ce:e0:a3:e1:e9:f5:65:cf:
8c:d9:8b:0e:38:56:dc:14:cf:59:be:a9:f7:45:d1:
19:68:60:2e:b6:72:46:f4:ab:ca:0d:76:04:74:2a:
e8:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:DA:82:5A:16:07:76:8E:D7:D5:2E:0A:FF:EE:4A:CF:B2:02:8B:B8
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/U9qCWhYHdo7X1S4K_-5Kz7ICi7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
69:6f:cc:c1:36:13:9c:7c:25:80:d1:d2:df:25:b6:5d:79:22:
f2:5e:1b:95:71:76:b1:f4:ee:bc:af:3b:89:af:88:20:fa:9d:
4d:bd:eb:01:ac:24:ff:e8:cf:ad:19:6f:4e:14:c1:ea:d1:f8:
2d:60:21:f1:ec:31:e8:fe:cf:4b:81:2f:f7:5e:cd:f0:09:27:
47:7d:f7:ec:46:15:6a:1d:88:d9:4c:13:fa:ac:66:e7:9b:4f:
23:88:24:11:3c:2c:2f:79:0d:35:18:90:cc:78:9d:59:51:72:
70:48:d0:32:0d:d3:ae:fc:f9:d6:80:33:2f:38:4b:a2:dc:e3:
2f:b1:33:4f:56:46:5e:85:45:6b:2c:2a:f6:7c:a8:3c:af:b7:
66:d6:3b:f7:c1:36:02:6d:7f:ef:83:4f:35:1a:a3:c1:1a:3a:
b4:2d:0c:59:ee:48:f7:21:f1:c7:39:6b:86:58:b1:a1:7d:16:
42:a9:9c:80:6d:34:a0:8b:f8:42:a3:d3:2b:fe:b4:6d:94:67:
55:97:4a:11:4d:cb:8b:55:e4:3d:83:64:82:d3:23:60:d7:b9:
54:9e:8c:31:7a:f8:05:88:5d:38:5e:8f:19:e2:a3:d6:ee:55:
75:89:57:f5:c6:9f:56:17:77:22:62:c1:e0:fd:e9:87:05:8e:
cf:eb:81:ca
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYv8+Ct7XBHimiBwoSwkjmKbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTIzMTYxNjQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2RhODI1YTE2MDc3NjhlZDdkNTJlMGFmZmVlNGFjZmIyMDI4YmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwg+JKa7zquHEjAjyrTqn7C6D7PzK
FNDuKt1zU0FkdFTEL4cwO3L5FWmGCnRfvS4onMFS+YAMLf9YsLeEXa5YOuU/3Vy/
imuiS4RBQIio9Vx+LtlMv3Psf2K8mWo1kZ0pfrexTxhJte/NEUzIgvoCWFYSby3H
qP30GPhXWJpx6PIPviJgvG+5+fLdNTs9Lrr+fegevdWKXBZES+zcc77YFm6t1bRL
AXfKsOzsFuntbhNmqW1QGL8GpsG0xCTR7AghxYnRfk2b/XRxipPDzNRcuA5VNfgY
oE2RzuCj4en1Zc+M2YsOOFbcFM9Zvqn3RdEZaGAutnJG9KvKDXYEdCro0QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFPagloWB3aO19UuCv/uSs+yAou4MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVTlxQ1doWUhkbzdYMVM0S18tNUt6N0lDaTdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGlvzME2E5x8JYDR0t8l
tl15IvJeG5VxdrH07ryvO4mviCD6nU296wGsJP/oz60Zb04UwerR+C1gIfHsMej+
z0uBL/dezfAJJ0d99+xGFWodiNlME/qsZuebTyOIJBE8LC95DTUYkMx4nVlRcnBI
0DIN0678+daAMy84S6Lc4y+xM09WRl6FRWssKvZ8qDyvt2bWO/fBNgJtf++DTzUa
o8EaOrQtDFnuSPch8cc5a4ZYsaF9FkKpnIBtNKCL+EKj0yv+tG2UZ1WXShFNy4tV
5D2DZILTI2DXuVSejDF6+AWIXThejxnio9buVXWJV/XGn1YXdyJiweD96YcFjs/r
gco=
-----END CERTIFICATE-----
Generated at Fri May 16 14:35:01 2025 by rpki-client