Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/UzXTDBRPbNFMoII3F_YiuIj-fKQ.roa
File: UzXTDBRPbNFMoII3F_YiuIj-fKQ.roa (raw, json)
Hash identifier: 37HK4XsRjln4pAId7itNqsFwZilrrZhPEuMZyaGL25w=
Subject key identifier: 53:35:D3:0C:14:4F:6C:D1:4C:A0:82:37:17:F6:22:B8:88:FE:7C:A4
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BD2E446570ACA5B11230A580F4B3A579F
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/UzXTDBRPbNFMoII3F_YiuIj-fKQ.roa
Signing time: Wed 15 Nov 2023 12:10:57 +0000
ROA not before: Wed 15 Nov 2023 12:10:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d2:e4:46:57:0a:ca:5b:11:23:0a:58:0f:4b:3a:57:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 15 12:10:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5335d30c144f6cd14ca0823717f622b888fe7ca4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:3f:e9:de:15:71:8f:ca:8b:34:4e:e6:6d:b9:
35:d2:e5:1c:5e:d2:47:57:e8:37:17:71:90:c7:6b:
9a:cd:e7:3e:4d:4c:c9:01:ee:00:ed:9c:3c:f7:27:
1e:b4:fa:58:66:e0:75:b9:1a:ad:2f:82:d4:dd:22:
c6:fd:d0:92:2d:4d:7d:ed:79:f1:7f:df:e3:58:b0:
f1:6c:fb:35:1a:1f:55:aa:86:b3:45:77:26:18:bb:
98:bb:ae:72:0f:6c:6b:b9:44:cb:71:0e:d8:10:43:
b4:86:78:b0:00:de:35:67:a6:ed:40:2a:8f:a2:eb:
08:d9:3c:61:59:9a:92:b2:26:d3:80:b2:0f:79:66:
cc:33:eb:70:00:9e:72:5c:4a:1f:d4:dd:94:d6:c3:
ee:ac:e8:5c:d9:78:c2:21:9c:41:c2:9e:c2:f6:c0:
8c:e7:73:2a:2a:b1:9d:f1:d8:c8:71:d4:8e:86:8d:
f1:04:fa:26:b3:f0:f2:b7:19:c9:f1:94:98:b5:e7:
ee:65:e2:1a:c9:de:94:3d:30:92:52:c7:d0:3d:6e:
02:f7:55:69:b4:7e:19:b2:17:ff:3d:4c:e4:5f:ee:
b9:19:f1:83:59:f2:d3:e1:db:a3:9b:36:1a:99:c4:
8f:b9:44:9c:bf:88:63:b4:09:91:48:71:d4:63:69:
c9:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:35:D3:0C:14:4F:6C:D1:4C:A0:82:37:17:F6:22:B8:88:FE:7C:A4
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/UzXTDBRPbNFMoII3F_YiuIj-fKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
30:e3:f3:93:46:4e:db:6a:73:0d:c9:a6:ba:25:80:50:73:b3:
01:1d:fb:38:21:91:6c:fd:33:c8:cc:19:b9:50:13:cf:a2:aa:
4f:55:76:ca:e1:c2:bd:d4:9f:4c:97:60:fc:14:1c:63:dd:ea:
2c:0c:49:9a:3d:24:05:73:8f:86:db:57:3d:a5:51:98:17:98:
51:b8:69:00:a5:bd:61:3b:58:34:9d:54:ba:cf:be:fe:5c:5d:
f8:2a:ba:f0:03:d2:65:45:26:4d:0d:cb:e5:98:d8:12:6a:ab:
4a:8d:b8:14:66:1c:73:49:8f:a9:02:2b:b6:8e:28:2f:8b:27:
06:1b:d2:f1:c8:fe:63:12:54:21:a2:e7:47:39:5a:6c:1a:2d:
e1:d4:c1:cc:8a:79:02:74:af:bd:dc:95:9d:96:8f:08:6b:65:
49:10:64:40:58:f1:7c:60:fd:d5:6f:9b:0d:f3:52:96:9f:9c:
6e:8f:e4:b6:dd:ec:a3:e4:bb:92:0e:22:03:ab:17:00:10:50:
1c:7b:73:2e:76:69:80:67:0b:23:dc:af:04:b9:e4:bd:88:0d:
a5:43:a7:5c:16:eb:79:51:48:f6:3b:47:b3:43:76:3d:59:78:
9f:7d:11:4a:3e:da:c4:c3:9b:f7:60:f7:40:21:49:f4:52:8b:
97:3d:e7:44
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvS5EZXCspbESMKWA9LOlefMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTE1MTIxMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzM1ZDMwYzE0NGY2Y2QxNGNhMDgyMzcxN2Y2MjJiODg4ZmU3Y2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzz/p3hVxj8qLNE7mbbk10uUcXtJH
V+g3F3GQx2uazec+TUzJAe4A7Zw89ycetPpYZuB1uRqtL4LU3SLG/dCSLU197Xnx
f9/jWLDxbPs1Gh9VqoazRXcmGLuYu65yD2xruUTLcQ7YEEO0hniwAN41Z6btQCqP
ousI2TxhWZqSsibTgLIPeWbMM+twAJ5yXEof1N2U1sPurOhc2XjCIZxBwp7C9sCM
53MqKrGd8djIcdSOho3xBPoms/DytxnJ8ZSYtefuZeIayd6UPTCSUsfQPW4C91Vp
tH4Zshf/PUzkX+65GfGDWfLT4dujmzYamcSPuUScv4hjtAmRSHHUY2nJNwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFM10wwUT2zRTKCCNxf2IriI/nykMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVXpYVERCUlBiTkZNb0lJM0ZfWWl1SWotZktRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADDj85NGTttqcw3Jprol
gFBzswEd+zghkWz9M8jMGblQE8+iqk9Vdsrhwr3Un0yXYPwUHGPd6iwMSZo9JAVz
j4bbVz2lUZgXmFG4aQClvWE7WDSdVLrPvv5cXfgquvAD0mVFJk0Ny+WY2BJqq0qN
uBRmHHNJj6kCK7aOKC+LJwYb0vHI/mMSVCGi50c5WmwaLeHUwcyKeQJ0r73clZ2W
jwhrZUkQZEBY8Xxg/dVvmw3zUpafnG6P5Lbd7KPku5IOIgOrFwAQUBx7cy52aYBn
CyPcrwS55L2IDaVDp1wW63lRSPY7R7NDdj1ZeJ99EUo+2sTDm/dg90AhSfRSi5c9
50Q=
-----END CERTIFICATE-----
Generated at Sat May 10 19:48:01 2025 by rpki-client