Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Uzz49uyIGvQbRyjl60PeYGxTXQE.roa
File: Uzz49uyIGvQbRyjl60PeYGxTXQE.roa (raw, json)
Hash identifier: W57IOTtdf+0PP9MOGKy5/wTPpvlQb2bCSqhYrmi5lm8=
Subject key identifier: 53:3C:F8:F6:EC:88:1A:F4:1B:47:28:E5:EB:43:DE:60:6C:53:5D:01
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AD5E2D448B308B32DDD961187936CC900
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Uzz49uyIGvQbRyjl60PeYGxTXQE.roa
Signing time: Wed 27 Sep 2023 09:05:27 +0000
ROA not before: Wed 27 Sep 2023 09:05:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:d5e2:d93/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d5:e2:d4:48:b3:08:b3:2d:dd:96:11:87:93:6c:c9:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 27 09:05:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=533cf8f6ec881af41b4728e5eb43de606c535d01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f8:4d:1c:44:71:2d:7c:b9:57:ba:3e:49:4b:
af:18:fd:1a:03:cd:5e:63:0d:b0:fd:4a:12:35:fc:
af:b6:bc:11:98:3d:3d:9e:e9:eb:74:a5:12:80:06:
bf:15:9f:76:71:df:8d:c9:9d:99:9d:3f:61:f1:82:
2f:95:ad:6e:f1:b2:d2:f1:00:cc:af:41:1c:a0:13:
68:50:10:3c:1d:c5:df:78:fd:e6:4d:3b:f9:0a:1f:
35:6a:24:45:3a:21:c3:d5:4c:37:f3:da:24:0c:06:
48:2d:9f:8b:ca:e3:db:15:c6:52:9f:7c:86:a0:2f:
db:88:15:a9:4f:bb:0b:da:43:f1:b0:44:f7:4e:47:
2d:7f:7e:36:8b:1a:7b:bb:4d:2e:85:ca:c3:e3:e4:
bf:e8:34:48:bd:0e:73:55:15:a9:88:5b:eb:54:b8:
c6:98:83:21:4e:d0:c1:3d:88:7d:31:67:2e:3e:c1:
08:43:11:26:72:33:bd:57:9f:96:d5:45:e8:7f:8b:
04:d8:b0:9c:12:44:51:c6:30:6b:cb:4d:32:ff:2e:
3f:d9:03:d9:c1:58:2a:18:9c:df:76:e8:65:da:45:
11:b9:2c:b3:27:9d:8d:9e:ed:ce:a9:9a:29:60:ac:
ea:4a:c7:f4:31:a0:b6:5a:47:77:5b:c4:0e:30:28:
3a:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:3C:F8:F6:EC:88:1A:F4:1B:47:28:E5:EB:43:DE:60:6C:53:5D:01
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Uzz49uyIGvQbRyjl60PeYGxTXQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a4:73:73:17:b4:88:26:cd:2e:83:e7:a4:6e:26:ad:55:17:cf:
6c:df:44:dc:32:f7:b2:ff:f3:c4:8f:42:0e:69:bf:1d:30:17:
2e:ac:78:12:d5:a5:54:aa:c4:e4:f6:ec:07:f8:d3:47:f9:94:
3d:47:52:af:08:a5:cc:d8:23:7c:e1:34:4b:08:ac:d3:ff:6e:
60:80:07:70:09:f6:65:a8:b5:94:34:98:6d:48:c4:fc:a3:59:
4d:b8:eb:92:e4:00:7c:1e:f4:9a:e6:d4:2c:b8:5c:c3:b8:0b:
f2:20:17:e4:62:b8:3f:17:75:ff:5e:fc:de:ff:7e:81:f1:df:
54:03:62:f1:c0:10:f3:1f:8d:3d:6a:ca:55:39:4b:e7:96:0b:
88:98:38:5a:77:28:32:f8:29:2e:ad:6d:4c:2e:60:46:3a:6f:
b1:cb:d2:17:b4:92:0f:c1:a5:c8:35:f3:6d:71:88:92:67:57:
71:fd:cf:08:4e:22:8a:a3:58:58:a3:83:d6:e9:38:91:24:eb:
e4:e8:50:ec:fb:18:ef:05:28:6d:2c:7d:5d:ac:6a:c1:50:77:
a3:bd:21:ce:4f:93:86:4d:26:f5:22:2c:91:cc:39:d6:f4:03:
ec:73:ae:70:55:01:04:dd:5e:5d:d2:5c:79:2a:6e:11:a6:52:
0d:95:9d:b3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrV4tRIswizLd2WEYeTbMkAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI3MDkwNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzNjZjhmNmVjODgxYWY0MWI0NzI4ZTVlYjQzZGU2MDZjNTM1ZDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPhNHERxLXy5V7o+SUuvGP0aA81e
Yw2w/UoSNfyvtrwRmD09nunrdKUSgAa/FZ92cd+NyZ2ZnT9h8YIvla1u8bLS8QDM
r0EcoBNoUBA8HcXfeP3mTTv5Ch81aiRFOiHD1Uw389okDAZILZ+LyuPbFcZSn3yG
oC/biBWpT7sL2kPxsET3Tkctf342ixp7u00uhcrD4+S/6DRIvQ5zVRWpiFvrVLjG
mIMhTtDBPYh9MWcuPsEIQxEmcjO9V5+W1UXof4sE2LCcEkRRxjBry00y/y4/2QPZ
wVgqGJzfduhl2kURuSyzJ52Nnu3OqZopYKzqSsf0MaC2Wkd3W8QOMCg66wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFM8+PbsiBr0G0co5etD3mBsU10BMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVXp6NDl1eUlHdlFiUnlqbDYwUGVZR3hUWFFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKRzcxe0iCbNLoPnpG4m
rVUXz2zfRNwy97L/88SPQg5pvx0wFy6seBLVpVSqxOT27Af400f5lD1HUq8IpczY
I3zhNEsIrNP/bmCAB3AJ9mWotZQ0mG1IxPyjWU2465LkAHwe9Jrm1Cy4XMO4C/Ig
F+RiuD8Xdf9e/N7/foHx31QDYvHAEPMfjT1qylU5S+eWC4iYOFp3KDL4KS6tbUwu
YEY6b7HL0he0kg/Bpcg1821xiJJnV3H9zwhOIoqjWFijg9bpOJEk6+ToUOz7GO8F
KG0sfV2sasFQd6O9Ic5Pk4ZNJvUiLJHMOdb0A+xzrnBVAQTdXl3SXHkqbhGmUg2V
nbM=
-----END CERTIFICATE-----
Generated at Thu May 15 06:57:24 2025 by rpki-client