Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/_l3T832VRco1jcYHbjEKHbEjwGY.roa
File: _l3T832VRco1jcYHbjEKHbEjwGY.roa (raw, json)
Hash identifier: uqdLLuz/yX3Q3u0ygsUOLyhQte7L9DzgF5cPikqb/o0=
Subject key identifier: FE:5D:D3:F3:7D:95:45:CA:35:8D:C6:07:6E:31:0A:1D:B1:23:C0:66
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ACDF199A1146F89DCD1E50F5BB4386A05
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/_l3T832VRco1jcYHbjEKHbEjwGY.roa
Signing time: Mon 25 Sep 2023 20:04:37 +0000
ROA not before: Mon 25 Sep 2023 20:04:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:cdf1:66fa/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cd:f1:99:a1:14:6f:89:dc:d1:e5:0f:5b:b4:38:6a:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 25 20:04:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe5dd3f37d9545ca358dc6076e310a1db123c066
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f5:85:33:d5:1b:80:3a:8b:3c:5d:04:fe:b6:
13:30:59:7c:b3:41:ac:ac:0c:bc:92:18:76:2d:81:
6f:58:d1:13:7b:45:9f:9a:02:87:47:79:0d:18:06:
b8:f0:63:94:5d:9b:d6:29:0e:f2:82:03:f6:80:22:
26:c4:f7:c0:bd:d1:ef:cd:77:9d:8c:0b:1b:0a:1f:
cc:e2:c3:6d:50:5a:58:74:36:33:6b:e5:64:49:54:
48:57:b2:48:29:b4:85:4b:bf:9d:ca:f9:17:e9:e9:
5f:4a:4b:36:e9:9b:b3:e3:0c:56:c7:61:b5:d5:7e:
2d:20:62:95:8f:f9:b0:8d:12:3a:8f:51:12:70:55:
77:eb:ae:51:db:91:30:7e:e8:34:0c:d8:7c:c8:12:
f9:74:d9:0b:25:e3:d5:e7:1e:51:1f:a2:36:bb:ae:
9c:bb:b3:1b:4b:66:5e:96:83:1d:f8:47:59:76:88:
8a:cc:33:4d:3b:d7:32:53:b8:a9:09:5c:b0:cc:15:
ef:c7:11:b5:06:69:c7:a1:a3:86:09:ed:10:c7:f0:
48:e4:a8:8d:25:e6:61:ee:f3:1a:08:4b:24:9d:6b:
57:55:7d:97:88:f1:ba:6f:05:8f:90:08:6d:45:a0:
8e:43:96:a8:0d:54:dc:a9:ab:bf:2d:d8:e5:bd:0c:
07:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:5D:D3:F3:7D:95:45:CA:35:8D:C6:07:6E:31:0A:1D:B1:23:C0:66
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/_l3T832VRco1jcYHbjEKHbEjwGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
bf:82:46:30:a2:9d:45:28:c9:9e:db:50:4a:92:f3:17:37:99:
6d:c2:35:c1:6e:76:ca:f3:8c:fc:b5:10:56:c4:be:c5:b0:9c:
0c:82:d8:2e:84:b7:d6:f2:c9:9d:15:70:3d:19:1a:6e:4d:43:
8f:c7:6d:af:a6:f5:e8:eb:b6:73:1d:11:2f:39:ae:6f:8b:11:
1d:de:11:e9:65:b1:89:87:bd:86:ef:29:b4:d1:a0:9b:0f:99:
35:4a:0a:a0:6f:c9:17:4e:97:38:5e:9a:85:78:dd:1c:89:2b:
52:ea:39:2a:3e:a9:1b:65:b3:54:79:44:45:73:03:23:50:95:
c4:f5:e5:dc:7a:8b:a9:88:19:2b:c9:e7:ee:13:53:5e:be:f8:
04:85:77:46:29:da:59:51:2f:cc:7a:fd:cd:bd:b0:f9:92:55:
69:b4:a3:7f:22:d0:14:c7:01:70:37:80:82:a2:dd:35:a3:27:
3a:c3:81:60:ce:40:4b:24:4a:e6:08:ad:31:ba:63:98:6e:c7:
34:e0:cc:aa:0c:8c:0b:4c:03:f8:c8:5a:cc:98:f5:cf:b7:75:
bc:f5:63:67:dc:48:dc:99:f0:3c:c4:49:a9:da:4b:29:8b:3e:
30:00:c8:69:45:56:1e:f6:12:c4:85:4c:44:9b:43:d9:da:fd:
45:90:d4:a5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrN8ZmhFG+J3NHlD1u0OGoFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI1MjAwNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTVkZDNmMzdkOTU0NWNhMzU4ZGM2MDc2ZTMxMGExZGIxMjNjMDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfWFM9UbgDqLPF0E/rYTMFl8s0Gs
rAy8khh2LYFvWNETe0WfmgKHR3kNGAa48GOUXZvWKQ7yggP2gCImxPfAvdHvzXed
jAsbCh/M4sNtUFpYdDYza+VkSVRIV7JIKbSFS7+dyvkX6elfSks26Zuz4wxWx2G1
1X4tIGKVj/mwjRI6j1EScFV3665R25Ewfug0DNh8yBL5dNkLJePV5x5RH6I2u66c
u7MbS2ZeloMd+EdZdoiKzDNNO9cyU7ipCVywzBXvxxG1BmnHoaOGCe0Qx/BI5KiN
JeZh7vMaCEsknWtXVX2XiPG6bwWPkAhtRaCOQ5aoDVTcqau/LdjlvQwHlwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP5d0/N9lUXKNY3GB24xCh2xI8BmMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvX2wzVDgzMlZSY28xamNZSGJqRUtIYkVqd0dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAL+CRjCinUUoyZ7bUEqS
8xc3mW3CNcFudsrzjPy1EFbEvsWwnAyC2C6Et9byyZ0VcD0ZGm5NQ4/Hba+m9ejr
tnMdES85rm+LER3eEellsYmHvYbvKbTRoJsPmTVKCqBvyRdOlzhemoV43RyJK1Lq
OSo+qRtls1R5REVzAyNQlcT15dx6i6mIGSvJ5+4TU16++ASFd0Yp2llRL8x6/c29
sPmSVWm0o38i0BTHAXA3gIKi3TWjJzrDgWDOQEskSuYIrTG6Y5huxzTgzKoMjAtM
A/jIWsyY9c+3dbz1Y2fcSNyZ8DzESanaSymLPjAAyGlFVh72EsSFTESbQ9na/UWQ
1KU=
-----END CERTIFICATE-----
Generated at Mon May 12 19:16:55 2025 by rpki-client