Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/aCKwe7EnzXKpvJo3phluLpeJ_4Q.roa
File: aCKwe7EnzXKpvJo3phluLpeJ_4Q.roa (raw, json)
Hash identifier: sthWCGaLjN0SqZiy07BPzCBijoaq2mdrRpRruuFBOh0=
Subject key identifier: 68:22:B0:7B:B1:27:CD:72:A9:BC:9A:37:A6:19:6E:2E:97:89:FF:84
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C22F3A3415C095CA06EAEE0A44C6F5A1A
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/aCKwe7EnzXKpvJo3phluLpeJ_4Q.roa
Signing time: Fri 01 Dec 2023 01:17:21 +0000
ROA not before: Fri 01 Dec 2023 01:17:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:22:f3:a3:41:5c:09:5c:a0:6e:ae:e0:a4:4c:6f:5a:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 1 01:17:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6822b07bb127cd72a9bc9a37a6196e2e9789ff84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:04:bb:db:b7:35:11:5e:8f:82:4f:1c:63:d4:
08:06:51:22:da:11:1a:bf:e6:96:1c:9c:6f:a2:5b:
31:07:fb:53:08:3a:72:1e:6a:db:7d:35:c3:21:9d:
dd:5b:2f:ff:4c:66:5c:39:2e:1e:79:dd:70:0b:19:
17:e8:31:dd:fb:dc:97:ad:9b:9c:99:90:1d:78:0f:
cf:bb:52:af:09:ce:ec:76:b0:3d:1d:dc:d0:f1:f5:
ab:72:b7:ec:71:fe:a2:9e:69:b2:05:a1:36:78:58:
e6:ad:fd:89:a3:37:3c:79:98:e6:ff:4e:74:a2:58:
09:3f:4d:9f:23:06:a6:e6:73:6e:6e:80:96:9e:04:
f3:6d:2d:74:43:a1:37:16:27:2a:35:80:17:67:12:
f0:57:67:fc:20:94:b8:da:6d:28:4b:ac:3a:8a:e4:
c5:6f:d4:2e:ae:59:ff:ca:0e:10:c3:02:b5:3b:19:
5c:7b:3f:1b:60:3f:e3:0c:56:08:fe:62:17:dd:f0:
83:25:4d:66:8f:f8:57:09:e3:44:94:06:34:62:ca:
d3:09:f0:26:8a:06:5c:f1:e4:d2:61:b0:1f:85:74:
e9:39:b8:c1:b4:2d:5e:cc:68:e8:b0:9f:0b:c0:71:
a5:25:03:b5:67:f6:82:2b:14:03:23:65:f9:fb:e3:
5f:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:22:B0:7B:B1:27:CD:72:A9:BC:9A:37:A6:19:6E:2E:97:89:FF:84
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/aCKwe7EnzXKpvJo3phluLpeJ_4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
86:b1:80:ab:33:5d:b3:8e:4e:e9:26:cd:f9:29:83:76:3a:75:
c7:9d:f1:05:9a:06:b5:e6:77:c7:ff:34:00:d6:22:aa:6a:62:
62:3e:f5:5f:0c:68:d6:c2:ee:7d:7b:d1:11:7b:38:d3:05:11:
f0:7e:76:81:ae:39:f2:96:f2:c3:c2:a6:cd:9f:dd:0b:26:82:
65:22:18:d2:2e:b7:f9:ff:7c:6c:bb:97:2d:61:a5:0c:e6:e7:
f5:77:75:b7:c4:9c:f4:5c:94:b9:61:cb:ca:c1:26:bf:7e:dd:
89:7e:88:69:4a:7a:f6:cc:16:a6:ab:24:da:e8:31:4f:03:ef:
d9:dd:14:65:5e:17:bd:73:51:5b:84:3f:c2:bd:b2:59:36:4f:
2c:7b:61:72:5c:58:a0:6d:81:e7:9f:fb:81:23:2b:04:84:3b:
33:3b:94:99:6a:38:15:2d:60:a7:49:99:e3:9b:ac:87:09:59:
22:c3:64:69:bc:12:e0:02:01:5d:cb:3d:ac:a5:21:00:e4:7e:
5d:9f:12:24:50:19:b4:1c:66:e9:91:ad:78:ac:d5:11:bf:85:
df:55:48:c9:47:e2:8d:69:0a:49:07:ca:e5:19:10:00:af:85:
bf:d2:e0:31:ef:ea:10:30:f2:53:eb:2e:9e:5d:45:63:e1:02:
8f:d1:c4:9e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwi86NBXAlcoG6u4KRMb1oaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjAxMDExNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODIyYjA3YmIxMjdjZDcyYTliYzlhMzdhNjE5NmUyZTk3ODlmZjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAS727c1EV6Pgk8cY9QIBlEi2hEa
v+aWHJxvolsxB/tTCDpyHmrbfTXDIZ3dWy//TGZcOS4eed1wCxkX6DHd+9yXrZuc
mZAdeA/Pu1KvCc7sdrA9HdzQ8fWrcrfscf6inmmyBaE2eFjmrf2Jozc8eZjm/050
olgJP02fIwam5nNuboCWngTzbS10Q6E3FicqNYAXZxLwV2f8IJS42m0oS6w6iuTF
b9Qurln/yg4QwwK1Oxlcez8bYD/jDFYI/mIX3fCDJU1mj/hXCeNElAY0YsrTCfAm
igZc8eTSYbAfhXTpObjBtC1ezGjosJ8LwHGlJQO1Z/aCKxQDI2X5++Nf1wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGgisHuxJ81yqbyaN6YZbi6Xif+EMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYUNLd2U3RW56WEtwdkpvM3BobHVMcGVKXzRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIaxgKszXbOOTukmzfkp
g3Y6dced8QWaBrXmd8f/NADWIqpqYmI+9V8MaNbC7n170RF7ONMFEfB+doGuOfKW
8sPCps2f3QsmgmUiGNIut/n/fGy7ly1hpQzm5/V3dbfEnPRclLlhy8rBJr9+3Yl+
iGlKevbMFqarJNroMU8D79ndFGVeF71zUVuEP8K9slk2Tyx7YXJcWKBtgeef+4Ej
KwSEOzM7lJlqOBUtYKdJmeObrIcJWSLDZGm8EuACAV3LPaylIQDkfl2fEiRQGbQc
ZumRrXis1RG/hd9VSMlH4o1pCkkHyuUZEACvhb/S4DHv6hAw8lPrLp5dRWPhAo/R
xJ4=
-----END CERTIFICATE-----
Generated at Sun May 11 19:12:35 2025 by rpki-client