Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/c3xKnGuBtwNzvIrYj90tKtEkAbw.roa
File: c3xKnGuBtwNzvIrYj90tKtEkAbw.roa (raw, json)
Hash identifier: 06eJCRqBiFbnjYm0gTmX8ixxD4o3aTB36nGfaG4RnO0=
Subject key identifier: 73:7C:4A:9C:6B:81:B7:03:73:BC:8A:D8:8F:DD:2D:2A:D1:24:01:BC
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B5AF154429D497B6974F63A1AF09A69EA
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/c3xKnGuBtwNzvIrYj90tKtEkAbw.roa
Signing time: Mon 23 Oct 2023 05:10:47 +0000
ROA not before: Mon 23 Oct 2023 05:10:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:5aeb:b4f0/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:5a:f1:54:42:9d:49:7b:69:74:f6:3a:1a:f0:9a:69:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 23 05:10:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=737c4a9c6b81b70373bc8ad88fdd2d2ad12401bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:09:5d:46:d1:03:06:d5:b5:d8:c7:48:70:97:
bc:cb:b3:18:b0:cd:29:1f:eb:75:d7:96:48:63:f1:
83:57:3b:42:64:40:2d:83:18:f8:4a:25:33:29:2f:
d9:55:55:f9:64:9d:8e:a5:1e:ff:1f:fa:1d:24:8b:
24:11:4c:4e:fa:03:7b:d8:90:04:30:6d:40:54:37:
52:92:18:20:cf:c9:a7:e0:f7:ee:01:ca:b7:18:cf:
cb:a0:ab:d9:74:32:ff:4a:86:22:83:78:6b:f6:47:
f9:7f:e3:14:9f:35:8b:0f:d1:2a:9d:e3:34:b4:12:
d7:78:cf:b0:6d:71:d0:54:c5:64:e3:5e:c0:46:ae:
f9:e0:fd:c6:8a:d3:63:5d:6b:9b:2b:84:ec:55:d6:
52:9b:51:e3:14:f3:89:ba:18:56:3f:2f:24:89:8d:
2c:5f:e5:78:05:00:28:11:43:ac:7f:70:5b:33:5a:
f7:ff:7e:b7:34:b0:b4:30:0d:b6:13:01:95:50:1f:
b5:89:fc:ae:21:46:5e:53:0e:18:a9:9a:ce:3f:b3:
8d:4b:bb:6b:24:6c:c2:f2:96:3d:20:24:24:bc:ae:
2d:32:dd:e0:33:30:99:8e:62:a1:79:98:ec:ef:58:
83:7c:95:66:f5:57:71:b8:8a:72:b6:9d:cd:c5:00:
c7:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:7C:4A:9C:6B:81:B7:03:73:BC:8A:D8:8F:DD:2D:2A:D1:24:01:BC
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/c3xKnGuBtwNzvIrYj90tKtEkAbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
53:4f:b3:21:d5:53:15:fd:0b:8b:1f:5b:71:cb:d3:78:fb:72:
2e:b1:ee:a2:9f:65:30:65:e0:7a:fe:09:5b:50:b5:84:37:db:
ba:41:42:36:d5:b1:a3:66:16:81:5d:da:c4:5f:79:89:22:62:
ea:06:0c:17:35:2a:56:3c:69:e8:13:82:7e:58:2f:d9:bf:f9:
e2:fb:8f:90:b0:fd:85:0b:37:33:a9:8a:7e:d8:5c:ed:05:21:
e6:87:b8:d4:bc:00:07:a1:54:78:35:a3:47:d6:84:63:91:00:
f8:ee:73:5e:34:6c:e7:3b:56:f6:b0:79:af:25:cb:4d:49:c2:
30:d5:7d:b7:aa:80:51:e3:8a:2e:73:10:43:6e:37:f6:b2:44:
4b:a7:a5:82:d5:b5:6f:28:85:f9:4b:41:53:3c:99:b2:a5:d0:
e7:e5:60:94:ab:c1:e6:96:ea:ab:bf:a5:14:3b:18:74:53:7c:
e8:90:cc:c1:2a:a8:2a:a5:1b:c5:9c:8e:bd:9f:28:00:bc:c7:
44:f2:22:50:e6:aa:45:ca:17:a7:02:4f:f2:79:5a:12:b1:71:
dc:89:e6:ff:c4:a1:d9:3c:54:5a:3a:03:65:76:c1:95:11:b4:
43:56:19:82:1f:65:a9:4e:4e:80:af:4d:61:bc:bf:f1:5a:6f:
c0:f8:f6:3a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYta8VRCnUl7aXT2OhrwmmnqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIzMDUxMDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzdjNGE5YzZiODFiNzAzNzNiYzhhZDg4ZmRkMmQyYWQxMjQwMWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwldRtEDBtW12MdIcJe8y7MYsM0p
H+t115ZIY/GDVztCZEAtgxj4SiUzKS/ZVVX5ZJ2OpR7/H/odJIskEUxO+gN72JAE
MG1AVDdSkhggz8mn4PfuAcq3GM/LoKvZdDL/SoYig3hr9kf5f+MUnzWLD9EqneM0
tBLXeM+wbXHQVMVk417ARq754P3GitNjXWubK4TsVdZSm1HjFPOJuhhWPy8kiY0s
X+V4BQAoEUOsf3BbM1r3/363NLC0MA22EwGVUB+1ifyuIUZeUw4YqZrOP7ONS7tr
JGzC8pY9ICQkvK4tMt3gMzCZjmKheZjs71iDfJVm9VdxuIpytp3NxQDHtwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHN8SpxrgbcDc7yK2I/dLSrRJAG8MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYzN4S25HdUJ0d056dklyWWo5MHRLdEVrQWJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFNPsyHVUxX9C4sfW3HL
03j7ci6x7qKfZTBl4Hr+CVtQtYQ327pBQjbVsaNmFoFd2sRfeYkiYuoGDBc1KlY8
aegTgn5YL9m/+eL7j5Cw/YULNzOpin7YXO0FIeaHuNS8AAehVHg1o0fWhGORAPju
c140bOc7Vvawea8ly01JwjDVfbeqgFHjii5zEENuN/ayREunpYLVtW8ohflLQVM8
mbKl0OflYJSrweaW6qu/pRQ7GHRTfOiQzMEqqCqlG8Wcjr2fKAC8x0TyIlDmqkXK
F6cCT/J5WhKxcdyJ5v/Eodk8VFo6A2V2wZURtENWGYIfZalOToCvTWG8v/Fab8D4
9jo=
-----END CERTIFICATE-----
Generated at Tue May 13 09:24:11 2025 by rpki-client