Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ctmW2E5vpYMnACd6UNEJqRGjzcE.roa
File: ctmW2E5vpYMnACd6UNEJqRGjzcE.roa (raw, json)
Hash identifier: X1no30u6IfpI+HoL/XbHz7DLiZ8g2iaMgvOGMVinuSE=
Subject key identifier: 72:D9:96:D8:4E:6F:A5:83:27:00:27:7A:50:D1:09:A9:11:A3:CD:C1
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BBDA60A982AD7169C96816175D55F38BA
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ctmW2E5vpYMnACd6UNEJqRGjzcE.roa
Signing time: Sat 11 Nov 2023 09:10:57 +0000
ROA not before: Sat 11 Nov 2023 09:10:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:bd:a6:0a:98:2a:d7:16:9c:96:81:61:75:d5:5f:38:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 11 09:10:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72d996d84e6fa5832700277a50d109a911a3cdc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:32:3b:66:bc:49:1e:8d:7b:8c:9c:bb:66:c0:
e5:25:9f:05:16:6e:8e:54:01:24:f9:3c:75:a9:8e:
1c:72:47:f7:1d:11:e7:4f:cd:60:0b:02:12:4a:e1:
71:77:0b:3d:f5:34:93:04:bf:95:ee:e4:5f:2e:33:
7e:26:49:54:7f:a1:7e:c6:48:b8:df:0a:42:55:29:
01:a5:09:0f:52:fe:61:5c:31:07:45:75:2b:00:c1:
fd:7b:39:5c:a2:57:7c:96:b9:19:1c:da:8d:bc:50:
37:6e:03:77:f3:4f:c0:2a:8d:22:69:65:e1:1e:07:
57:c6:1f:4e:7f:e8:41:df:2f:96:96:56:87:ff:b0:
e2:15:fe:b5:27:19:9f:1b:6c:68:82:29:b6:af:49:
3e:d1:4f:b7:06:0f:c0:12:8c:40:67:31:d4:10:9d:
a8:e6:b6:a1:3c:17:0f:d3:3f:a2:5c:65:17:31:9a:
61:e3:50:04:8f:49:bb:55:36:59:af:6e:69:0a:3d:
0f:75:24:46:04:7c:b8:49:be:80:c7:c8:42:e6:dc:
dd:08:35:ad:03:c5:56:d8:ed:38:f7:6e:14:45:e2:
de:7f:59:5f:3e:f3:3a:43:82:d0:c6:24:87:35:0a:
8c:6f:db:fe:82:e0:ac:b7:19:93:df:b1:e3:1f:b7:
42:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:D9:96:D8:4E:6F:A5:83:27:00:27:7A:50:D1:09:A9:11:A3:CD:C1
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ctmW2E5vpYMnACd6UNEJqRGjzcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8a:5d:65:f0:a6:7b:7d:18:56:7d:2a:9b:13:0e:dd:9a:d9:9a:
8b:03:6c:cd:81:d5:0a:a6:dd:5b:0b:7c:7b:ac:e2:f0:35:cf:
b4:16:9b:2e:e6:a7:a7:7d:fc:40:dc:7c:15:f8:64:e0:ff:f1:
01:9e:4e:bf:56:ba:a9:d4:6a:11:0e:96:e8:fe:37:a9:d3:cd:
d6:99:3a:7e:19:b7:b1:88:3c:06:55:98:8d:ee:f0:c3:08:61:
73:13:d6:70:31:07:e5:e1:ec:2c:7f:e6:6c:55:23:25:5a:8e:
68:e3:4f:91:7f:3f:b8:79:36:5f:b2:12:af:e7:4f:5f:ca:4f:
20:77:39:c2:2c:15:6e:47:30:2c:82:08:04:84:b1:8f:b0:01:
aa:49:cb:42:85:7a:b7:eb:ee:22:2d:3d:ff:07:59:b1:99:af:
f6:6d:b8:4e:5b:ab:8b:62:e7:b7:a5:48:ca:ac:6b:4c:3e:c9:
c9:e7:3f:69:f1:ea:9f:d5:97:38:5e:09:08:84:fe:ae:44:c0:
05:79:88:46:9d:85:4e:c2:6d:30:ce:77:e3:0d:4c:e0:23:1e:
58:9f:a8:3c:17:0a:6f:00:3c:ea:6d:89:57:9a:12:a1:f4:ec:
58:e8:25:7a:a2:99:c7:a4:3d:57:74:33:bd:48:c2:6b:1b:e8:
54:28:12:2a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYu9pgqYKtcWnJaBYXXVXzi6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTExMDkxMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmQ5OTZkODRlNmZhNTgzMjcwMDI3N2E1MGQxMDlhOTExYTNjZGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDI7ZrxJHo17jJy7ZsDlJZ8FFm6O
VAEk+Tx1qY4cckf3HRHnT81gCwISSuFxdws99TSTBL+V7uRfLjN+JklUf6F+xki4
3wpCVSkBpQkPUv5hXDEHRXUrAMH9ezlcold8lrkZHNqNvFA3bgN380/AKo0iaWXh
HgdXxh9Of+hB3y+WllaH/7DiFf61JxmfG2xogim2r0k+0U+3Bg/AEoxAZzHUEJ2o
5rahPBcP0z+iXGUXMZph41AEj0m7VTZZr25pCj0PdSRGBHy4Sb6Ax8hC5tzdCDWt
A8VW2O04924UReLef1lfPvM6Q4LQxiSHNQqMb9v+guCstxmT37HjH7dCeQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHLZlthOb6WDJwAnelDRCakRo83BMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvY3RtVzJFNXZwWU1uQUNkNlVORUpxUkdqemNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIpdZfCme30YVn0qmxMO
3ZrZmosDbM2B1Qqm3VsLfHus4vA1z7QWmy7mp6d9/EDcfBX4ZOD/8QGeTr9WuqnU
ahEOluj+N6nTzdaZOn4Zt7GIPAZVmI3u8MMIYXMT1nAxB+Xh7Cx/5mxVIyVajmjj
T5F/P7h5Nl+yEq/nT1/KTyB3OcIsFW5HMCyCCASEsY+wAapJy0KFerfr7iItPf8H
WbGZr/ZtuE5bq4ti57elSMqsa0w+ycnnP2nx6p/VlzheCQiE/q5EwAV5iEadhU7C
bTDOd+MNTOAjHlifqDwXCm8APOptiVeaEqH07FjoJXqimcekPVd0M71Iwmsb6FQo
Eio=
-----END CERTIFICATE-----
Generated at Sat May 10 12:28:36 2025 by rpki-client