Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/nK5U-aDiP6DE5QM6cNr9nvjORbE.roa
File: nK5U-aDiP6DE5QM6cNr9nvjORbE.roa (raw, json)
Hash identifier: YBcQDBF4UImy7rE9rDo4K/dK8o1N0TTbuppMfDfViNk=
Subject key identifier: 9C:AE:54:F9:A0:E2:3F:A0:C4:E5:03:3A:70:DA:FD:9E:F8:CE:45:B1
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C4A9A613D1AE2E85633E52B14302C7962
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/nK5U-aDiP6DE5QM6cNr9nvjORbE.roa
Signing time: Fri 08 Dec 2023 18:04:40 +0000
ROA not before: Fri 08 Dec 2023 18:04:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:4a9a:1dd1/128 maxlen: 128
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:4a:9a:61:3d:1a:e2:e8:56:33:e5:2b:14:30:2c:79:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 8 18:04:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9cae54f9a0e23fa0c4e5033a70dafd9ef8ce45b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:7d:b5:84:47:49:05:e3:8d:4b:b6:d2:11:f8:
0a:b9:57:16:4c:00:83:2c:4e:11:57:93:e4:49:5a:
5c:a8:c1:05:c2:e1:a7:da:91:bc:d6:2f:b0:4f:08:
e6:08:6a:12:05:93:5c:ba:ba:91:a0:50:8e:e1:cd:
8c:bd:46:e2:6e:2e:71:2a:30:5a:92:95:cf:2b:ac:
24:56:88:72:73:a6:75:74:7f:5e:26:7f:dd:b0:47:
f1:e1:49:a4:d1:5b:f1:06:af:07:a8:98:bf:79:47:
33:59:90:ce:16:64:29:39:4d:98:c3:5a:dd:0d:72:
f8:02:72:ca:ed:fd:9e:60:b5:fd:63:fc:e6:ca:73:
f7:6b:00:14:ae:a7:6b:7d:0b:60:38:61:99:24:ea:
38:6c:33:65:6a:8f:17:4a:70:12:21:da:ca:4d:47:
b5:86:b3:71:97:ac:49:df:e9:10:5f:ef:36:d6:b3:
e5:cc:52:18:c6:96:24:64:2c:6d:1b:8f:48:14:91:
5f:42:cc:9f:fc:cf:67:d7:38:9a:bc:42:7c:72:e2:
46:7f:ba:84:3a:b3:c1:f6:fe:fa:a1:81:84:78:b5:
54:3d:13:e6:92:bf:ee:ea:52:fc:e8:01:42:12:5f:
20:a6:11:87:22:f8:c4:41:66:5e:7d:eb:cb:c3:4c:
41:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:AE:54:F9:A0:E2:3F:A0:C4:E5:03:3A:70:DA:FD:9E:F8:CE:45:B1
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/nK5U-aDiP6DE5QM6cNr9nvjORbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
d3:84:e2:e2:bf:ea:d5:67:69:43:d0:ee:29:8c:31:7d:95:e1:
64:fe:29:d2:38:70:b4:44:41:9b:c5:65:33:03:78:43:00:0b:
9c:f5:4b:42:c0:c0:67:c8:16:b6:fb:06:0e:17:3d:2a:dc:e4:
d5:16:71:67:13:70:da:d2:d1:fb:75:c0:e0:ce:26:06:0a:e5:
98:e4:54:ed:4c:77:98:14:48:51:ea:e8:ec:c6:1a:11:5f:9b:
26:1e:ab:cf:2e:d9:7c:ee:68:8a:b1:32:68:f6:a9:dc:6c:05:
d8:b1:31:ad:75:75:13:33:4f:4f:72:ca:f7:3c:7b:f5:bd:89:
3c:d1:52:1e:d2:93:eb:15:22:9f:4a:21:04:9f:43:84:55:52:
12:33:e2:fc:88:eb:6e:d3:b5:56:63:bc:98:91:d2:f1:2e:31:
40:6b:7b:f7:b4:2c:4c:a3:f3:79:5e:75:99:aa:4f:f6:96:9f:
85:ff:e9:8c:99:88:49:44:0f:8c:f0:20:7d:47:5b:a7:ab:2c:
80:52:d0:02:4c:a8:6e:19:f7:1a:93:0a:52:db:c1:8e:b3:90:
d6:d4:97:50:22:dd:d2:d1:2e:16:cd:42:07:49:b5:3b:cd:ad:
e9:95:e9:87:69:a7:0e:de:1c:77:6d:fa:08:40:de:01:8d:31:
e6:53:c4:5a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxKmmE9GuLoVjPlKxQwLHliMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA4MTgwNDQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2FlNTRmOWEwZTIzZmEwYzRlNTAzM2E3MGRhZmQ5ZWY4Y2U0NWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxH21hEdJBeONS7bSEfgKuVcWTACD
LE4RV5PkSVpcqMEFwuGn2pG81i+wTwjmCGoSBZNcurqRoFCO4c2MvUbibi5xKjBa
kpXPK6wkVohyc6Z1dH9eJn/dsEfx4Umk0VvxBq8HqJi/eUczWZDOFmQpOU2Yw1rd
DXL4AnLK7f2eYLX9Y/zmynP3awAUrqdrfQtgOGGZJOo4bDNlao8XSnASIdrKTUe1
hrNxl6xJ3+kQX+821rPlzFIYxpYkZCxtG49IFJFfQsyf/M9n1ziavEJ8cuJGf7qE
OrPB9v76oYGEeLVUPRPmkr/u6lL86AFCEl8gphGHIvjEQWZefevLw0xBCwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJyuVPmg4j+gxOUDOnDa/Z74zkWxMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbks1VS1hRGlQNkRFNVFNNmNOcjludmpPUmJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBANOE4uK/6tVnaUPQ7imM
MX2V4WT+KdI4cLREQZvFZTMDeEMAC5z1S0LAwGfIFrb7Bg4XPSrc5NUWcWcTcNrS
0ft1wODOJgYK5ZjkVO1Md5gUSFHq6OzGGhFfmyYeq88u2XzuaIqxMmj2qdxsBdix
Ma11dRMzT09yyvc8e/W9iTzRUh7Sk+sVIp9KIQSfQ4RVUhIz4vyI627TtVZjvJiR
0vEuMUBre/e0LEyj83ledZmqT/aWn4X/6YyZiElED4zwIH1HW6erLIBS0AJMqG4Z
9xqTClLbwY6zkNbUl1Ai3dLRLhbNQgdJtTvNremV6Ydppw7eHHdt+ghA3gGNMeZT
xFo=
-----END CERTIFICATE-----
Generated at Sat May 10 13:08:27 2025 by rpki-client