Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/nTm74ehaVW9MzuEIHiL0aGNd8RY.roa
File: nTm74ehaVW9MzuEIHiL0aGNd8RY.roa (raw, json)
Hash identifier: lLXo5JDJM0b51WixtuQPcq+lxNVmzw6/Bgv/pXAHQ3w=
Subject key identifier: 9D:39:BB:E1:E8:5A:55:6F:4C:CE:E1:08:1E:22:F4:68:63:5D:F1:16
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C544E36281556E045D1BB5A104AAED25C
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/nTm74ehaVW9MzuEIHiL0aGNd8RY.roa
Signing time: Sun 10 Dec 2023 15:17:40 +0000
ROA not before: Sun 10 Dec 2023 15:17:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:54:4e:36:28:15:56:e0:45:d1:bb:5a:10:4a:ae:d2:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 10 15:17:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d39bbe1e85a556f4ccee1081e22f468635df116
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:56:50:f6:c1:b1:10:d5:98:ae:a6:f0:4d:2f:
86:d3:84:8e:2b:58:7e:7a:5a:bd:f3:80:44:b4:52:
22:2e:e2:24:92:c2:46:28:7a:b1:83:30:48:7f:75:
30:48:b3:4b:86:01:fd:ae:f5:24:43:f2:a6:be:4a:
7b:8d:16:ed:92:5e:6c:29:2a:8d:ee:25:62:9b:b9:
3c:fe:eb:aa:26:82:7e:e3:9b:d6:96:9c:78:8e:c5:
21:8f:fb:0d:44:7b:ff:9c:28:80:87:fb:a5:e9:73:
b0:7b:1b:00:68:cb:c7:74:b2:3d:61:ce:da:c2:32:
63:59:03:6b:a0:61:19:25:92:30:4b:33:16:5f:7b:
ae:2e:d4:d0:23:22:79:21:62:a3:02:dd:fd:6c:03:
34:f8:e9:70:63:7d:4e:cd:9b:d8:c0:be:24:de:e5:
5a:96:db:4a:1b:47:a1:44:f6:92:75:f2:8d:86:9d:
14:b9:e1:95:f0:a4:e1:39:79:6a:ac:55:c9:86:be:
43:ca:73:81:1c:3e:f9:59:a5:1f:84:b7:ab:3e:2d:
fe:17:b5:12:31:00:04:1b:e9:21:d6:db:40:0b:49:
1f:ed:62:da:aa:e9:47:0b:1f:02:71:2b:32:52:c7:
2f:cd:cb:ca:d5:38:1d:14:b2:fb:8e:67:37:d6:6f:
23:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:39:BB:E1:E8:5A:55:6F:4C:CE:E1:08:1E:22:F4:68:63:5D:F1:16
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/nTm74ehaVW9MzuEIHiL0aGNd8RY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
14:33:ad:a4:95:83:b8:4e:69:5c:b4:82:77:ea:a1:5e:46:8a:
e2:ea:03:7f:ee:bf:92:48:b6:59:34:5b:0f:70:5c:c8:82:41:
ab:a9:19:d2:55:3a:40:45:70:74:b3:aa:ad:9c:ba:5b:a7:6c:
88:2e:54:6e:c5:e2:08:34:1c:c4:32:9d:a3:85:45:1c:2d:dd:
1e:bb:32:78:13:29:cd:9c:51:bf:87:95:ec:9d:a8:52:a5:93:
f1:d2:3f:57:92:08:b3:eb:df:b3:8f:30:81:53:12:33:8c:45:
0b:b4:dc:79:4d:61:b2:ce:a2:42:83:60:6d:95:ad:27:d4:b2:
e1:d5:6d:fc:a7:68:e5:8a:a6:7b:d9:d1:28:b6:d8:6d:54:2e:
f7:2a:f8:58:d2:16:43:53:1c:a0:dd:7a:2c:ec:e1:15:55:69:
da:ea:2c:a8:73:4e:93:51:5f:b0:c0:40:40:b5:c2:03:ce:a6:
fb:a2:4c:3f:cc:97:05:c7:1f:0e:8a:09:85:f7:86:e5:75:4b:
34:d4:f6:b2:ff:d7:a3:48:9f:78:b9:ef:c7:a6:ba:34:cc:01:
b7:23:ff:f4:3e:20:a7:da:70:0e:e9:a1:0d:91:25:a9:51:63:
7d:48:28:11:e8:90:fb:2d:94:84:5a:d5:66:82:73:e4:f3:89:
f1:a2:4e:84
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxUTjYoFVbgRdG7WhBKrtJcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjEwMTUxNzQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDM5YmJlMWU4NWE1NTZmNGNjZWUxMDgxZTIyZjQ2ODYzNWRmMTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVZQ9sGxENWYrqbwTS+G04SOK1h+
elq984BEtFIiLuIkksJGKHqxgzBIf3UwSLNLhgH9rvUkQ/Kmvkp7jRbtkl5sKSqN
7iVim7k8/uuqJoJ+45vWlpx4jsUhj/sNRHv/nCiAh/ul6XOwexsAaMvHdLI9Yc7a
wjJjWQNroGEZJZIwSzMWX3uuLtTQIyJ5IWKjAt39bAM0+OlwY31OzZvYwL4k3uVa
lttKG0ehRPaSdfKNhp0UueGV8KThOXlqrFXJhr5DynOBHD75WaUfhLerPi3+F7US
MQAEG+kh1ttAC0kf7WLaqulHCx8CcSsyUscvzcvK1TgdFLL7jmc31m8jJQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ05u+HoWlVvTM7hCB4i9GhjXfEWMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvblRtNzRlaGFWVzlNenVFSUhpTDBhR05kOFJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABQzraSVg7hOaVy0gnfq
oV5GiuLqA3/uv5JItlk0Ww9wXMiCQaupGdJVOkBFcHSzqq2culunbIguVG7F4gg0
HMQynaOFRRwt3R67MngTKc2cUb+HleydqFKlk/HSP1eSCLPr37OPMIFTEjOMRQu0
3HlNYbLOokKDYG2VrSfUsuHVbfynaOWKpnvZ0Si22G1ULvcq+FjSFkNTHKDdeizs
4RVVadrqLKhzTpNRX7DAQEC1wgPOpvuiTD/MlwXHHw6KCYX3huV1SzTU9rL/16NI
n3i578emujTMAbcj//Q+IKfacA7poQ2RJalRY31IKBHokPstlIRa1WaCc+TzifGi
ToQ=
-----END CERTIFICATE-----
Generated at Sun May 11 19:12:33 2025 by rpki-client