Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/nvDOgQDbvqCgTcropfz2c0hXil0.roa
File: nvDOgQDbvqCgTcropfz2c0hXil0.roa (raw, json)
Hash identifier: fuTqnl6IGp3vF8T6/+TVRRENaRQbQPW0m4tYsO1dnP8=
Subject key identifier: 9E:F0:CE:81:00:DB:BE:A0:A0:4D:CA:E8:A5:FC:F6:73:48:57:8A:5D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BECA9B11A8BC7BD2A14A434553F06C78C
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/nvDOgQDbvqCgTcropfz2c0hXil0.roa
Signing time: Mon 20 Nov 2023 12:17:05 +0000
ROA not before: Mon 20 Nov 2023 12:17:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ec:a9:b1:1a:8b:c7:bd:2a:14:a4:34:55:3f:06:c7:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 20 12:17:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ef0ce8100dbbea0a04dcae8a5fcf67348578a5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e2:51:29:fd:aa:a3:bf:72:e1:b8:e9:2e:36:
d3:7d:26:af:4b:df:3a:48:b9:e9:b7:63:44:a6:b9:
48:15:75:20:27:70:3b:4b:a5:b3:00:50:8f:f9:a6:
bb:05:24:6c:b0:06:29:3f:5d:d9:d8:82:34:59:f4:
56:52:d7:f4:d9:7e:8f:28:0d:93:0f:9c:6a:72:00:
96:04:a9:21:f7:e4:2f:fc:e7:e2:38:1d:de:db:cc:
10:a9:55:16:09:a0:7a:87:b2:36:3f:ac:dd:fb:4f:
97:6b:6b:9c:fc:33:34:91:79:f2:42:1f:07:db:77:
e9:09:7d:a3:98:a4:b7:f4:54:62:0e:5e:a6:9f:92:
35:e6:82:23:e6:ae:0c:eb:a5:33:12:26:84:4d:cc:
2c:ca:00:2b:55:c8:41:9b:f1:98:95:7b:e6:50:ee:
0c:79:5a:fa:e6:df:98:eb:ee:e2:d5:ce:cb:25:ff:
0f:af:10:8c:0a:af:8a:ea:ef:6b:97:0c:8c:01:44:
7b:45:b1:b9:65:6e:6e:bf:d4:54:30:71:6f:e5:9d:
4c:9a:0e:ef:1d:64:6f:fd:8d:e1:17:c2:d9:7b:af:
51:6a:3f:cc:0c:59:20:15:fa:31:09:f6:03:01:f5:
20:d5:59:ff:3e:4b:04:0f:7c:b7:93:84:4f:03:be:
73:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:F0:CE:81:00:DB:BE:A0:A0:4D:CA:E8:A5:FC:F6:73:48:57:8A:5D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/nvDOgQDbvqCgTcropfz2c0hXil0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
bf:aa:cb:7b:99:85:b1:82:83:76:36:7a:08:c1:2f:b9:a8:c4:
2a:3d:b2:15:07:89:4a:60:7d:50:f6:72:77:14:70:15:44:f5:
9c:f9:a6:17:7e:72:19:6f:bd:4b:12:78:40:89:6e:83:0c:b4:
5f:59:4e:c4:12:55:6c:ce:bf:cc:2b:61:18:4c:f4:c4:82:4b:
a7:bf:9c:eb:62:19:67:b9:69:1f:d6:60:87:30:fa:d5:d2:c5:
08:8d:81:8e:ff:10:e3:f6:c2:4b:5b:8b:ca:70:91:16:92:cf:
c1:2b:6a:52:d3:50:f7:f4:14:c2:45:33:46:66:cd:f7:32:19:
a2:b2:5f:8d:bf:c1:78:a7:ff:83:93:3f:60:f2:5b:80:e4:85:
d0:87:2b:d2:20:1e:41:22:78:d3:83:cb:c3:03:8b:8a:65:e5:
5d:eb:db:ef:03:ee:bb:ca:fb:24:38:a4:d0:38:20:22:f6:07:
77:38:c8:82:24:32:0d:7e:bd:aa:ae:2d:ce:4c:8e:1a:eb:11:
a3:17:7c:95:b6:58:9a:05:f2:af:1b:d4:c8:2e:e6:e2:2b:68:
61:7f:73:55:a6:16:bb:4b:3a:e6:a2:6a:4c:8f:82:78:84:6b:
e8:b1:94:73:37:d8:ed:72:6b:e4:d7:62:7e:8b:44:bb:30:83:
cd:c0:fb:4d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvsqbEai8e9KhSkNFU/BseMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTIwMTIxNzA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWYwY2U4MTAwZGJiZWEwYTA0ZGNhZThhNWZjZjY3MzQ4NTc4YTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuJRKf2qo79y4bjpLjbTfSavS986
SLnpt2NEprlIFXUgJ3A7S6WzAFCP+aa7BSRssAYpP13Z2II0WfRWUtf02X6PKA2T
D5xqcgCWBKkh9+Qv/OfiOB3e28wQqVUWCaB6h7I2P6zd+0+Xa2uc/DM0kXnyQh8H
23fpCX2jmKS39FRiDl6mn5I15oIj5q4M66UzEiaETcwsygArVchBm/GYlXvmUO4M
eVr65t+Y6+7i1c7LJf8PrxCMCq+K6u9rlwyMAUR7RbG5ZW5uv9RUMHFv5Z1Mmg7v
HWRv/Y3hF8LZe69Raj/MDFkgFfoxCfYDAfUg1Vn/PksED3y3k4RPA75zKQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ7wzoEA276goE3K6KX89nNIV4pdMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbnZET2dRRGJ2cUNnVGNyb3BmejJjMGhYaWwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAL+qy3uZhbGCg3Y2egjB
L7moxCo9shUHiUpgfVD2cncUcBVE9Zz5phd+chlvvUsSeECJboMMtF9ZTsQSVWzO
v8wrYRhM9MSCS6e/nOtiGWe5aR/WYIcw+tXSxQiNgY7/EOP2wktbi8pwkRaSz8Er
alLTUPf0FMJFM0ZmzfcyGaKyX42/wXin/4OTP2DyW4DkhdCHK9IgHkEieNODy8MD
i4pl5V3r2+8D7rvK+yQ4pNA4ICL2B3c4yIIkMg1+vaquLc5MjhrrEaMXfJW2WJoF
8q8b1Mgu5uIraGF/c1WmFrtLOuaiakyPgniEa+ixlHM32O1ya+TXYn6LRLswg83A
+00=
-----END CERTIFICATE-----
Generated at Sat May 10 13:39:18 2025 by rpki-client