Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rMB8vhSCs61nixoPsDrF4cMZgGo.roa
File: rMB8vhSCs61nixoPsDrF4cMZgGo.roa (raw, json)
Hash identifier: ubadZkRhh8Kw3+7J2vKmCTPV3yXgCdzWnRfs6czT+34=
Subject key identifier: AC:C0:7C:BE:14:82:B3:AD:67:8B:1A:0F:B0:3A:C5:E1:C3:19:80:6A
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AAF4ACF707D8A6F32AB8D07C3EFBF9A50
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rMB8vhSCs61nixoPsDrF4cMZgGo.roa
Signing time: Tue 19 Sep 2023 21:13:50 +0000
ROA not before: Tue 19 Sep 2023 21:13:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:af:4a:cf:70:7d:8a:6f:32:ab:8d:07:c3:ef:bf:9a:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 19 21:13:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=acc07cbe1482b3ad678b1a0fb03ac5e1c319806a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ba:a4:52:c6:87:0e:40:f9:56:cc:c2:c2:12:
9a:cb:71:ef:62:b9:b7:05:6c:3e:ff:0e:a3:7b:37:
ff:0a:f7:4e:74:bf:79:81:55:cf:64:37:71:6b:8f:
3e:26:b1:40:5d:bc:0d:64:e1:a3:0f:12:2b:5f:4c:
c7:05:4f:34:fd:74:b0:7e:dd:57:7d:b9:98:cc:19:
85:52:77:fa:73:28:2d:06:ad:c9:87:54:cb:4a:bb:
15:b7:bc:f8:47:48:06:14:cc:80:5d:46:81:ff:cf:
9d:15:c5:9c:21:e4:25:bf:fb:fc:a0:cf:2d:a2:a3:
7f:db:49:de:f5:8d:cf:55:03:4f:6e:4c:50:ce:7d:
55:c6:53:56:e6:b3:9e:16:1b:d1:29:8f:17:35:b5:
18:34:87:54:ad:29:80:2a:e2:4b:0f:d8:e3:20:0f:
1f:bb:20:46:b5:85:c2:28:82:af:81:7d:9a:01:b1:
f5:3b:7d:fb:ea:74:2d:f4:ea:88:e2:42:c9:a1:7d:
ab:7a:d8:ba:a8:8e:ab:fa:9d:0b:43:d7:00:39:80:
f8:ca:f0:46:b5:34:1d:80:b5:f7:97:83:aa:bb:f5:
6d:0b:00:9f:70:87:6a:c4:c1:46:fa:67:bd:eb:6c:
23:6f:98:9d:39:0f:82:21:bf:b6:89:e8:2e:3d:6b:
54:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:C0:7C:BE:14:82:B3:AD:67:8B:1A:0F:B0:3A:C5:E1:C3:19:80:6A
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rMB8vhSCs61nixoPsDrF4cMZgGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
04:0d:91:4f:63:b4:33:8e:e4:5b:ea:e8:60:55:05:38:a5:04:
85:ba:fc:e4:84:eb:61:32:7c:cb:70:00:ec:63:5e:8f:f2:e8:
cf:af:4a:55:61:e8:83:13:d7:c9:e4:f0:15:2a:3d:ba:2c:dd:
c2:f1:59:29:95:c1:ce:af:41:f7:d3:ac:38:b9:1b:5f:f9:1a:
fb:95:a3:ab:dc:18:66:4f:c7:2d:c6:2e:91:95:b2:2b:2c:43:
00:c5:10:c1:13:32:21:a0:4a:6c:d8:f2:9d:c5:4a:9c:29:af:
42:4a:0c:89:a8:dd:ea:75:53:1d:65:ec:05:ff:bd:2e:7c:fd:
cb:1a:5f:d2:a5:4b:79:04:55:28:2b:69:de:03:11:27:70:ac:
d4:46:93:66:54:93:65:61:d3:e7:44:d8:59:61:4c:bb:59:f4:
2d:75:ff:dd:20:a7:54:2f:f3:9f:9f:82:b7:4c:61:87:c8:28:
7f:1c:b8:48:70:de:91:55:9c:42:79:f4:47:5f:c1:13:cb:0a:
84:0e:c9:cf:ab:0c:70:32:17:92:54:d6:ae:e8:cf:fa:a4:1d:
85:bd:5c:36:5d:e6:69:31:f0:f6:6b:75:35:b2:6e:81:02:cf:
d3:60:26:eb:ac:1f:32:ef:af:9a:b9:49:76:fa:80:d0:70:1a:
c6:21:30:70
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqvSs9wfYpvMquNB8Pvv5pQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTE5MjExMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2MwN2NiZTE0ODJiM2FkNjc4YjFhMGZiMDNhYzVlMWMzMTk4MDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibqkUsaHDkD5VszCwhKay3HvYrm3
BWw+/w6jezf/CvdOdL95gVXPZDdxa48+JrFAXbwNZOGjDxIrX0zHBU80/XSwft1X
fbmYzBmFUnf6cygtBq3Jh1TLSrsVt7z4R0gGFMyAXUaB/8+dFcWcIeQlv/v8oM8t
oqN/20ne9Y3PVQNPbkxQzn1VxlNW5rOeFhvRKY8XNbUYNIdUrSmAKuJLD9jjIA8f
uyBGtYXCKIKvgX2aAbH1O3376nQt9OqI4kLJoX2reti6qI6r+p0LQ9cAOYD4yvBG
tTQdgLX3l4Oqu/VtCwCfcIdqxMFG+me962wjb5idOQ+CIb+2ieguPWtUyQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKzAfL4UgrOtZ4saD7A6xeHDGYBqMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvck1COHZoU0NzNjFuaXhvUHNEckY0Y01aZ0dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAQNkU9jtDOO5Fvq6GBV
BTilBIW6/OSE62EyfMtwAOxjXo/y6M+vSlVh6IMT18nk8BUqPbos3cLxWSmVwc6v
QffTrDi5G1/5GvuVo6vcGGZPxy3GLpGVsissQwDFEMETMiGgSmzY8p3FSpwpr0JK
DImo3ep1Ux1l7AX/vS58/csaX9KlS3kEVSgrad4DESdwrNRGk2ZUk2Vh0+dE2Flh
TLtZ9C11/90gp1Qv85+fgrdMYYfIKH8cuEhw3pFVnEJ59EdfwRPLCoQOyc+rDHAy
F5JU1q7oz/qkHYW9XDZd5mkx8PZrdTWyboECz9NgJuusHzLvr5q5SXb6gNBwGsYh
MHA=
-----END CERTIFICATE-----
Generated at Sun May 11 13:28:51 2025 by rpki-client