Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/s7UkK6MP0KKs7ITcyDhIo63W1c0.roa
File: s7UkK6MP0KKs7ITcyDhIo63W1c0.roa (raw, json)
Hash identifier: lLPN8n3r0QbLdiYt3/Mx2Ez/eH20gnLCcMRFOZqe87w=
Subject key identifier: B3:B5:24:2B:A3:0F:D0:A2:AC:EC:84:DC:C8:38:48:A3:AD:D6:D5:CD
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C763138E5BE009421218E90D006FA4816
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/s7UkK6MP0KKs7ITcyDhIo63W1c0.roa
Signing time: Sun 17 Dec 2023 05:13:06 +0000
ROA not before: Sun 17 Dec 2023 05:13:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:76:31:38:e5:be:00:94:21:21:8e:90:d0:06:fa:48:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 17 05:13:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3b5242ba30fd0a2acec84dcc83848a3add6d5cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:87:64:8e:50:a6:6c:ed:c3:a0:9e:c1:af:ec:
8b:47:ff:e2:d4:b5:69:2b:5b:9f:5c:25:eb:40:fa:
0a:2f:af:34:44:64:28:9a:1a:e4:4b:3a:c2:3c:1c:
88:de:fa:72:7f:c5:dd:b1:00:d7:34:67:22:7e:ca:
19:6f:15:54:0e:62:5b:ee:f6:5c:19:48:2f:c2:50:
17:b7:2b:13:c6:4d:4e:2a:81:f5:67:c2:40:5f:cb:
2a:26:2d:b8:15:a6:29:aa:b9:b4:f4:14:e5:46:1a:
b8:cf:ba:1a:27:19:70:56:27:ef:f6:10:41:c1:8e:
4e:c9:30:c1:fa:55:40:53:22:23:45:1f:19:92:ad:
d7:9f:7a:7a:ad:35:57:3e:67:15:17:23:c3:c3:b0:
47:6e:1f:df:26:cc:d9:1a:38:f0:0a:d9:33:a4:aa:
d5:e5:48:ff:7b:54:5b:52:d3:19:86:25:cb:7a:64:
2a:ce:83:ef:a3:81:1c:88:53:b5:c0:28:49:e9:fa:
5b:ef:1b:9b:de:a2:1e:1f:96:5d:0b:a8:82:d7:39:
9c:0d:68:e6:cc:42:46:27:c2:95:74:65:d5:a8:bc:
f9:e6:ba:c9:e7:67:e2:e1:71:f3:ec:f5:ed:c7:27:
21:9e:8c:56:60:92:08:b2:8c:99:03:21:6d:ce:4a:
35:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:B5:24:2B:A3:0F:D0:A2:AC:EC:84:DC:C8:38:48:A3:AD:D6:D5:CD
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/s7UkK6MP0KKs7ITcyDhIo63W1c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
04:8e:a6:c2:35:b6:58:1c:1c:b0:40:03:ea:8d:b7:28:63:f2:
91:72:8a:b7:5a:37:73:fd:5d:54:9e:0a:66:a5:3c:c9:56:25:
77:40:81:e6:4d:75:48:56:de:7b:29:6c:32:d5:4d:57:0e:66:
6e:d2:3a:89:34:04:d9:41:66:e8:37:b2:cf:58:d2:88:6d:27:
95:c9:a1:d2:b4:e0:dd:32:b9:91:8d:8c:14:e8:a4:28:b6:8d:
07:57:f3:29:c5:31:3e:de:99:cf:67:59:d5:4d:d5:c7:46:56:
a5:ac:7d:49:6d:b9:45:19:97:bc:83:67:a9:b2:c9:b5:c7:5f:
e4:b0:a2:ee:34:d7:2d:e4:b6:51:61:94:0c:c2:98:b0:08:83:
ee:3a:17:24:38:6c:56:0c:ed:e5:94:9b:0b:e4:72:9f:0c:33:
26:51:90:f4:e5:83:3d:6b:89:7e:29:18:f4:ea:b9:92:4a:92:
66:fa:d3:4f:61:88:83:82:12:2a:bd:d1:43:31:ea:07:67:89:
1f:1a:dc:04:f6:03:fb:f6:b6:96:24:d1:5e:80:d4:dd:63:76:
a6:6c:6e:6f:fa:73:24:2f:3a:c5:bf:9a:b5:11:35:d6:11:8d:
90:46:6a:5c:63:d8:42:1f:7b:47:9e:f5:5c:50:6f:00:9f:e9:
91:1a:c1:b5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYx2MTjlvgCUISGOkNAG+kgWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE3MDUxMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2I1MjQyYmEzMGZkMGEyYWNlYzg0ZGNjODM4NDhhM2FkZDZkNWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIdkjlCmbO3DoJ7Br+yLR//i1LVp
K1ufXCXrQPoKL680RGQomhrkSzrCPByI3vpyf8XdsQDXNGcifsoZbxVUDmJb7vZc
GUgvwlAXtysTxk1OKoH1Z8JAX8sqJi24FaYpqrm09BTlRhq4z7oaJxlwVifv9hBB
wY5OyTDB+lVAUyIjRR8Zkq3Xn3p6rTVXPmcVFyPDw7BHbh/fJszZGjjwCtkzpKrV
5Uj/e1RbUtMZhiXLemQqzoPvo4EciFO1wChJ6fpb7xub3qIeH5ZdC6iC1zmcDWjm
zEJGJ8KVdGXVqLz55rrJ52fi4XHz7PXtxychnoxWYJIIsoyZAyFtzko1kQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLO1JCujD9CirOyE3Mg4SKOt1tXNMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvczdVa0s2TVAwS0tzN0lUY3lEaElvNjNXMWMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAASOpsI1tlgcHLBAA+qN
tyhj8pFyirdaN3P9XVSeCmalPMlWJXdAgeZNdUhW3nspbDLVTVcOZm7SOok0BNlB
Zug3ss9Y0ohtJ5XJodK04N0yuZGNjBTopCi2jQdX8ynFMT7emc9nWdVN1cdGVqWs
fUltuUUZl7yDZ6myybXHX+Swou401y3ktlFhlAzCmLAIg+46FyQ4bFYM7eWUmwvk
cp8MMyZRkPTlgz1riX4pGPTquZJKkmb6009hiIOCEiq90UMx6gdniR8a3AT2A/v2
tpYk0V6A1N1jdqZsbm/6cyQvOsW/mrURNdYRjZBGalxj2EIfe0ee9VxQbwCf6ZEa
wbU=
-----END CERTIFICATE-----
Generated at Sun May 11 15:44:31 2025 by rpki-client