Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/t3-nKV5UJ54ImXaqtao2tfCYClo.roa
File: t3-nKV5UJ54ImXaqtao2tfCYClo.roa (raw, json)
Hash identifier: VmxVo64PE1fEgxHaUq2IRCEtDAw3EhDnrxZUjtBWBgw=
Subject key identifier: B7:7F:A7:29:5E:54:27:9E:08:99:76:AA:B5:AA:36:B5:F0:98:0A:5A
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AF2DA0FEDB5AECC70DDE9E78E068FFCA6
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/t3-nKV5UJ54ImXaqtao2tfCYClo.roa
Signing time: Tue 03 Oct 2023 00:04:51 +0000
ROA not before: Tue 03 Oct 2023 00:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:f2d9:80e5/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f2:da:0f:ed:b5:ae:cc:70:dd:e9:e7:8e:06:8f:fc:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 3 00:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b77fa7295e54279e089976aab5aa36b5f0980a5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:75:00:c1:71:31:87:2f:f8:cd:35:fc:7a:fb:
82:49:17:dd:6a:44:51:2a:ea:71:c7:ce:b4:1e:b7:
61:4a:15:c1:17:13:c0:60:72:63:74:78:fe:77:10:
55:a2:e9:a7:e6:5d:dc:9b:39:74:2a:10:25:69:c1:
c3:7d:02:1a:61:74:8a:01:da:12:c5:4b:f0:90:65:
5d:ff:e0:ed:17:54:e9:dc:9e:79:68:e5:a3:e8:70:
9d:bf:d6:79:92:c9:f4:c8:cd:4f:05:d4:7e:4f:aa:
c0:c8:17:2c:2f:85:ab:85:20:89:fd:70:07:bf:5c:
35:2a:d0:41:74:1c:66:99:6d:7e:07:4a:ad:76:65:
88:10:84:1e:fe:ce:f1:46:19:5b:78:a6:9d:5b:79:
39:95:b3:bf:a4:3a:91:bd:43:6e:60:4b:0b:94:ff:
19:fd:81:7d:03:4b:51:5d:57:b9:ee:46:20:c7:dc:
a9:45:16:bd:95:c3:c6:cd:a1:88:9e:24:05:e3:38:
01:fa:3e:20:50:f9:d4:93:fd:e8:41:93:22:4c:6b:
6c:09:aa:bc:29:0c:e9:0d:0b:12:ca:b6:b4:3b:dc:
bd:90:fd:f3:08:a5:6e:79:db:9f:5d:bb:d0:e0:2d:
f8:cc:cd:e9:91:de:b2:4e:6b:af:3a:38:39:56:28:
76:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:7F:A7:29:5E:54:27:9E:08:99:76:AA:B5:AA:36:B5:F0:98:0A:5A
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/t3-nKV5UJ54ImXaqtao2tfCYClo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ba:9c:f3:1f:a8:11:2d:e6:ae:37:46:e9:63:19:ce:fc:c2:2d:
40:50:9f:a7:8a:35:83:12:6b:cc:30:0c:fd:30:16:5b:71:7f:
d5:0e:fd:38:70:82:5e:52:ac:7d:41:a2:5b:12:f2:9e:4a:a3:
10:1f:7b:9b:74:08:d7:65:6f:cd:05:03:aa:08:ab:de:81:73:
7f:92:aa:eb:81:e3:5e:96:fb:36:44:ed:3f:67:9d:d1:ef:bf:
be:d7:a9:86:14:7c:1d:53:cc:ea:bb:eb:3c:4a:40:54:9b:51:
19:58:1b:a6:74:05:7d:48:4b:9e:97:f0:13:c5:1b:26:55:c0:
11:f3:77:11:ad:87:e4:45:eb:71:ff:59:ae:98:a9:46:de:2a:
e7:b4:ad:6d:52:52:80:50:b8:4e:97:be:31:e9:85:f4:25:a2:
30:84:5c:74:07:1c:25:1e:9c:18:83:b1:16:df:68:db:4d:81:
dd:ae:38:b3:e2:9d:0d:14:6e:61:2b:b3:59:db:bb:86:04:9b:
7b:81:14:e5:20:47:d6:13:b3:b4:c4:45:10:3a:93:58:70:48:
c3:35:7e:80:a9:cb:2b:88:7d:df:db:bd:ed:82:65:3a:eb:6e:
1c:67:3c:24:59:06:2e:fe:ca:ca:db:b8:b7:41:ed:2b:8e:bf:
35:d5:ce:a0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYry2g/tta7McN3p544Gj/ymMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDAzMDAwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzdmYTcyOTVlNTQyNzllMDg5OTc2YWFiNWFhMzZiNWYwOTgwYTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHUAwXExhy/4zTX8evuCSRfdakRR
Kupxx860HrdhShXBFxPAYHJjdHj+dxBVoumn5l3cmzl0KhAlacHDfQIaYXSKAdoS
xUvwkGVd/+DtF1Tp3J55aOWj6HCdv9Z5ksn0yM1PBdR+T6rAyBcsL4WrhSCJ/XAH
v1w1KtBBdBxmmW1+B0qtdmWIEIQe/s7xRhlbeKadW3k5lbO/pDqRvUNuYEsLlP8Z
/YF9A0tRXVe57kYgx9ypRRa9lcPGzaGIniQF4zgB+j4gUPnUk/3oQZMiTGtsCaq8
KQzpDQsSyra0O9y9kP3zCKVuedufXbvQ4C34zM3pkd6yTmuvOjg5Vih29QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLd/pyleVCeeCJl2qrWqNrXwmApaMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdDMtbktWNVVKNTRJbVhhcXRhbzJ0ZkNZQ2xvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALqc8x+oES3mrjdG6WMZ
zvzCLUBQn6eKNYMSa8wwDP0wFltxf9UO/Thwgl5SrH1BolsS8p5KoxAfe5t0CNdl
b80FA6oIq96Bc3+SquuB416W+zZE7T9nndHvv77XqYYUfB1TzOq76zxKQFSbURlY
G6Z0BX1IS56X8BPFGyZVwBHzdxGth+RF63H/Wa6YqUbeKue0rW1SUoBQuE6XvjHp
hfQlojCEXHQHHCUenBiDsRbfaNtNgd2uOLPinQ0UbmErs1nbu4YEm3uBFOUgR9YT
s7TERRA6k1hwSMM1foCpyyuIfd/bve2CZTrrbhxnPCRZBi7+ysrbuLdB7SuOvzXV
zqA=
-----END CERTIFICATE-----
Generated at Sat May 10 11:45:40 2025 by rpki-client