Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/tOtM5U0j4CyUSVt0wcjCA6ILI54.roa
File: tOtM5U0j4CyUSVt0wcjCA6ILI54.roa (raw, json)
Hash identifier: aRhdlFulyf88bMDJL0DkmUHdhjRj8CCxeQY8Hum0xKM=
Subject key identifier: B4:EB:4C:E5:4D:23:E0:2C:94:49:5B:74:C1:C8:C2:03:A2:0B:23:9E
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C1AC8933C07EE13BAED1E8CC009F5186E
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/tOtM5U0j4CyUSVt0wcjCA6ILI54.roa
Signing time: Wed 29 Nov 2023 11:13:21 +0000
ROA not before: Wed 29 Nov 2023 11:13:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1a:c8:93:3c:07:ee:13:ba:ed:1e:8c:c0:09:f5:18:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 29 11:13:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4eb4ce54d23e02c94495b74c1c8c203a20b239e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:db:5d:e2:7f:ac:bc:3c:15:43:68:a4:99:e2:
04:41:bd:a1:00:38:b9:c0:d7:fe:de:c6:b0:19:3b:
c7:fe:c8:54:8e:0e:c1:cd:3e:38:ca:49:29:f6:9b:
5a:d8:26:16:05:99:15:09:81:a5:2f:4b:4b:12:2f:
8d:64:86:96:a0:bb:58:be:36:8a:96:42:5d:f2:e0:
23:ec:a1:33:64:be:59:e8:66:82:bf:19:21:56:5d:
79:0c:72:8c:3d:e3:4c:79:a7:04:58:6f:46:38:a6:
e7:27:f0:ec:b8:d9:a2:d6:c9:d9:36:30:e6:d7:cf:
d4:e9:4d:ea:fd:41:b9:73:be:04:ae:b5:b3:dd:a6:
90:74:ec:bb:29:10:9f:c5:e8:fc:d4:61:52:a9:81:
24:9a:f3:c3:d6:92:e3:d2:49:39:35:23:2a:3d:c7:
6e:fd:55:2a:aa:2f:75:63:27:b7:ef:6a:3f:13:c5:
8f:7e:7e:d1:71:43:cd:fa:df:68:4c:c0:5c:ad:de:
c2:1b:d2:f0:a1:6a:f7:ef:ea:d0:cb:cf:c0:3e:23:
8c:47:ee:93:77:59:b4:5e:74:1c:af:cb:19:cf:e3:
a9:ac:53:1a:84:09:58:cf:c9:8c:83:18:e6:81:a7:
83:04:7f:95:e8:72:c1:19:c3:61:20:83:fc:81:90:
14:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:EB:4C:E5:4D:23:E0:2C:94:49:5B:74:C1:C8:C2:03:A2:0B:23:9E
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/tOtM5U0j4CyUSVt0wcjCA6ILI54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c0:b7:f2:40:50:e4:97:ba:a9:19:be:56:a9:07:79:f2:88:06:
7b:16:94:07:fd:02:3c:c7:86:60:4e:47:8e:63:95:53:e7:9e:
fb:d9:3d:cd:36:34:ae:6b:64:78:13:49:95:6e:43:e6:6d:1c:
8d:db:96:b1:d9:1e:bd:5e:dd:35:ae:23:f4:33:3d:09:ba:e9:
88:15:f9:5b:8c:94:63:de:eb:7c:61:38:bf:69:59:f9:2c:fc:
61:63:67:1d:8a:6d:c3:0f:a3:f3:bf:56:4d:6b:7c:8f:d7:6b:
17:93:fd:2b:bd:86:ed:41:07:ba:0a:c1:0e:53:fb:d2:7e:d4:
2c:1a:cb:8b:41:a6:68:c2:f3:95:26:52:d8:23:ca:be:c0:b4:
7d:b6:fb:5f:2f:98:be:d1:a3:79:05:8f:16:25:85:23:be:e7:
84:66:b1:f4:50:9d:63:99:ce:fd:93:24:b7:ca:8e:18:cc:27:
7b:01:0a:23:90:58:b1:5e:98:24:c3:da:e4:48:4f:5b:1d:9d:
9f:d7:19:4b:26:b4:79:80:2d:37:1b:d5:34:3b:5b:ba:9c:41:
a9:8e:96:39:eb:0a:b8:b0:8a:10:59:7e:df:29:09:77:44:16:
02:3a:6f:3f:0e:2d:40:56:3b:d9:8b:16:ac:df:a3:76:42:d0:
26:45:bf:e1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwayJM8B+4Tuu0ejMAJ9RhuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI5MTExMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGViNGNlNTRkMjNlMDJjOTQ0OTViNzRjMWM4YzIwM2EyMGIyMzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdtd4n+svDwVQ2ikmeIEQb2hADi5
wNf+3sawGTvH/shUjg7BzT44ykkp9pta2CYWBZkVCYGlL0tLEi+NZIaWoLtYvjaK
lkJd8uAj7KEzZL5Z6GaCvxkhVl15DHKMPeNMeacEWG9GOKbnJ/DsuNmi1snZNjDm
18/U6U3q/UG5c74ErrWz3aaQdOy7KRCfxej81GFSqYEkmvPD1pLj0kk5NSMqPcdu
/VUqqi91Yye372o/E8WPfn7RcUPN+t9oTMBcrd7CG9LwoWr37+rQy8/APiOMR+6T
d1m0XnQcr8sZz+OprFMahAlYz8mMgxjmgaeDBH+V6HLBGcNhIIP8gZAU7QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLTrTOVNI+AslElbdMHIwgOiCyOeMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdE90TTVVMGo0Q3lVU1Z0MHdjakNBNklMSTU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMC38kBQ5Je6qRm+VqkH
efKIBnsWlAf9AjzHhmBOR45jlVPnnvvZPc02NK5rZHgTSZVuQ+ZtHI3blrHZHr1e
3TWuI/QzPQm66YgV+VuMlGPe63xhOL9pWfks/GFjZx2KbcMPo/O/Vk1rfI/XaxeT
/Su9hu1BB7oKwQ5T+9J+1Cway4tBpmjC85UmUtgjyr7AtH22+18vmL7Ro3kFjxYl
hSO+54RmsfRQnWOZzv2TJLfKjhjMJ3sBCiOQWLFemCTD2uRIT1sdnZ/XGUsmtHmA
LTcb1TQ7W7qcQamOljnrCriwihBZft8pCXdEFgI6bz8OLUBWO9mLFqzfo3ZC0CZF
v+E=
-----END CERTIFICATE-----
Generated at Sun May 11 18:52:11 2025 by rpki-client