Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/uIMbwpwZTx9Ggp4RckZu1znkNqw.roa
File: uIMbwpwZTx9Ggp4RckZu1znkNqw.roa (raw, json)
Hash identifier: YGGlPgUn8kzA6eFWxL9TsCIjOeBj7JFUXtGvHki3Ikg=
Subject key identifier: B8:83:1B:C2:9C:19:4F:1F:46:82:9E:11:72:46:6E:D7:39:E4:36:AC
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C7C686744B7642201E5B9B456DF7D726D
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/uIMbwpwZTx9Ggp4RckZu1znkNqw.roa
Signing time: Mon 18 Dec 2023 10:11:06 +0000
ROA not before: Mon 18 Dec 2023 10:11:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7c:68:67:44:b7:64:22:01:e5:b9:b4:56:df:7d:72:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 18 10:11:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8831bc29c194f1f46829e1172466ed739e436ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:7d:22:ac:3e:8e:3e:2a:e9:0c:0d:47:33:39:
5c:f5:f1:1a:73:a9:7b:88:8e:14:4d:14:dd:6b:0a:
d1:12:96:c4:b2:de:62:9f:d7:aa:59:2c:7b:1a:65:
01:9b:e3:ad:a9:a1:86:3e:30:4b:3e:3b:ad:eb:a7:
95:af:6e:a6:32:e7:cc:e1:95:33:8a:8e:b8:dd:0b:
5a:94:d6:38:fe:41:a7:14:d7:1a:86:10:61:72:90:
aa:4f:64:06:d4:36:0f:33:7f:d7:67:6a:da:43:8c:
b0:a9:d4:1b:df:a2:1d:87:b8:6c:fc:d8:b9:ac:12:
09:31:f2:65:8f:da:4c:d4:72:e9:58:ce:e7:45:1b:
f4:03:27:8e:74:35:6a:4c:bf:c5:94:91:6b:9a:b1:
10:a1:d7:3b:88:d6:21:30:17:d4:c7:9d:fd:9a:95:
a4:3c:39:d5:64:2d:40:8c:bb:c2:04:d1:4c:57:12:
30:b2:a0:26:e8:53:d4:fb:d6:d1:cf:cb:ee:8c:4c:
1e:94:dd:78:48:3e:12:2b:3f:06:4d:63:d6:c1:04:
ad:74:c0:d6:d2:38:c5:7a:55:f1:27:b9:33:b6:d2:
c2:75:f4:a5:82:96:e7:a9:cb:31:2f:2c:89:6b:b5:
a7:be:02:f5:c7:d6:21:70:e8:bc:31:d0:f9:43:6f:
86:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:83:1B:C2:9C:19:4F:1F:46:82:9E:11:72:46:6E:D7:39:E4:36:AC
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/uIMbwpwZTx9Ggp4RckZu1znkNqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1a:59:27:21:da:4b:5a:ae:c9:32:4b:25:04:d8:52:ee:99:ee:
5f:75:c7:3f:a1:f9:0e:48:a1:77:cc:6e:be:d5:0f:2f:8a:9c:
c4:c9:f0:a8:c1:ee:1c:9a:12:e7:8e:ee:28:fc:46:23:81:3e:
1e:8f:63:f2:c3:51:8c:0b:f5:20:41:c1:5c:af:d3:86:7b:e0:
12:f8:bc:d7:a1:e9:e0:c9:9e:81:72:a4:e7:63:41:34:85:a3:
fd:b2:6f:b3:5a:7b:bd:de:93:30:33:2e:aa:59:e8:98:10:aa:
bd:b8:46:05:d4:4f:fd:d2:ff:f4:64:96:b8:e1:ff:2a:51:e7:
4e:ca:af:6c:5e:52:61:25:32:85:67:42:74:49:0c:1d:03:45:
fd:85:06:9d:18:99:a7:a1:99:fc:74:fa:8a:a5:c4:8f:85:b9:
d6:8f:3a:b1:1c:2f:90:71:c6:ff:45:5a:17:bd:ac:9b:59:8a:
99:39:11:82:20:7a:68:55:62:a8:30:8e:06:ea:ea:70:0a:93:
84:21:fd:4e:be:73:5e:eb:16:d9:43:88:47:1b:80:c1:ca:3e:
2a:5a:99:01:dc:ca:aa:f2:1e:9c:3d:7c:4c:d9:96:13:7b:27:
dc:4d:85:13:c4:2e:31:19:ce:63:54:e3:a0:9d:0d:24:91:d0:
e5:1f:c6:d1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYx8aGdEt2QiAeW5tFbffXJtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE4MTAxMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODgzMWJjMjljMTk0ZjFmNDY4MjllMTE3MjQ2NmVkNzM5ZTQzNmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiH0irD6OPirpDA1HMzlc9fEac6l7
iI4UTRTdawrREpbEst5in9eqWSx7GmUBm+OtqaGGPjBLPjut66eVr26mMufM4ZUz
io643QtalNY4/kGnFNcahhBhcpCqT2QG1DYPM3/XZ2raQ4ywqdQb36Idh7hs/Ni5
rBIJMfJlj9pM1HLpWM7nRRv0AyeOdDVqTL/FlJFrmrEQodc7iNYhMBfUx539mpWk
PDnVZC1AjLvCBNFMVxIwsqAm6FPU+9bRz8vujEwelN14SD4SKz8GTWPWwQStdMDW
0jjFelXxJ7kzttLCdfSlgpbnqcsxLyyJa7WnvgL1x9YhcOi8MdD5Q2+GbQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLiDG8KcGU8fRoKeEXJGbtc55DasMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdUlNYndwd1pUeDlHZ3A0UmNrWnUxem5rTnF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABpZJyHaS1quyTJLJQTY
Uu6Z7l91xz+h+Q5IoXfMbr7VDy+KnMTJ8KjB7hyaEueO7ij8RiOBPh6PY/LDUYwL
9SBBwVyv04Z74BL4vNeh6eDJnoFypOdjQTSFo/2yb7Nae73ekzAzLqpZ6JgQqr24
RgXUT/3S//Rklrjh/ypR507Kr2xeUmElMoVnQnRJDB0DRf2FBp0Ymaehmfx0+oql
xI+FudaPOrEcL5Bxxv9FWhe9rJtZipk5EYIgemhVYqgwjgbq6nAKk4Qh/U6+c17r
FtlDiEcbgMHKPipamQHcyqryHpw9fEzZlhN7J9xNhRPELjEZzmNU46CdDSSR0OUf
xtE=
-----END CERTIFICATE-----
Generated at Sat May 10 13:36:40 2025 by rpki-client