Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/01i9cXvW816YFYe78EI87oON_2Q.roa
File: 01i9cXvW816YFYe78EI87oON_2Q.roa (raw, json)
Hash identifier: /Tjyx+H/WKOwY0NUFgK0SFX46WIkYNG0yWFB8Y0fOKE=
Subject key identifier: D3:58:BD:71:7B:D6:F3:5E:98:15:87:BB:F0:42:3C:EE:83:8D:FF:64
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BEF3CB7A3E4C63B68CAB034E99D13FD04
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/01i9cXvW816YFYe78EI87oON_2Q.roa
Signing time: Tue 21 Nov 2023 00:16:55 +0000
ROA not before: Tue 21 Nov 2023 00:16:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ef:3c:b7:a3:e4:c6:3b:68:ca:b0:34:e9:9d:13:fd:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 21 00:16:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d358bd717bd6f35e981587bbf0423cee838dff64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:0e:0c:dd:36:e7:a1:6b:e0:9c:1e:ee:44:d4:
f0:6e:28:26:5a:14:7f:98:1e:58:08:87:bd:1d:cc:
e0:ac:8c:db:33:3e:22:8c:94:03:ad:be:05:70:1d:
ec:91:74:81:3d:e1:60:5b:8d:a5:fb:65:65:e3:02:
05:bc:3a:e0:35:eb:9a:8d:d6:d2:71:ff:02:81:72:
8a:50:19:6e:ef:3b:97:35:49:ac:a1:28:2f:54:df:
a5:06:d9:f9:76:6f:f7:14:c5:dd:c6:b8:4e:58:ee:
a0:18:94:07:8d:f7:7e:33:c3:e2:31:7b:68:44:66:
ed:74:af:cd:ff:69:77:d8:97:c1:e7:45:77:eb:9a:
42:42:90:61:54:5e:61:c4:03:f7:50:b2:0c:99:c5:
84:68:29:d2:20:e8:2b:d9:6a:3e:97:c2:a7:03:e9:
be:31:7c:71:70:b4:da:90:e0:91:72:8d:a3:fe:16:
75:13:29:80:48:0c:11:16:ca:32:31:37:db:43:e3:
36:a4:7f:b2:c7:b9:a7:40:f9:a5:9a:3d:3e:ee:df:
22:2b:81:1a:35:a8:bf:4f:a0:23:53:20:96:ce:92:
79:37:73:5e:ed:85:1b:b1:59:a0:65:a5:b1:af:ec:
d3:66:fb:31:bc:fd:ed:25:4b:fe:38:ef:09:13:e2:
c7:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:58:BD:71:7B:D6:F3:5E:98:15:87:BB:F0:42:3C:EE:83:8D:FF:64
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/01i9cXvW816YFYe78EI87oON_2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
d4:64:3e:5d:07:fe:e8:0c:82:9d:d8:30:60:68:8c:7f:9e:e6:
b5:0c:31:94:31:71:49:41:72:43:70:10:65:81:8f:e8:99:5f:
07:0a:ae:fa:04:5c:2f:46:4e:02:06:ee:ef:b2:1d:ca:90:27:
a4:8e:f9:79:ee:36:e7:4b:7d:36:38:b9:64:f7:79:e0:4d:44:
26:21:f5:fc:a1:96:72:84:7c:e6:e9:b7:10:11:6f:39:69:a9:
5d:c6:1b:73:b6:d7:7e:a0:b7:8c:9e:9e:51:f6:08:2f:b9:cf:
2c:37:58:21:3e:8d:24:b6:31:ca:2b:4e:ec:a4:6d:68:82:c3:
7f:1d:ea:75:91:5a:aa:56:05:9e:db:7e:95:84:01:96:20:76:
7d:34:c9:2e:fa:2e:2b:0b:e6:f0:59:6a:fb:51:b9:7d:6d:12:
06:b1:2a:1d:62:7a:36:fb:79:f2:42:c3:da:38:51:aa:22:ac:
3a:e9:4b:7a:db:4b:24:9e:1f:43:6e:0f:14:08:db:8f:e3:b8:
66:b9:f1:35:84:c2:f9:65:c0:81:f4:5d:3e:25:ed:25:32:a2:
4c:dc:4e:8d:1d:85:35:da:24:76:e9:39:8b:60:55:f2:e4:9d:
0d:44:1e:74:07:af:4e:be:e2:b5:80:9d:76:e1:89:6c:18:b9:
b7:75:da:0d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvvPLej5MY7aMqwNOmdE/0EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTIxMDAxNjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzU4YmQ3MTdiZDZmMzVlOTgxNTg3YmJmMDQyM2NlZTgzOGRmZjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArA4M3TbnoWvgnB7uRNTwbigmWhR/
mB5YCIe9HczgrIzbMz4ijJQDrb4FcB3skXSBPeFgW42l+2Vl4wIFvDrgNeuajdbS
cf8CgXKKUBlu7zuXNUmsoSgvVN+lBtn5dm/3FMXdxrhOWO6gGJQHjfd+M8PiMXto
RGbtdK/N/2l32JfB50V365pCQpBhVF5hxAP3ULIMmcWEaCnSIOgr2Wo+l8KnA+m+
MXxxcLTakOCRco2j/hZ1EymASAwRFsoyMTfbQ+M2pH+yx7mnQPmlmj0+7t8iK4Ea
Nai/T6AjUyCWzpJ5N3Ne7YUbsVmgZaWxr+zTZvsxvP3tJUv+OO8JE+LHLwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNNYvXF71vNemBWHu/BCPO6Djf9kMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMDFpOWNYdlc4MTZZRlllNzhFSTg3b09OXzJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBANRkPl0H/ugMgp3YMGBo
jH+e5rUMMZQxcUlBckNwEGWBj+iZXwcKrvoEXC9GTgIG7u+yHcqQJ6SO+XnuNudL
fTY4uWT3eeBNRCYh9fyhlnKEfObptxARbzlpqV3GG3O2136gt4yenlH2CC+5zyw3
WCE+jSS2McorTuykbWiCw38d6nWRWqpWBZ7bfpWEAZYgdn00yS76LisL5vBZavtR
uX1tEgaxKh1iejb7efJCw9o4UaoirDrpS3rbSySeH0NuDxQI24/juGa58TWEwvll
wIH0XT4l7SUyokzcTo0dhTXaJHbpOYtgVfLknQ1EHnQHr06+4rWAnXbhiWwYubd1
2g0=
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:07:32 2025 by rpki-client