Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-_JfVkDFssLy28aidFMnmU1XRiY.roa
File: 1-_JfVkDFssLy28aidFMnmU1XRiY.roa (raw, json)
Hash identifier: Xiy8qvz0G/P6MM1NbTjWRE5uULKleBf+na5X8JGUFa4=
Subject key identifier: FB:F2:5F:56:40:C5:B2:C2:F2:DB:C6:A2:74:53:27:99:4D:57:46:26
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BAED8ACB8552846F95EDFD44A60D2F534
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-_JfVkDFssLy28aidFMnmU1XRiY.roa
Signing time: Wed 08 Nov 2023 12:11:57 +0000
ROA not before: Wed 08 Nov 2023 12:11:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ae:d8:ac:b8:55:28:46:f9:5e:df:d4:4a:60:d2:f5:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 8 12:11:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbf25f5640c5b2c2f2dbc6a2745327994d574626
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:21:33:2c:28:a4:a9:e4:77:09:31:1e:65:ab:
2e:46:5b:e3:13:1c:dc:c0:90:01:3e:d2:2b:d4:bd:
43:20:8e:00:d5:04:eb:01:49:eb:38:4e:fe:82:18:
9b:58:fb:b1:6c:86:82:ae:8c:9c:64:8d:26:3f:ed:
37:97:8f:17:8c:d1:69:6c:be:e9:b7:9a:b1:e1:b4:
2a:36:54:85:c9:dd:12:f3:2a:51:e4:26:c0:53:60:
37:3f:ae:9d:8b:cc:98:03:d2:ac:3d:b1:48:03:52:
dc:a5:67:d5:2c:fd:23:03:b6:40:7f:78:7b:05:09:
19:8e:b6:a2:90:09:3e:91:ad:25:70:36:2f:7f:f2:
4e:e9:40:e5:34:e4:c0:44:03:33:65:62:e6:19:43:
42:82:bc:d0:09:33:22:6a:ab:c3:a8:40:2e:53:9d:
31:ce:6e:d0:ea:ae:ef:67:89:89:e8:dc:32:8b:46:
0a:2f:90:c9:49:82:90:22:a8:4f:90:51:77:ec:19:
ad:9d:b2:b2:09:1f:13:bf:b2:4a:90:a8:a1:51:4f:
8d:1c:cd:21:11:f0:03:1e:15:8e:32:07:5c:74:41:
ac:93:7a:c5:96:23:79:be:87:9a:81:93:5a:3e:d3:
f6:a1:49:b6:02:8c:ea:40:62:6e:76:42:00:fa:76:
87:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:F2:5F:56:40:C5:B2:C2:F2:DB:C6:A2:74:53:27:99:4D:57:46:26
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-_JfVkDFssLy28aidFMnmU1XRiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
24:2f:34:4e:ea:b3:8f:d9:aa:e5:7e:53:bc:76:28:ce:0a:db:
1d:57:7d:e2:29:04:b0:2e:15:ee:8a:33:92:65:81:02:22:1b:
b1:2e:6b:6a:fc:bf:a9:df:2d:2e:ec:73:59:42:9b:19:eb:fc:
31:15:58:eb:6f:fb:83:13:18:aa:71:19:b6:26:60:82:c2:f9:
3b:a4:28:fb:c4:25:c1:a2:c4:99:94:0f:d4:7d:19:ce:b7:8b:
4c:6e:c3:d7:04:32:a4:2d:29:fb:d5:77:68:f0:00:f3:50:57:
8a:a8:28:4f:63:c6:cc:47:6d:82:72:c8:59:55:6a:35:f2:81:
8e:4e:b2:70:c9:45:6e:bf:ef:2f:87:2a:3d:93:58:0f:60:cb:
96:4b:e1:ea:2b:f6:6f:ed:7f:ab:9c:fb:11:c1:ee:e0:48:38:
37:5f:de:f1:f9:2a:24:69:7b:db:b0:69:f6:e9:d7:dc:a1:35:
ea:1a:5b:01:49:df:08:30:ca:b2:1c:02:3f:bf:62:b7:da:99:
e7:3d:9c:10:0b:fe:be:5c:36:17:ad:f4:b6:ab:94:eb:14:71:
a0:88:04:19:64:f2:fc:40:c4:50:97:8f:84:da:03:26:7a:1a:
6a:36:42:98:d3:d8:57:f1:ff:2f:a5:5d:ff:37:d0:29:cd:43:
7b:a2:48:05
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYuu2Ky4VShG+V7f1Epg0vU0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA4MTIxMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmYyNWY1NjQwYzViMmMyZjJkYmM2YTI3NDUzMjc5OTRkNTc0NjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1CEzLCikqeR3CTEeZasuRlvjExzc
wJABPtIr1L1DII4A1QTrAUnrOE7+ghibWPuxbIaCroycZI0mP+03l48XjNFpbL7p
t5qx4bQqNlSFyd0S8ypR5CbAU2A3P66di8yYA9KsPbFIA1LcpWfVLP0jA7ZAf3h7
BQkZjraikAk+ka0lcDYvf/JO6UDlNOTARAMzZWLmGUNCgrzQCTMiaqvDqEAuU50x
zm7Q6q7vZ4mJ6Nwyi0YKL5DJSYKQIqhPkFF37BmtnbKyCR8Tv7JKkKihUU+NHM0h
EfADHhWOMgdcdEGsk3rFliN5voeagZNaPtP2oUm2AozqQGJudkIA+naHqQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPvyX1ZAxbLC8tvGonRTJ5lNV0YmMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMS1fSmZWa0RGc3NMeTI4YWlkRk1ubVUxWFJpWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzgvZjYwMTc4LTk5MWEtNDI2MS05NmEwLWRkNWMzMDBiZTU0
ZS8xL1F3T2FhQk1QR1dNZUZTZVViaDRTZmJIby1kay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQAkLzRO6rOP2arlflO8
dijOCtsdV33iKQSwLhXuijOSZYECIhuxLmtq/L+p3y0u7HNZQpsZ6/wxFVjrb/uD
ExiqcRm2JmCCwvk7pCj7xCXBosSZlA/UfRnOt4tMbsPXBDKkLSn71Xdo8ADzUFeK
qChPY8bMR22CcshZVWo18oGOTrJwyUVuv+8vhyo9k1gPYMuWS+HqK/Zv7X+rnPsR
we7gSDg3X97x+SokaXvbsGn26dfcoTXqGlsBSd8IMMqyHAI/v2K32pnnPZwQC/6+
XDYXrfS2q5TrFHGgiAQZZPL8QMRQl4+E2gMmehpqNkKY09hX8f8vpV3/N9ApzUN7
okgF
-----END CERTIFICATE-----
Generated at Mon Apr 21 11:07:39 2025 by rpki-client