Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-a96kR9EReIred7baeXh_xg1Y-I.roa
File: 1-a96kR9EReIred7baeXh_xg1Y-I.roa (raw, json)
Hash identifier: C42Cbe4jFu2wpuMri81XRlCfYKBcFRpu9nfOnG8fW34=
Subject key identifier: F9:AF:7A:91:1F:44:45:E2:2B:79:DE:DB:69:E5:E1:FF:18:35:63:E2
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B8573BB054CCA86F837CEA30229207A45
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-a96kR9EReIred7baeXh_xg1Y-I.roa
Signing time: Tue 31 Oct 2023 11:17:16 +0000
ROA not before: Tue 31 Oct 2023 11:17:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:85:73:bb:05:4c:ca:86:f8:37:ce:a3:02:29:20:7a:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 31 11:17:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9af7a911f4445e22b79dedb69e5e1ff183563e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:17:f4:df:88:aa:7a:76:16:d3:0c:c1:23:f3:
48:fb:e9:64:9a:00:c4:09:ec:33:f4:fa:17:5a:65:
9c:b1:11:98:f2:26:43:39:15:8c:8f:d0:4a:61:d9:
13:cc:f9:a1:aa:c1:f5:e7:09:e1:77:39:80:bc:87:
2d:3c:50:8b:98:2b:96:4e:74:06:40:7a:5c:9e:79:
d2:e6:8f:a5:70:1d:24:31:da:fc:c2:fe:6a:37:2a:
b4:0c:84:90:5d:73:37:5c:4f:18:b4:89:0b:0f:0b:
94:0d:e6:79:f3:37:7c:c5:31:2e:d4:b8:a7:f6:d8:
59:fc:d4:4b:9d:e6:b9:ca:c0:89:8a:be:6d:f3:14:
49:78:1c:4d:74:3c:20:45:b7:3d:f1:49:8c:0f:10:
37:5a:af:75:bf:9c:fb:46:23:7b:36:09:c6:6c:66:
41:c6:d5:50:93:93:f5:38:2d:3d:ff:f1:4d:6f:94:
9e:c0:a8:44:b8:09:01:46:3f:2b:2e:59:30:0f:2f:
4a:22:53:92:ad:14:34:0e:bf:4d:bb:b4:2f:b5:82:
ed:1e:a3:18:fa:ed:10:3f:fc:8b:b8:4c:79:d3:1b:
c9:be:3c:50:3c:ea:cc:e1:cd:69:21:c1:ae:48:d3:
86:c4:dd:8c:4d:84:95:4b:7d:92:7f:b5:78:03:9d:
9f:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:AF:7A:91:1F:44:45:E2:2B:79:DE:DB:69:E5:E1:FF:18:35:63:E2
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-a96kR9EReIred7baeXh_xg1Y-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
95:a5:9f:02:21:cb:f2:4d:99:db:6d:0a:92:4d:e3:9c:42:09:
6a:0e:d0:f5:6c:4b:95:08:6d:98:2f:af:2d:8b:db:f3:bb:5c:
ab:b5:7f:86:03:61:e3:6f:f0:6a:9d:82:4d:fe:12:81:4d:76:
5e:b7:80:79:55:80:f3:e2:56:9d:a4:56:8c:bf:aa:1c:0b:cf:
f8:c6:fd:d3:60:75:40:d9:b5:0e:b4:36:63:ec:3b:29:54:7a:
c2:a7:8a:11:4f:2c:50:76:1c:c7:45:87:d9:df:49:52:d5:5a:
27:e3:3c:6e:29:4d:ab:81:78:63:41:98:af:49:d4:1c:a9:9d:
e9:c8:64:42:00:dc:40:78:d7:e6:8b:1d:a8:c6:13:c5:27:ce:
76:6a:24:38:07:a5:12:1a:fc:d0:56:bb:4f:bd:42:a2:e7:49:
c0:3b:e7:1c:63:51:6c:14:8f:2a:a6:56:3c:fb:8b:a4:f5:aa:
52:7c:26:c1:45:77:be:cb:19:c4:1d:25:91:c8:c0:3e:b9:cb:
1d:9c:48:89:ba:f8:b0:85:7d:29:9f:8f:41:9b:8b:fb:e1:3b:
0f:04:46:9a:69:2a:4e:67:03:bf:25:0e:ed:5b:e5:e3:b6:9f:
4c:70:c6:b2:a4:5c:f8:79:1e:4d:7f:ca:65:6f:4f:dd:fa:e1:
cc:2a:40:b8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYuFc7sFTMqG+DfOowIpIHpFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDMxMTExNzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWFmN2E5MTFmNDQ0NWUyMmI3OWRlZGI2OWU1ZTFmZjE4MzU2M2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRf034iqenYW0wzBI/NI++lkmgDE
Cewz9PoXWmWcsRGY8iZDORWMj9BKYdkTzPmhqsH15wnhdzmAvIctPFCLmCuWTnQG
QHpcnnnS5o+lcB0kMdr8wv5qNyq0DISQXXM3XE8YtIkLDwuUDeZ58zd8xTEu1Lin
9thZ/NRLnea5ysCJir5t8xRJeBxNdDwgRbc98UmMDxA3Wq91v5z7RiN7NgnGbGZB
xtVQk5P1OC09//FNb5SewKhEuAkBRj8rLlkwDy9KIlOSrRQ0Dr9Nu7QvtYLtHqMY
+u0QP/yLuEx50xvJvjxQPOrM4c1pIcGuSNOGxN2MTYSVS32Sf7V4A52fEwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPmvepEfREXiK3ne22nl4f8YNWPiMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMS1hOTZrUjlFUmVJcmVkN2JhZVhoX3hnMVktSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzgvZjYwMTc4LTk5MWEtNDI2MS05NmEwLWRkNWMzMDBiZTU0
ZS8xL1F3T2FhQk1QR1dNZUZTZVViaDRTZmJIby1kay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQCVpZ8CIcvyTZnbbQqS
TeOcQglqDtD1bEuVCG2YL68ti9vzu1yrtX+GA2Hjb/BqnYJN/hKBTXZet4B5VYDz
4ladpFaMv6ocC8/4xv3TYHVA2bUOtDZj7DspVHrCp4oRTyxQdhzHRYfZ30lS1Von
4zxuKU2rgXhjQZivSdQcqZ3pyGRCANxAeNfmix2oxhPFJ852aiQ4B6USGvzQVrtP
vUKi50nAO+ccY1FsFI8qplY8+4uk9apSfCbBRXe+yxnEHSWRyMA+ucsdnEiJuviw
hX0pn49Bm4v74TsPBEaaaSpOZwO/JQ7tW+Xjtp9McMaypFz4eR5Nf8plb0/d+uHM
KkC4
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:09:18 2025 by rpki-client