Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-w9zbyGVFljiBgR6qld-dh4TXuE.roa
File: 1-w9zbyGVFljiBgR6qld-dh4TXuE.roa (raw, json)
Hash identifier: Qsfdo1No9l0tj8F6t2UQbUnbNVBGqpolsXQUQQsuLBA=
Subject key identifier: FB:0F:73:6F:21:95:16:58:E2:06:04:7A:AA:57:7E:76:1E:13:5E:E1
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B7AB92564098484E5AF7C85BBBE91A563
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-w9zbyGVFljiBgR6qld-dh4TXuE.roa
Signing time: Sun 29 Oct 2023 09:17:15 +0000
ROA not before: Sun 29 Oct 2023 09:17:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:7a:b9:25:64:09:84:84:e5:af:7c:85:bb:be:91:a5:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 29 09:17:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb0f736f21951658e206047aaa577e761e135ee1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:34:a7:74:e0:43:90:d0:35:ba:b5:2f:3d:03:
25:95:5f:f6:e3:c8:a8:8b:9d:7f:a3:70:c7:98:79:
87:26:83:95:97:4a:b7:b5:fd:87:05:49:8b:a1:a7:
c8:5e:9e:1b:f1:48:5d:bd:9a:21:40:a4:02:0a:cc:
3f:82:8d:af:a2:cc:30:ca:f5:2a:a4:12:29:d7:47:
60:09:c2:3f:f7:b1:81:0f:fb:44:7a:5f:57:70:30:
e0:67:fc:59:fd:e7:7e:21:d5:c3:a3:77:2a:39:fa:
d9:35:9b:6e:63:63:f6:bb:7b:1e:72:b0:89:66:f6:
45:dc:9d:63:6e:20:4d:af:b1:5d:bf:b9:4d:09:f7:
fd:c6:63:60:06:6e:bb:ff:ba:db:cf:6d:61:9b:95:
57:ae:42:63:d5:29:95:97:db:16:99:78:4c:9a:aa:
25:04:51:c4:14:41:f6:5d:d5:c3:a2:42:a3:88:9f:
c9:65:73:fa:0b:f3:98:fb:54:69:f1:b5:c0:73:85:
45:50:11:11:33:86:8d:c6:7f:29:76:7a:e3:dc:ce:
52:0f:6c:97:8a:fa:ca:bf:1a:9e:8a:2b:df:f7:7b:
ac:1c:fc:43:09:44:08:6e:88:0d:21:d1:99:08:24:
8d:86:a5:9c:ef:12:58:2b:48:d5:eb:ef:e8:e6:96:
47:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:0F:73:6F:21:95:16:58:E2:06:04:7A:AA:57:7E:76:1E:13:5E:E1
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-w9zbyGVFljiBgR6qld-dh4TXuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
11:b3:21:93:4b:af:ea:1a:5f:97:89:96:f8:62:df:bd:ce:f8:
13:d5:a3:2e:53:fe:49:23:21:c1:b1:30:db:b3:6b:99:83:99:
a1:c9:c1:86:0c:48:d0:82:c6:f4:72:85:42:07:37:6b:90:58:
4b:b0:ff:99:79:67:f3:6e:fd:60:32:05:e9:15:da:01:f0:a7:
67:b2:d8:51:1a:f2:41:37:fc:e0:30:8b:92:38:4e:79:88:b7:
c6:87:2c:01:30:01:a1:0d:be:d6:84:48:3d:d9:e3:4c:78:28:
8d:95:61:3b:ac:c6:a0:b5:24:d8:15:1c:89:3a:bb:ef:66:03:
81:40:d8:96:f0:ec:47:56:b3:a0:f0:a6:d9:6e:00:d0:45:49:
00:87:64:75:c8:bb:77:61:82:83:cb:67:d3:4d:cf:d5:62:cd:
9b:9e:d7:84:0b:af:9c:b6:5e:8a:47:22:74:7a:10:7e:14:7a:
8f:c3:74:ea:b5:fd:6d:55:be:22:95:02:19:1e:76:b7:0a:6a:
e2:39:1b:99:a3:16:e9:cc:da:97:b2:19:1f:79:05:92:96:7d:
6e:ad:7c:a1:cc:3f:9e:69:45:2a:1a:2a:45:68:3c:36:d6:d9:
8d:b2:69:20:9a:8a:52:1e:c0:53:0f:07:a2:88:7d:24:ad:6f:
03:52:60:dc
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYt6uSVkCYSE5a98hbu+kaVjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI5MDkxNzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjBmNzM2ZjIxOTUxNjU4ZTIwNjA0N2FhYTU3N2U3NjFlMTM1ZWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjSndOBDkNA1urUvPQMllV/248io
i51/o3DHmHmHJoOVl0q3tf2HBUmLoafIXp4b8UhdvZohQKQCCsw/go2voswwyvUq
pBIp10dgCcI/97GBD/tEel9XcDDgZ/xZ/ed+IdXDo3cqOfrZNZtuY2P2u3secrCJ
ZvZF3J1jbiBNr7Fdv7lNCff9xmNgBm67/7rbz21hm5VXrkJj1SmVl9sWmXhMmqol
BFHEFEH2XdXDokKjiJ/JZXP6C/OY+1Rp8bXAc4VFUBERM4aNxn8pdnrj3M5SD2yX
ivrKvxqeiivf93usHPxDCUQIbogNIdGZCCSNhqWc7xJYK0jV6+/o5pZHswIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPsPc28hlRZY4gYEeqpXfnYeE17hMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMS13OXpieUdWRmxqaUJnUjZxbGQtZGg0VFh1RS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzgvZjYwMTc4LTk5MWEtNDI2MS05NmEwLWRkNWMzMDBiZTU0
ZS8xL1F3T2FhQk1QR1dNZUZTZVViaDRTZmJIby1kay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQARsyGTS6/qGl+XiZb4
Yt+9zvgT1aMuU/5JIyHBsTDbs2uZg5mhycGGDEjQgsb0coVCBzdrkFhLsP+ZeWfz
bv1gMgXpFdoB8KdnsthRGvJBN/zgMIuSOE55iLfGhywBMAGhDb7WhEg92eNMeCiN
lWE7rMagtSTYFRyJOrvvZgOBQNiW8OxHVrOg8KbZbgDQRUkAh2R1yLt3YYKDy2fT
Tc/VYs2bnteEC6+ctl6KRyJ0ehB+FHqPw3Tqtf1tVb4ilQIZHna3CmriORuZoxbp
zNqXshkfeQWSln1urXyhzD+eaUUqGipFaDw21tmNsmkgmopSHsBTDweiiH0krW8D
UmDc
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:10:49 2025 by rpki-client