Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-wb02XurVw5ha4f_RQo8HrvYbbM.roa
File: 1-wb02XurVw5ha4f_RQo8HrvYbbM.roa (raw, json)
Hash identifier: fql/tx+G6UNRYvFpf4Y/IpQvFRidJrci3YlRaTJJIdA=
Subject key identifier: FB:06:F4:D9:7B:AB:57:0E:61:6B:87:FF:45:0A:3C:1E:BB:D8:6D:B3
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B378D90BE5C840B2BB5B3D4EC8EC8466F
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-wb02XurVw5ha4f_RQo8HrvYbbM.roa
Signing time: Mon 16 Oct 2023 08:15:06 +0000
ROA not before: Mon 16 Oct 2023 08:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:37:8d:90:be:5c:84:0b:2b:b5:b3:d4:ec:8e:c8:46:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 16 08:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb06f4d97bab570e616b87ff450a3c1ebbd86db3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c7:27:a9:a0:c1:ab:3c:a1:6e:18:b5:70:fd:
91:bb:26:5a:ec:81:ee:5f:d5:b5:53:f3:80:c9:10:
4d:fc:17:79:99:dc:fb:ff:67:c7:a1:56:d7:ad:5e:
25:d2:17:76:e9:18:ed:6a:6d:1e:e8:00:c9:bf:a4:
8a:73:4d:91:53:c4:94:d6:ee:3a:93:4f:97:38:a2:
84:94:bc:2e:d6:68:59:14:66:a0:08:ae:3d:8c:62:
68:14:67:8e:53:bf:a9:91:36:b0:02:4e:5d:f2:44:
ff:19:c0:08:be:1f:65:54:84:32:e6:86:4a:6a:a2:
20:71:d3:0d:b1:14:7f:7e:3a:07:d2:ff:a8:18:82:
dd:4a:1b:2d:e3:ee:31:76:c1:5e:a7:34:2a:60:b9:
bb:10:58:e5:e7:c1:66:10:5f:8c:4b:ad:8d:09:80:
66:8a:10:5f:1f:be:16:28:9a:18:1b:17:ac:76:c1:
02:fe:d8:9d:82:64:b5:c1:e2:d6:62:8c:7e:7d:cb:
3f:7e:7a:68:38:92:bd:32:8d:65:8d:e3:a7:50:14:
58:27:03:0d:1b:33:c8:cb:07:c9:4c:10:97:3c:bc:
78:93:ea:ee:b3:50:c8:ef:ff:a0:86:ed:f6:b8:d0:
7f:29:f2:ba:bb:b8:5e:66:bd:ad:48:b8:cd:2c:54:
d5:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:06:F4:D9:7B:AB:57:0E:61:6B:87:FF:45:0A:3C:1E:BB:D8:6D:B3
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-wb02XurVw5ha4f_RQo8HrvYbbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
72:0e:78:f8:c3:48:70:9a:44:55:1b:9c:33:fc:1b:e3:5a:d0:
87:aa:b5:9c:83:f4:2a:a8:8e:38:68:f9:32:35:7e:df:e3:72:
ad:0a:cc:f3:a6:27:6c:f4:d4:99:6c:b4:8a:78:39:4b:56:8e:
b8:79:d5:a2:3b:2d:08:d9:ec:00:85:ba:f9:94:fd:de:7d:ab:
ab:b7:7c:aa:10:c7:37:0e:e0:dd:6f:ba:18:9d:c2:ae:76:f2:
98:70:77:b0:d6:9c:9d:53:a5:7f:eb:c4:8a:f4:89:69:ec:8e:
75:a1:83:59:1e:0d:d9:f9:d9:df:48:13:69:9e:b1:08:13:4d:
59:e6:eb:da:96:cb:9d:cb:97:f8:2d:77:a1:c4:d5:da:aa:3e:
d8:a4:40:71:87:4f:10:b8:ea:72:d5:08:2a:16:65:d0:3f:2e:
0a:2b:48:35:c3:61:ba:97:b7:d8:62:3b:52:68:51:01:03:26:
9a:3a:bf:a0:ea:bd:75:0d:6b:8a:ee:80:ae:fa:e4:67:a6:0b:
82:72:2c:8e:79:1e:32:7b:4c:5c:9c:85:1d:1f:12:c7:68:b8:
e7:4a:75:9c:d3:c3:3b:0a:82:f6:f5:4c:dc:56:75:86:09:d1:
59:ae:40:f8:db:f0:4f:d7:dd:11:0f:b6:bf:9b:e0:ae:96:3e:
54:0b:ba:9c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYs3jZC+XIQLK7Wz1OyOyEZvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE2MDgxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjA2ZjRkOTdiYWI1NzBlNjE2Yjg3ZmY0NTBhM2MxZWJiZDg2ZGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8cnqaDBqzyhbhi1cP2RuyZa7IHu
X9W1U/OAyRBN/Bd5mdz7/2fHoVbXrV4l0hd26Rjtam0e6ADJv6SKc02RU8SU1u46
k0+XOKKElLwu1mhZFGagCK49jGJoFGeOU7+pkTawAk5d8kT/GcAIvh9lVIQy5oZK
aqIgcdMNsRR/fjoH0v+oGILdShst4+4xdsFepzQqYLm7EFjl58FmEF+MS62NCYBm
ihBfH74WKJoYGxesdsEC/tidgmS1weLWYox+fcs/fnpoOJK9Mo1ljeOnUBRYJwMN
GzPIywfJTBCXPLx4k+rus1DI7/+ghu32uNB/KfK6u7heZr2tSLjNLFTVjQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPsG9Nl7q1cOYWuH/0UKPB672G2zMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMS13YjAyWHVyVnc1aGE0Zl9SUW84SHJ2WWJiTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzgvZjYwMTc4LTk5MWEtNDI2MS05NmEwLWRkNWMzMDBiZTU0
ZS8xL1F3T2FhQk1QR1dNZUZTZVViaDRTZmJIby1kay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQByDnj4w0hwmkRVG5wz
/BvjWtCHqrWcg/QqqI44aPkyNX7f43KtCszzpids9NSZbLSKeDlLVo64edWiOy0I
2ewAhbr5lP3efaurt3yqEMc3DuDdb7oYncKudvKYcHew1pydU6V/68SK9Ilp7I51
oYNZHg3Z+dnfSBNpnrEIE01Z5uvalsudy5f4LXehxNXaqj7YpEBxh08QuOpy1Qgq
FmXQPy4KK0g1w2G6l7fYYjtSaFEBAyaaOr+g6r11DWuK7oCu+uRnpguCciyOeR4y
e0xcnIUdHxLHaLjnSnWc08M7CoL29UzcVnWGCdFZrkD42/BP190RD7a/m+Culj5U
C7qc
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:53:08 2025 by rpki-client