Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-yvjt39Gs13bOMM0JWFfNAJf4l0.roa
File: 1-yvjt39Gs13bOMM0JWFfNAJf4l0.roa (raw, json)
Hash identifier: dMQiV48SEs6Z9tTSJIzQ01brbbZMLatWJdBQaB6bt2U=
Subject key identifier: FB:2B:E3:B7:7F:46:B3:5D:DB:38:C3:34:25:61:5F:34:02:5F:E2:5D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B360CE23EC9B194C78FD46EF9BFB50F72
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-yvjt39Gs13bOMM0JWFfNAJf4l0.roa
Signing time: Mon 16 Oct 2023 01:14:55 +0000
ROA not before: Mon 16 Oct 2023 01:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:36:0c:e2:3e:c9:b1:94:c7:8f:d4:6e:f9:bf:b5:0f:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 16 01:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb2be3b77f46b35ddb38c33425615f34025fe25d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ad:06:e4:60:61:a3:40:01:c6:64:b3:d3:c3:
6d:65:74:75:69:c3:13:b3:d6:e9:c4:fb:9f:b8:ba:
d6:2f:4a:7a:8e:66:f3:f4:01:59:17:76:36:23:1b:
59:0d:3e:99:44:3b:2c:e1:e7:36:df:83:5d:ca:33:
8a:bb:b2:ea:d1:ae:30:fb:49:f7:eb:28:93:be:0c:
b5:6e:a0:2c:da:fd:01:3d:1e:f3:26:ac:d1:ad:86:
80:cf:6a:ff:47:34:4f:68:c9:b2:ab:6a:d3:7e:fa:
0d:cd:61:73:3a:0b:33:2f:88:c0:38:be:3d:bc:3c:
50:66:61:0d:51:77:80:9d:9b:87:eb:a8:0e:98:21:
de:e7:e6:ec:a0:aa:c2:2b:c5:6e:c7:2e:e3:16:f6:
56:79:1d:25:f7:48:02:1e:69:9b:86:ce:c8:ba:1a:
c1:f3:d1:08:f4:0b:9e:a8:29:90:47:ca:15:e3:02:
fd:1a:07:3a:21:a8:1a:c4:f0:5b:be:49:62:cf:00:
19:c6:fe:cd:67:46:24:45:8b:47:77:79:9a:74:fa:
cd:cb:42:92:35:6c:8a:ea:88:17:25:aa:f2:d3:ac:
2b:d6:63:51:80:57:28:fd:cc:d6:ec:a1:dd:1e:b5:
5c:88:06:f9:44:d1:94:5b:60:fd:0e:4a:f2:92:5f:
b3:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:2B:E3:B7:7F:46:B3:5D:DB:38:C3:34:25:61:5F:34:02:5F:E2:5D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-yvjt39Gs13bOMM0JWFfNAJf4l0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9b:db:9d:a2:af:52:20:a9:46:b9:4e:f8:6c:5a:99:48:d3:97:
a6:31:84:2d:85:2a:3b:d4:a9:48:20:e6:a3:af:34:2a:0b:94:
b6:99:7a:2a:6d:da:37:55:33:4d:95:ce:4a:a6:ef:af:0c:a9:
b2:c9:82:37:71:f3:dc:a9:83:c6:79:5b:23:84:ad:d7:cf:4c:
36:d4:9b:a1:f0:c7:20:16:63:a2:52:67:ec:43:ce:ed:4d:7c:
3c:f9:38:9b:2f:3e:b2:41:00:f4:99:dc:4e:a2:9f:7f:04:3f:
90:1e:0c:d0:cb:75:f1:53:4d:bc:21:cd:a8:d6:d8:7c:39:bc:
84:9b:1c:bd:05:0f:34:46:d0:0d:47:be:15:65:3b:e0:12:98:
b8:1f:bc:82:9d:37:a4:29:4d:11:5a:96:e0:50:97:73:2d:a8:
38:28:61:ca:2b:88:fe:c4:6a:98:10:00:f2:c4:bb:0c:c5:ad:
72:96:db:b2:c3:11:2c:89:22:18:15:fe:36:b9:e4:60:19:69:
3a:4e:a1:ca:e9:e9:19:56:41:a6:48:3d:01:8d:27:13:56:cf:
bb:18:df:ce:f5:3a:9a:89:78:0e:91:60:02:ac:bb:70:de:d0:
b1:a5:7a:60:09:14:dd:e5:8e:04:97:0f:50:ac:f4:53:2b:f4:
d4:48:39:c0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYs2DOI+ybGUx4/Ubvm/tQ9yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE2MDExNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjJiZTNiNzdmNDZiMzVkZGIzOGMzMzQyNTYxNWYzNDAyNWZlMjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAka0G5GBho0ABxmSz08NtZXR1acMT
s9bpxPufuLrWL0p6jmbz9AFZF3Y2IxtZDT6ZRDss4ec234NdyjOKu7Lq0a4w+0n3
6yiTvgy1bqAs2v0BPR7zJqzRrYaAz2r/RzRPaMmyq2rTfvoNzWFzOgszL4jAOL49
vDxQZmENUXeAnZuH66gOmCHe5+bsoKrCK8Vuxy7jFvZWeR0l90gCHmmbhs7IuhrB
89EI9AueqCmQR8oV4wL9Ggc6IagaxPBbvklizwAZxv7NZ0YkRYtHd3madPrNy0KS
NWyK6ogXJary06wr1mNRgFco/czW7KHdHrVciAb5RNGUW2D9Dkrykl+zDQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPsr47d/RrNd2zjDNCVhXzQCX+JdMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMS15dmp0MzlHczEzYk9NTTBKV0ZmTkFKZjRsMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzgvZjYwMTc4LTk5MWEtNDI2MS05NmEwLWRkNWMzMDBiZTU0
ZS8xL1F3T2FhQk1QR1dNZUZTZVViaDRTZmJIby1kay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQCb252ir1IgqUa5Tvhs
WplI05emMYQthSo71KlIIOajrzQqC5S2mXoqbdo3VTNNlc5Kpu+vDKmyyYI3cfPc
qYPGeVsjhK3Xz0w21Juh8McgFmOiUmfsQ87tTXw8+TibLz6yQQD0mdxOop9/BD+Q
HgzQy3XxU028Ic2o1th8ObyEmxy9BQ80RtANR74VZTvgEpi4H7yCnTekKU0RWpbg
UJdzLag4KGHKK4j+xGqYEADyxLsMxa1yltuywxEsiSIYFf42ueRgGWk6TqHK6ekZ
VkGmSD0BjScTVs+7GN/O9TqaiXgOkWACrLtw3tCxpXpgCRTd5Y4Elw9QrPRTK/TU
SDnA
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:03:36 2025 by rpki-client