Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1_2PBTIQk9wOx0R_tuAqqlZdInw.roa
File: 1_2PBTIQk9wOx0R_tuAqqlZdInw.roa (raw, json)
Hash identifier: fwiKv2YsekJBqK6MOhCervPQPrBB+zUxmKuyVbA5sN4=
Subject key identifier: D7:FD:8F:05:32:10:93:DC:0E:C7:44:7F:B6:E0:2A:AA:56:5D:22:7C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B1DCBC6965B08E3888E5065593449F0D7
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1_2PBTIQk9wOx0R_tuAqqlZdInw.roa
Signing time: Wed 11 Oct 2023 08:12:55 +0000
ROA not before: Wed 11 Oct 2023 08:12:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1d:cb:c6:96:5b:08:e3:88:8e:50:65:59:34:49:f0:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 11 08:12:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d7fd8f05321093dc0ec7447fb6e02aaa565d227c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:52:d2:93:13:fd:86:b9:70:b0:79:64:81:b5:
87:31:61:26:23:58:b3:56:8a:dd:6f:6b:bb:7c:5d:
5e:1a:37:33:31:04:07:ca:0e:52:85:43:03:ff:2f:
69:9c:8c:dc:fd:f6:31:3b:aa:74:7c:eb:b0:b6:f6:
ad:aa:5b:0b:01:67:c3:71:26:93:40:81:5f:72:3e:
0e:a0:07:fb:33:b0:1c:e0:4b:a9:17:f5:06:78:d5:
b6:63:e9:91:87:19:3c:9d:c5:03:ec:76:cf:89:cd:
e3:3f:ab:0b:2d:8e:cb:e9:9a:1d:d7:bb:5b:99:fd:
14:b8:f1:8c:2c:55:27:4e:b4:48:c0:31:42:f6:39:
7a:ea:c7:e8:18:ff:53:fa:ff:32:8f:25:81:17:79:
5c:3c:f3:5f:e5:70:9f:87:cf:a6:80:ae:6e:0c:3e:
9c:43:e2:af:72:9a:b1:38:7b:5f:b7:36:c9:10:e0:
89:15:bd:a0:ce:37:68:d1:24:aa:23:d9:b7:5f:64:
37:aa:7e:90:bc:7f:70:79:03:c3:f7:48:f1:fa:15:
fb:6c:a0:87:57:b9:6c:89:11:13:5d:c1:b6:1f:97:
d9:6d:31:1f:a1:66:7a:17:9f:68:23:7f:cf:7f:89:
ef:3f:ba:55:0e:f6:7c:ed:f9:67:d3:85:59:6e:55:
0b:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:FD:8F:05:32:10:93:DC:0E:C7:44:7F:B6:E0:2A:AA:56:5D:22:7C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1_2PBTIQk9wOx0R_tuAqqlZdInw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
10:c4:99:d3:59:8b:cf:59:9e:11:e3:8c:58:8f:41:90:fa:cf:
5b:6a:ae:4a:73:fd:fa:8c:62:14:d1:0c:c9:40:63:0d:7b:6e:
35:ba:3f:a4:da:c3:5d:b8:a5:86:bb:41:27:56:38:71:76:44:
2a:7a:4f:08:93:f6:64:fd:85:84:75:2e:ca:3d:4a:e4:4e:cc:
27:18:38:59:69:e6:f9:06:03:a9:15:cb:f6:4f:54:6e:07:b5:
b8:c3:2c:a9:bf:0f:ae:d6:73:c3:f0:d5:ff:24:40:06:d7:f6:
34:5f:98:64:70:32:eb:f9:80:85:66:3e:da:0e:e7:c9:1a:19:
05:e4:fb:d0:45:50:fb:49:7c:cc:e4:32:2c:e7:68:02:b2:04:
9d:ac:4c:39:70:20:a4:8a:5c:98:d6:0a:70:54:bb:32:ef:52:
b6:8a:0c:af:cc:03:8a:bb:15:c3:3d:d3:ad:9a:78:36:de:49:
d2:88:f3:1f:68:fe:64:75:80:12:77:7f:3e:f0:67:c9:5b:54:
7a:18:eb:17:d6:7b:31:95:2f:c7:86:e8:a8:b0:c0:d2:16:20:
c6:a9:87:3f:31:b4:e9:61:9b:6a:ec:85:25:f2:e5:90:2c:cf:
6f:13:b9:c6:0f:68:ad:7e:00:b0:af:33:ca:e3:a5:d9:39:13:
e9:61:56:fa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsdy8aWWwjjiI5QZVk0SfDXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDExMDgxMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2ZkOGYwNTMyMTA5M2RjMGVjNzQ0N2ZiNmUwMmFhYTU2NWQyMjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFLSkxP9hrlwsHlkgbWHMWEmI1iz
Vordb2u7fF1eGjczMQQHyg5ShUMD/y9pnIzc/fYxO6p0fOuwtvatqlsLAWfDcSaT
QIFfcj4OoAf7M7Ac4EupF/UGeNW2Y+mRhxk8ncUD7HbPic3jP6sLLY7L6Zod17tb
mf0UuPGMLFUnTrRIwDFC9jl66sfoGP9T+v8yjyWBF3lcPPNf5XCfh8+mgK5uDD6c
Q+KvcpqxOHtftzbJEOCJFb2gzjdo0SSqI9m3X2Q3qn6QvH9weQPD90jx+hX7bKCH
V7lsiRETXcG2H5fZbTEfoWZ6F59oI3/Pf4nvP7pVDvZ87fln04VZblULVQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNf9jwUyEJPcDsdEf7bgKqpWXSJ8MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMV8yUEJUSVFrOXdPeDBSX3R1QXFxbFpkSW53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABDEmdNZi89ZnhHjjFiP
QZD6z1tqrkpz/fqMYhTRDMlAYw17bjW6P6Taw124pYa7QSdWOHF2RCp6TwiT9mT9
hYR1Lso9SuROzCcYOFlp5vkGA6kVy/ZPVG4HtbjDLKm/D67Wc8Pw1f8kQAbX9jRf
mGRwMuv5gIVmPtoO58kaGQXk+9BFUPtJfMzkMiznaAKyBJ2sTDlwIKSKXJjWCnBU
uzLvUraKDK/MA4q7FcM9062aeDbeSdKI8x9o/mR1gBJ3fz7wZ8lbVHoY6xfWezGV
L8eG6KiwwNIWIMaphz8xtOlhm2rshSXy5ZAsz28TucYPaK1+ALCvM8rjpdk5E+lh
Vvo=
-----END CERTIFICATE-----
Generated at Sat Apr 19 05:52:43 2025 by rpki-client