Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2FV7SyKcZaxodygJ8WPdqccVDXo.roa
File: 2FV7SyKcZaxodygJ8WPdqccVDXo.roa (raw, json)
Hash identifier: eoFfi5MdLClFQKCXU1i3ZhmZwExqSqN5Mf+TI6/xXTo=
Subject key identifier: D8:55:7B:4B:22:9C:65:AC:68:77:28:09:F1:63:DD:A9:C7:15:0D:7A
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C7E229AB0889A70D9F30C6CBAE4D869D4
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2FV7SyKcZaxodygJ8WPdqccVDXo.roa
Signing time: Mon 18 Dec 2023 18:14:06 +0000
ROA not before: Mon 18 Dec 2023 18:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7e:22:9a:b0:88:9a:70:d9:f3:0c:6c:ba:e4:d8:69:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 18 18:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8557b4b229c65ac68772809f163dda9c7150d7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:89:67:1a:7a:2c:31:66:18:1f:a7:5e:ea:0c:
50:4b:78:01:ea:d0:82:f4:cc:5d:3a:ee:a5:98:e0:
c1:fe:43:f2:29:b2:59:23:02:06:4c:9e:7b:00:45:
79:cc:26:ea:f5:85:ce:f1:80:9d:1c:28:af:bc:3c:
44:94:e0:b1:a5:db:99:e5:1b:d8:73:64:08:61:5e:
39:e8:fa:90:e7:e0:ac:ef:fe:b0:2a:65:a7:de:8a:
c7:71:80:a2:9f:4a:1f:90:35:06:b4:b6:27:c8:55:
80:00:82:ce:d6:f1:3f:66:8f:34:d4:ea:a1:ae:6d:
66:29:30:45:38:1d:d8:eb:05:c5:6b:27:c2:d7:f6:
3c:0c:91:d7:cd:14:53:1a:4b:ef:f3:04:bb:aa:24:
fe:ba:04:8f:0c:73:87:ed:af:fb:ec:bf:b8:49:23:
de:27:87:4d:23:bb:32:9b:a9:ba:d1:72:4b:41:5c:
f3:c2:34:e8:ee:e8:4b:b4:1a:b2:2c:54:6e:c5:3b:
9d:b0:3c:3c:b0:9a:12:1e:33:61:20:fc:30:39:dc:
52:2d:43:ae:64:d5:a1:b5:5f:dd:78:7e:e8:b0:f7:
e0:b4:f7:dd:32:b7:da:c1:9e:42:15:c9:39:88:b9:
ef:4d:f1:6f:7a:e0:c7:e8:ad:5b:2e:ec:37:76:c9:
7d:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:55:7B:4B:22:9C:65:AC:68:77:28:09:F1:63:DD:A9:C7:15:0D:7A
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2FV7SyKcZaxodygJ8WPdqccVDXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9e:6d:11:d4:d9:e5:a6:2a:ad:71:e5:9a:bd:83:23:78:59:c4:
9f:84:2d:64:f1:9e:ac:03:2e:4c:49:f0:98:54:c5:a8:5b:78:
f3:2b:e8:5e:95:2e:2f:5f:78:b6:88:93:c0:21:cc:ec:03:62:
6b:65:ac:bb:a5:1e:8c:f3:9d:82:43:d1:95:5e:01:4f:3d:8f:
77:66:67:c0:51:e8:f1:90:24:a3:fb:04:56:fc:8b:5c:a9:17:
d7:ae:5c:6b:76:1d:c8:e2:fd:7e:d3:65:be:ee:6a:0d:44:02:
ba:35:6c:08:17:47:11:96:29:c4:7e:74:6b:1c:d7:d2:66:4e:
07:a5:99:e0:40:c8:36:7f:02:cd:0d:3e:0f:a2:93:70:67:53:
8d:c2:5c:31:91:d9:62:3a:7d:af:10:39:a9:96:8a:a6:b0:af:
4e:ed:57:9f:68:05:33:3f:06:2d:2b:f3:41:14:d3:d0:f5:0f:
0c:3a:9e:c6:49:dd:f3:cf:c9:6d:be:0a:38:bb:50:fa:6f:b1:
11:37:2c:a5:97:cb:84:21:17:13:a2:f2:78:82:25:0f:db:0a:
d3:12:d2:80:f1:3c:14:33:76:d8:f9:93:46:fb:26:8d:65:f7:
0f:1d:84:60:43:24:b6:2f:ec:2c:b0:ee:1c:5f:f8:8a:9c:5a:
6c:e4:0e:aa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYx+IpqwiJpw2fMMbLrk2GnUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE4MTgxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODU1N2I0YjIyOWM2NWFjNjg3NzI4MDlmMTYzZGRhOWM3MTUwZDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYlnGnosMWYYH6de6gxQS3gB6tCC
9MxdOu6lmODB/kPyKbJZIwIGTJ57AEV5zCbq9YXO8YCdHCivvDxElOCxpduZ5RvY
c2QIYV456PqQ5+Cs7/6wKmWn3orHcYCin0ofkDUGtLYnyFWAAILO1vE/Zo801Oqh
rm1mKTBFOB3Y6wXFayfC1/Y8DJHXzRRTGkvv8wS7qiT+ugSPDHOH7a/77L+4SSPe
J4dNI7sym6m60XJLQVzzwjTo7uhLtBqyLFRuxTudsDw8sJoSHjNhIPwwOdxSLUOu
ZNWhtV/deH7osPfgtPfdMrfawZ5CFck5iLnvTfFveuDH6K1bLuw3dsl96wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNhVe0sinGWsaHcoCfFj3anHFQ16MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMkZWN1N5S2NaYXhvZHlnSjhXUGRxY2NWRFhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ5tEdTZ5aYqrXHlmr2D
I3hZxJ+ELWTxnqwDLkxJ8JhUxahbePMr6F6VLi9feLaIk8AhzOwDYmtlrLulHozz
nYJD0ZVeAU89j3dmZ8BR6PGQJKP7BFb8i1ypF9euXGt2Hcji/X7TZb7uag1EAro1
bAgXRxGWKcR+dGsc19JmTgelmeBAyDZ/As0NPg+ik3BnU43CXDGR2WI6fa8QOamW
iqawr07tV59oBTM/Bi0r80EU09D1Dww6nsZJ3fPPyW2+Cji7UPpvsRE3LKWXy4Qh
FxOi8niCJQ/bCtMS0oDxPBQzdtj5k0b7Jo1l9w8dhGBDJLYv7Cyw7hxf+IqcWmzk
Dqo=
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:30:44 2025 by rpki-client