Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/5vVV9qQOyhnptalpC-ICcg8yibw.roa
File: 5vVV9qQOyhnptalpC-ICcg8yibw.roa (raw, json)
Hash identifier: dtIfx3o8JlWjhTwA5hHf8aGSgE+32iomNbf2gJF5wz8=
Subject key identifier: E6:F5:55:F6:A4:0E:CA:19:E9:B5:A9:69:0B:E2:02:72:0F:32:89:BC
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AF763700D555C86C9475CAB038D0ADD3E
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/5vVV9qQOyhnptalpC-ICcg8yibw.roa
Signing time: Tue 03 Oct 2023 21:13:23 +0000
ROA not before: Tue 03 Oct 2023 21:13:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f7:63:70:0d:55:5c:86:c9:47:5c:ab:03:8d:0a:dd:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 3 21:13:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6f555f6a40eca19e9b5a9690be202720f3289bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:f5:b5:eb:cc:96:1d:bf:72:65:1c:e6:68:3c:
af:86:f8:8d:27:a3:7f:5c:e7:62:61:4e:b2:4c:3a:
23:e5:ab:cd:51:fa:79:2c:91:91:e1:d1:93:b4:80:
76:c4:9f:fc:6b:c7:2b:f0:e8:7b:74:f1:43:b4:ea:
6b:73:27:63:10:5a:6d:83:35:48:4d:b5:5e:7a:b1:
80:a1:4e:3c:3c:6d:b4:c8:c2:c8:2c:82:9c:85:23:
c2:55:33:2c:68:4f:1c:35:de:4e:ef:c4:72:b3:f5:
1e:6f:2b:fd:dd:f6:cb:da:51:dd:c6:a2:0e:c4:b5:
08:04:71:69:e7:38:d4:22:ef:3b:b4:db:9c:8b:f8:
7f:c6:3d:fb:68:ed:46:e3:c0:6d:49:fe:7d:cc:19:
1f:5d:bd:a0:cf:38:d9:27:7c:f1:fd:69:ae:f8:e4:
5e:c2:b5:8a:e3:dd:26:ee:8d:0e:1a:66:69:c0:0f:
69:c2:52:6b:06:9b:1c:b3:7b:69:b8:6d:b7:07:b6:
d5:77:39:11:af:1d:5e:f4:b2:91:de:8f:db:a9:89:
b7:bd:28:54:26:60:2a:32:c7:aa:c5:6a:42:86:fa:
03:c1:17:d5:2c:6c:d5:2b:04:ac:d2:0b:50:2b:98:
ae:b4:42:0b:c7:20:0d:57:6c:36:93:8a:ec:c9:50:
01:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:F5:55:F6:A4:0E:CA:19:E9:B5:A9:69:0B:E2:02:72:0F:32:89:BC
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/5vVV9qQOyhnptalpC-ICcg8yibw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
bb:f7:aa:a3:f0:86:a6:d1:1c:a3:7d:af:5d:19:37:7e:4c:8e:
3b:1e:dd:e9:60:a8:05:2b:de:e1:fe:bf:da:45:72:73:53:37:
f7:2a:a5:46:96:76:89:21:c4:61:2a:20:3b:55:dc:4f:13:6c:
da:4a:26:5a:23:1d:30:3b:dc:fe:ff:bb:e3:3f:b8:f4:0d:56:
58:20:69:53:7f:f3:8c:eb:19:d0:32:66:5e:de:9b:f6:58:84:
57:79:01:f5:8b:65:df:fc:5a:c8:44:a6:5f:5a:91:00:b1:b5:
25:f5:f2:ce:c4:81:31:c8:de:d0:ba:a4:3d:f0:ce:6b:f7:ff:
29:a7:8f:2d:ee:94:05:99:f6:05:5d:7f:28:b0:35:26:71:c9:
c2:58:5c:2e:4e:18:5f:32:30:26:8e:72:f2:3c:ec:b6:52:a5:
ae:c5:cb:74:fd:35:a8:4a:ab:27:93:8a:b3:aa:4c:86:0b:62:
90:f9:a8:fd:8a:b0:5d:0d:31:df:ee:a9:89:18:43:9b:ef:51:
4a:74:3a:7e:d1:4a:98:f2:b0:2e:a0:27:cd:f9:ad:c7:4e:75:
22:aa:88:63:0a:48:f9:7b:c3:4e:95:b9:90:32:9f:d3:0a:a7:
40:c8:c0:a1:1b:6e:a6:7e:ca:aa:68:87:37:da:f2:5c:4a:da:
32:e1:7c:62
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYr3Y3ANVVyGyUdcqwONCt0+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDAzMjExMzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmY1NTVmNmE0MGVjYTE5ZTliNWE5NjkwYmUyMDI3MjBmMzI4OWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/W168yWHb9yZRzmaDyvhviNJ6N/
XOdiYU6yTDoj5avNUfp5LJGR4dGTtIB2xJ/8a8cr8Oh7dPFDtOprcydjEFptgzVI
TbVeerGAoU48PG20yMLILIKchSPCVTMsaE8cNd5O78Rys/Uebyv93fbL2lHdxqIO
xLUIBHFp5zjUIu87tNuci/h/xj37aO1G48BtSf59zBkfXb2gzzjZJ3zx/Wmu+ORe
wrWK490m7o0OGmZpwA9pwlJrBpscs3tpuG23B7bVdzkRrx1e9LKR3o/bqYm3vShU
JmAqMseqxWpChvoDwRfVLGzVKwSs0gtQK5iutEILxyANV2w2k4rsyVABeQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOb1VfakDsoZ6bWpaQviAnIPMom8MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvNXZWVjlxUU95aG5wdGFscEMtSUNjZzh5aWJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALv3qqPwhqbRHKN9r10Z
N35Mjjse3elgqAUr3uH+v9pFcnNTN/cqpUaWdokhxGEqIDtV3E8TbNpKJlojHTA7
3P7/u+M/uPQNVlggaVN/84zrGdAyZl7em/ZYhFd5AfWLZd/8WshEpl9akQCxtSX1
8s7EgTHI3tC6pD3wzmv3/ymnjy3ulAWZ9gVdfyiwNSZxycJYXC5OGF8yMCaOcvI8
7LZSpa7Fy3T9NahKqyeTirOqTIYLYpD5qP2KsF0NMd/uqYkYQ5vvUUp0On7RSpjy
sC6gJ835rcdOdSKqiGMKSPl7w06VuZAyn9MKp0DIwKEbbqZ+yqpohzfa8lxK2jLh
fGI=
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:46:39 2025 by rpki-client