Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/5wQZcU8FqJQRFGTXbw8pHmWH4eY.roa
File: 5wQZcU8FqJQRFGTXbw8pHmWH4eY.roa (raw, json)
Hash identifier: N4gqM3Hjm/kqdsphFiQlR9xoxd1RRJRorBCpO+MTXe4=
Subject key identifier: E7:04:19:71:4F:05:A8:94:11:14:64:D7:6F:0F:29:1E:65:87:E1:E6
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B077AB3F1274F50FD83F0D08C007DF6E2
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/5wQZcU8FqJQRFGTXbw8pHmWH4eY.roa
Signing time: Sat 07 Oct 2023 00:12:43 +0000
ROA not before: Sat 07 Oct 2023 00:12:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:07:7a:b3:f1:27:4f:50:fd:83:f0:d0:8c:00:7d:f6:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 7 00:12:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e70419714f05a894111464d76f0f291e6587e1e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e3:56:00:36:57:92:a9:dd:e7:72:66:cb:67:
15:c9:31:77:c1:ce:3f:5c:e9:73:05:f9:f0:d5:36:
54:0f:0f:0c:55:24:3d:9e:8c:1f:02:56:99:3b:8f:
a2:0e:c5:83:a0:38:e8:6b:d1:c8:08:bf:66:6d:98:
59:f6:f0:1d:5f:c2:9c:7b:b6:b2:4a:8b:f1:6f:0a:
62:64:38:fc:5a:11:12:1c:87:b2:6b:ea:ac:dd:d5:
e1:29:0f:e2:2e:90:b6:ed:58:b4:c9:6d:7f:50:45:
01:8a:81:29:da:a8:99:87:01:3e:49:f8:3a:f1:50:
7a:70:4c:03:9f:03:83:53:19:b4:ae:cc:76:b6:df:
0d:db:5e:b6:74:ca:e5:f8:d9:a7:b6:08:53:c4:f6:
bc:79:7b:e9:74:00:6f:6b:e4:af:c8:5c:87:e8:d0:
28:92:2e:84:69:d3:82:e5:c1:b3:60:73:57:f1:27:
ad:e5:83:fd:21:b7:b2:b3:ab:b5:bc:a4:c0:33:65:
da:e0:14:97:c6:7c:aa:cb:9c:65:8a:77:bf:7b:54:
d8:eb:af:ae:7d:eb:2f:40:eb:af:8d:84:56:fe:9c:
09:58:56:ca:80:73:10:de:08:dd:d8:55:50:7b:4b:
84:57:38:4f:66:02:fe:6d:78:3d:13:72:73:aa:23:
07:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:04:19:71:4F:05:A8:94:11:14:64:D7:6F:0F:29:1E:65:87:E1:E6
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/5wQZcU8FqJQRFGTXbw8pHmWH4eY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9d:a0:9c:7e:4d:38:7f:a6:ee:0a:55:b3:ba:c5:e8:d2:d1:c7:
89:4e:21:df:30:3a:21:57:d4:0f:e8:46:02:fc:ab:ed:50:77:
7e:75:2c:a9:4a:b5:d6:4f:03:bf:8b:af:0e:29:bc:77:19:54:
7c:8a:ef:81:dc:29:17:10:19:dc:a8:bb:d1:cf:a3:bd:0a:7e:
2f:91:4a:5e:f1:b3:72:c0:dd:1b:12:91:2b:1f:24:31:7d:b9:
cb:da:28:89:fc:2f:ae:32:35:52:42:e9:fe:10:6c:cd:ed:4f:
f5:2e:0a:a3:e5:07:f3:8f:22:9d:7d:35:15:2d:18:9f:83:71:
2b:4b:e6:70:7d:b5:7e:f1:1f:78:fd:06:b5:bd:4c:b6:eb:2b:
1b:42:8b:a1:f5:40:5f:7f:a2:cb:72:b9:0f:99:cd:78:31:3a:
b8:12:da:6f:a6:bd:c0:29:15:ab:85:5d:8f:f7:fa:3c:4a:23:
16:6f:e9:61:f8:ea:41:04:f1:65:a2:9a:1a:95:ca:5b:65:b6:
9a:9e:8d:54:64:12:8c:02:9f:58:09:e1:97:e1:a4:47:2d:22:
07:12:88:41:c3:46:36:c7:2f:93:33:b8:1e:a6:9d:81:55:54:
1d:60:e1:a0:3a:43:d1:04:7b:a5:8e:13:f7:d9:8b:b3:82:d2:
54:8f:52:d3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsHerPxJ09Q/YPw0IwAffbiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA3MDAxMjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzA0MTk3MTRmMDVhODk0MTExNDY0ZDc2ZjBmMjkxZTY1ODdlMWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoONWADZXkqnd53Jmy2cVyTF3wc4/
XOlzBfnw1TZUDw8MVSQ9nowfAlaZO4+iDsWDoDjoa9HICL9mbZhZ9vAdX8Kce7ay
SovxbwpiZDj8WhESHIeya+qs3dXhKQ/iLpC27Vi0yW1/UEUBioEp2qiZhwE+Sfg6
8VB6cEwDnwODUxm0rsx2tt8N2162dMrl+NmntghTxPa8eXvpdABva+SvyFyH6NAo
ki6EadOC5cGzYHNX8Set5YP9Ibeys6u1vKTAM2Xa4BSXxnyqy5xline/e1TY66+u
fesvQOuvjYRW/pwJWFbKgHMQ3gjd2FVQe0uEVzhPZgL+bXg9E3JzqiMHBQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOcEGXFPBaiUERRk128PKR5lh+HmMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvNXdRWmNVOEZxSlFSRkdUWGJ3OHBIbVdINGVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ2gnH5NOH+m7gpVs7rF
6NLRx4lOId8wOiFX1A/oRgL8q+1Qd351LKlKtdZPA7+Lrw4pvHcZVHyK74HcKRcQ
Gdyou9HPo70Kfi+RSl7xs3LA3RsSkSsfJDF9ucvaKIn8L64yNVJC6f4QbM3tT/Uu
CqPlB/OPIp19NRUtGJ+DcStL5nB9tX7xH3j9BrW9TLbrKxtCi6H1QF9/ostyuQ+Z
zXgxOrgS2m+mvcApFauFXY/3+jxKIxZv6WH46kEE8WWimhqVyltltpqejVRkEowC
n1gJ4ZfhpEctIgcSiEHDRjbHL5MzuB6mnYFVVB1g4aA6Q9EEe6WOE/fZi7OC0lSP
UtM=
-----END CERTIFICATE-----
Generated at Mon Apr 21 21:06:41 2025 by rpki-client