Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/8fJ129zEb7mOlR-IP8DHWed2_Q8.roa
File: 8fJ129zEb7mOlR-IP8DHWed2_Q8.roa (raw, json)
Hash identifier: wFS3FMIqM259xPddvYV5ViSf/X9Z9QZnc1KuXehEOtk=
Subject key identifier: F1:F2:75:DB:DC:C4:6F:B9:8E:95:1F:88:3F:C0:C7:59:E7:76:FD:0F
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B47387E810EA9CC86D20004DFDE5A43A8
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/8fJ129zEb7mOlR-IP8DHWed2_Q8.roa
Signing time: Thu 19 Oct 2023 09:16:06 +0000
ROA not before: Thu 19 Oct 2023 09:16:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:47:38:7e:81:0e:a9:cc:86:d2:00:04:df:de:5a:43:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 19 09:16:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1f275dbdcc46fb98e951f883fc0c759e776fd0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:91:2d:b3:35:9b:47:30:c8:89:90:62:5a:46:
76:a7:fa:df:76:b6:8d:de:c4:a4:03:e2:f2:f3:38:
62:f1:3e:8b:9d:3a:d0:0f:d4:87:fd:36:0a:eb:79:
e4:c6:a3:c9:35:a8:1e:26:9a:7a:e9:65:e2:17:f1:
5f:e6:c4:2d:a7:23:1e:a1:0c:08:3e:67:5e:07:4a:
7d:79:52:6d:91:43:46:4a:4a:08:af:5d:05:69:42:
34:b2:46:ef:cf:ff:e0:ad:31:f1:35:a3:fc:15:91:
bd:e7:9b:a1:52:94:d3:aa:ac:83:44:58:f1:cd:53:
e1:7c:db:fd:0c:d9:6b:3a:38:94:d3:d4:79:57:e8:
fa:7d:80:ce:28:4c:9b:61:0e:9a:84:f3:fb:bb:f1:
40:be:8e:07:a3:43:17:0d:60:f3:c3:db:9f:8f:72:
85:b7:6a:34:b4:28:2d:18:26:40:2b:f2:4d:27:4a:
11:94:92:15:7f:db:05:93:0f:a8:35:5d:28:97:f1:
4c:5d:64:d0:21:58:24:d8:5f:ac:65:00:86:93:28:
94:d2:67:43:05:4d:9a:b4:68:56:14:cf:ff:33:1e:
de:90:66:5b:e8:4a:15:9c:37:43:88:3a:2c:76:32:
8d:a5:b0:7b:6d:98:a9:27:7b:97:71:d8:c2:3c:a5:
12:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:F2:75:DB:DC:C4:6F:B9:8E:95:1F:88:3F:C0:C7:59:E7:76:FD:0F
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/8fJ129zEb7mOlR-IP8DHWed2_Q8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4f:bd:df:ac:20:e5:96:bb:32:19:52:bf:3e:d9:fe:51:1e:c1:
0a:6b:27:27:57:df:78:76:7e:70:ce:ac:20:29:20:b4:6c:cc:
34:3e:ee:51:20:98:9d:d8:b1:53:83:f7:58:37:db:3d:2d:d0:
00:1d:4a:9c:e2:4c:8e:1d:dd:d0:40:79:0e:28:73:85:8a:07:
97:29:68:30:b5:a7:6e:1a:53:1e:a4:7e:e5:38:4f:73:9f:e9:
a3:8e:4c:19:46:ea:7a:aa:bb:b0:d5:bf:16:09:ae:7c:5d:21:
87:f7:29:14:26:2a:50:3d:30:c1:ed:e5:30:7a:89:f0:db:b7:
7b:40:8e:bf:e0:8d:8c:03:90:e9:a5:64:b8:ee:f4:fb:7c:58:
c8:32:6d:66:43:8a:fd:8a:a2:c1:17:8a:c8:3c:20:35:35:3d:
da:62:8c:86:d1:e6:9c:ce:96:6e:85:68:20:11:8e:13:ef:95:
bc:2d:c6:72:62:66:f2:d2:0f:0d:94:c5:a8:b1:da:8f:1d:17:
67:72:81:cf:67:b1:8d:d9:be:a6:16:ff:74:d9:b3:35:9d:27:
c3:91:25:37:ce:81:01:e2:39:6e:61:3d:4e:d1:16:d0:d5:ed:
58:8b:e1:c3:be:59:b5:12:2a:cd:d0:08:ed:40:6e:14:13:57:
52:b7:67:5d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtHOH6BDqnMhtIABN/eWkOoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE5MDkxNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWYyNzVkYmRjYzQ2ZmI5OGU5NTFmODgzZmMwYzc1OWU3NzZmZDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJEtszWbRzDIiZBiWkZ2p/rfdraN
3sSkA+Ly8zhi8T6LnTrQD9SH/TYK63nkxqPJNageJpp66WXiF/Ff5sQtpyMeoQwI
PmdeB0p9eVJtkUNGSkoIr10FaUI0skbvz//grTHxNaP8FZG955uhUpTTqqyDRFjx
zVPhfNv9DNlrOjiU09R5V+j6fYDOKEybYQ6ahPP7u/FAvo4Ho0MXDWDzw9ufj3KF
t2o0tCgtGCZAK/JNJ0oRlJIVf9sFkw+oNV0ol/FMXWTQIVgk2F+sZQCGkyiU0mdD
BU2atGhWFM//Mx7ekGZb6EoVnDdDiDosdjKNpbB7bZipJ3uXcdjCPKUSDQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPHyddvcxG+5jpUfiD/Ax1nndv0PMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvOGZKMTI5ekViN21PbFItSVA4REhXZWQyX1E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE+936wg5Za7MhlSvz7Z
/lEewQprJydX33h2fnDOrCApILRszDQ+7lEgmJ3YsVOD91g32z0t0AAdSpziTI4d
3dBAeQ4oc4WKB5cpaDC1p24aUx6kfuU4T3Of6aOOTBlG6nqqu7DVvxYJrnxdIYf3
KRQmKlA9MMHt5TB6ifDbt3tAjr/gjYwDkOmlZLju9Pt8WMgybWZDiv2KosEXisg8
IDU1PdpijIbR5pzOlm6FaCARjhPvlbwtxnJiZvLSDw2Uxaix2o8dF2dygc9nsY3Z
vqYW/3TZszWdJ8ORJTfOgQHiOW5hPU7RFtDV7ViL4cO+WbUSKs3QCO1AbhQTV1K3
Z10=
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:14:37 2025 by rpki-client