Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/8t7m9bGFkOPgiAmQ0ui2X7rFDf8.roa
File: 8t7m9bGFkOPgiAmQ0ui2X7rFDf8.roa (raw, json)
Hash identifier: h/bgz4oReCtjdN2Q4B107QpARK0Pu/dsZ2HuGAcFn3w=
Subject key identifier: F2:DE:E6:F5:B1:85:90:E3:E0:88:09:90:D2:E8:B6:5F:BA:C5:0D:FF
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AD0FAB9BCDD5C31D70F3FF6E5F979EE16
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/8t7m9bGFkOPgiAmQ0ui2X7rFDf8.roa
Signing time: Tue 26 Sep 2023 10:13:27 +0000
ROA not before: Tue 26 Sep 2023 10:13:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d0:fa:b9:bc:dd:5c:31:d7:0f:3f:f6:e5:f9:79:ee:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 26 10:13:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2dee6f5b18590e3e0880990d2e8b65fbac50dff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a5:58:27:52:0b:9b:21:8a:40:d7:3a:22:b3:
a8:78:db:c2:b5:57:91:6b:cb:0a:ac:f9:2f:22:4d:
df:f0:11:d6:34:f7:4e:1f:4b:65:5f:25:fd:29:97:
dc:f4:68:52:ef:d2:39:6c:75:e1:49:b2:8d:66:28:
ba:ad:66:41:ae:d8:42:b6:03:61:80:84:b3:e4:77:
b3:58:63:da:9c:ed:7e:94:22:3c:1f:4d:f4:a8:c9:
a2:67:56:f4:61:03:fe:fb:24:b6:0a:b5:44:6c:02:
98:9f:54:63:fa:0f:73:04:22:e5:ab:c9:32:55:3b:
21:65:e9:12:11:65:d4:c8:33:be:42:2c:60:76:bf:
b1:06:31:dc:fd:d9:32:cc:e8:0a:af:eb:0c:04:a3:
b4:31:61:0c:28:34:43:af:10:7d:bc:14:1b:93:b1:
4c:e3:50:d3:2b:17:1d:21:da:e0:9c:bf:fa:ab:fe:
cf:e6:e0:9b:7d:e4:ae:b0:5a:8a:6f:2b:a2:d5:85:
32:bb:06:ea:f0:50:b4:08:91:fb:ed:5d:3e:75:d9:
19:3c:51:4c:a9:a3:98:11:82:bc:a2:bd:a9:ff:4e:
f3:73:52:8f:f6:01:48:63:50:50:1c:eb:cb:81:e8:
e0:bd:e3:fc:bc:99:38:09:26:54:93:12:b7:cf:eb:
f2:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:DE:E6:F5:B1:85:90:E3:E0:88:09:90:D2:E8:B6:5F:BA:C5:0D:FF
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/8t7m9bGFkOPgiAmQ0ui2X7rFDf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0a:97:52:6f:1a:18:52:43:2b:59:98:05:38:d9:fd:67:07:7d:
7b:a9:47:7b:7c:50:37:f3:52:e0:9c:18:33:3c:f8:fd:9e:ea:
55:03:9a:d3:a9:e5:87:ea:77:fd:a7:3c:a1:c0:b6:2f:d2:95:
2d:5c:e8:a2:29:32:b5:a4:13:c7:78:bb:dd:37:58:c0:aa:60:
23:ad:80:80:58:d7:b5:8a:d4:c1:17:46:94:8a:82:79:61:35:
8a:2e:f0:d5:4f:53:2b:4b:24:f7:dc:82:1d:da:d7:9a:13:3f:
2b:43:27:2f:91:93:9a:54:0a:59:b9:a2:db:29:ad:cb:cb:6e:
3a:33:12:35:49:5b:82:9e:a9:0e:98:ba:60:7c:40:58:80:aa:
49:db:88:34:84:02:42:b7:73:c4:ab:c7:e4:84:72:39:57:94:
11:17:8b:5e:8f:30:b3:6b:f2:b9:13:9a:94:90:8f:76:4d:13:
6f:a8:06:cc:fb:3e:a4:a1:db:66:65:71:b3:7a:6a:6b:13:e9:
27:ae:a3:b9:c0:d9:bd:94:5a:05:c5:e1:56:bd:0c:f1:cb:00:
b3:aa:47:b2:55:13:fe:6f:3f:e9:d1:4b:e8:ce:f0:05:23:17:
a5:6c:c3:e1:c8:44:86:58:f7:1b:58:89:64:f7:87:cf:68:70:
0f:f9:fc:83
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrQ+rm83Vwx1w8/9uX5ee4WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI2MTAxMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmRlZTZmNWIxODU5MGUzZTA4ODA5OTBkMmU4YjY1ZmJhYzUwZGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKVYJ1ILmyGKQNc6IrOoeNvCtVeR
a8sKrPkvIk3f8BHWNPdOH0tlXyX9KZfc9GhS79I5bHXhSbKNZii6rWZBrthCtgNh
gISz5HezWGPanO1+lCI8H030qMmiZ1b0YQP++yS2CrVEbAKYn1Rj+g9zBCLlq8ky
VTshZekSEWXUyDO+Qixgdr+xBjHc/dkyzOgKr+sMBKO0MWEMKDRDrxB9vBQbk7FM
41DTKxcdIdrgnL/6q/7P5uCbfeSusFqKbyui1YUyuwbq8FC0CJH77V0+ddkZPFFM
qaOYEYK8or2p/07zc1KP9gFIY1BQHOvLgejgveP8vJk4CSZUkxK3z+vy9QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPLe5vWxhZDj4IgJkNLotl+6xQ3/MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvOHQ3bTliR0ZrT1BnaUFtUTB1aTJYN3JGRGY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAqXUm8aGFJDK1mYBTjZ
/WcHfXupR3t8UDfzUuCcGDM8+P2e6lUDmtOp5Yfqd/2nPKHAti/SlS1c6KIpMrWk
E8d4u903WMCqYCOtgIBY17WK1MEXRpSKgnlhNYou8NVPUytLJPfcgh3a15oTPytD
Jy+Rk5pUClm5otsprcvLbjozEjVJW4KeqQ6YumB8QFiAqknbiDSEAkK3c8Srx+SE
cjlXlBEXi16PMLNr8rkTmpSQj3ZNE2+oBsz7PqSh22ZlcbN6amsT6Seuo7nA2b2U
WgXF4Va9DPHLALOqR7JVE/5vP+nRS+jO8AUjF6Vsw+HIRIZY9xtYiWT3h89ocA/5
/IM=
-----END CERTIFICATE-----
Generated at Sat Apr 19 06:03:29 2025 by rpki-client