Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/9IQMUb-GVsXZFyzhcEXHVm7LepU.roa
File: 9IQMUb-GVsXZFyzhcEXHVm7LepU.roa (raw, json)
Hash identifier: zyIzpMfaRkfP73PKNl5RLuNoFljQ6lwWBSrfGLNo22w=
Subject key identifier: F4:84:0C:51:BF:86:56:C5:D9:17:2C:E1:70:45:C7:56:6E:CB:7A:95
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BF804BB2A4A817813A8ED7BBCA002E55F
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/9IQMUb-GVsXZFyzhcEXHVm7LepU.roa
Signing time: Wed 22 Nov 2023 17:12:21 +0000
ROA not before: Wed 22 Nov 2023 17:12:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f8:04:bb:2a:4a:81:78:13:a8:ed:7b:bc:a0:02:e5:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 22 17:12:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4840c51bf8656c5d9172ce17045c7566ecb7a95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:51:5e:3b:f5:71:7f:85:08:e2:5d:37:81:b5:
be:72:b2:60:4c:06:e4:9f:0d:5d:fc:ab:9d:a3:3d:
90:99:c1:51:62:82:d2:fe:98:98:02:9e:7a:c0:c9:
b0:c5:f3:8c:13:2f:13:0b:6d:b5:db:81:00:88:2b:
f4:88:6c:1f:97:c5:1b:c0:0f:84:17:4b:24:61:e6:
c4:b7:d2:e9:82:55:35:42:2b:da:88:85:e2:2d:7e:
aa:75:c4:41:d5:bf:28:58:eb:29:5c:a8:f2:ec:79:
b7:bb:44:5f:df:28:cb:b7:04:24:dd:7a:aa:71:2f:
33:f3:8e:a1:89:98:5c:f8:46:09:50:7e:7a:74:7a:
42:b3:f2:a7:a6:29:48:9f:52:5e:fc:ff:d6:40:79:
9b:90:50:58:dd:6c:75:f3:43:bb:38:cd:e7:a4:c5:
2c:d7:8c:14:64:78:95:3b:b9:ee:62:fe:5c:fd:26:
bd:b2:d2:ef:c6:ba:f0:b3:28:4c:93:46:d2:14:05:
77:39:f9:0d:19:20:58:9b:29:c0:e3:bf:37:75:51:
df:31:b0:41:7d:3f:97:c6:80:7f:5f:78:c8:8e:38:
3e:9e:05:d9:60:d0:60:2e:fc:f1:a8:46:31:da:1a:
fd:83:ae:83:b8:46:52:da:d7:8a:b8:bc:16:7b:44:
5d:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:84:0C:51:BF:86:56:C5:D9:17:2C:E1:70:45:C7:56:6E:CB:7A:95
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/9IQMUb-GVsXZFyzhcEXHVm7LepU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
64:c7:4a:ad:03:2a:e7:3d:09:95:e5:dd:25:62:22:21:a7:34:
e6:86:70:06:16:f0:3f:0f:06:10:54:37:87:25:1b:01:b6:1c:
e5:f4:c8:cc:44:9a:5e:c1:aa:c2:27:1a:97:cb:50:be:d3:df:
a1:92:17:21:39:42:df:31:c6:0e:02:28:dc:03:f4:83:ce:ca:
c7:e4:61:49:71:83:6d:2b:f1:7f:a0:a4:cb:e3:c5:43:6c:cd:
a7:48:79:5d:28:ae:49:04:f5:a4:b2:94:a4:0a:85:a0:9f:9b:
e1:da:70:f1:e6:e2:d6:17:15:04:36:dd:0b:8e:39:40:6c:2a:
a7:c6:0c:f0:65:57:6f:7d:16:b3:84:02:de:b4:8a:c0:dc:06:
6d:ab:ff:ee:eb:91:9a:63:86:39:e9:04:11:72:a9:63:3c:06:
aa:e8:14:c2:fd:55:4c:22:88:cf:5f:b5:34:3f:6e:dd:26:62:
12:56:cf:6b:d1:e8:66:15:87:d4:68:1c:7b:19:e0:07:f2:60:
79:f4:c7:0e:81:d9:d2:b7:fa:5e:f0:00:7e:22:15:5c:de:88:
d8:93:02:bc:c8:75:5b:65:36:63:0e:c9:2c:a1:77:7a:19:03:
a7:87:44:46:63:8a:4d:7a:5b:c4:83:ac:38:98:b0:d0:d9:c8:
a0:15:74:cf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYv4BLsqSoF4E6jte7ygAuVfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTIyMTcxMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDg0MGM1MWJmODY1NmM1ZDkxNzJjZTE3MDQ1Yzc1NjZlY2I3YTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVFeO/Vxf4UI4l03gbW+crJgTAbk
nw1d/Kudoz2QmcFRYoLS/piYAp56wMmwxfOMEy8TC22124EAiCv0iGwfl8UbwA+E
F0skYebEt9LpglU1QivaiIXiLX6qdcRB1b8oWOspXKjy7Hm3u0Rf3yjLtwQk3Xqq
cS8z846hiZhc+EYJUH56dHpCs/KnpilIn1Je/P/WQHmbkFBY3Wx180O7OM3npMUs
14wUZHiVO7nuYv5c/Sa9stLvxrrwsyhMk0bSFAV3OfkNGSBYmynA4783dVHfMbBB
fT+XxoB/X3jIjjg+ngXZYNBgLvzxqEYx2hr9g66DuEZS2teKuLwWe0RdnQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPSEDFG/hlbF2Rcs4XBFx1Zuy3qVMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvOUlRTVViLUdWc1haRnl6aGNFWEhWbTdMZXBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGTHSq0DKuc9CZXl3SVi
IiGnNOaGcAYW8D8PBhBUN4clGwG2HOX0yMxEml7BqsInGpfLUL7T36GSFyE5Qt8x
xg4CKNwD9IPOysfkYUlxg20r8X+gpMvjxUNszadIeV0orkkE9aSylKQKhaCfm+Ha
cPHm4tYXFQQ23QuOOUBsKqfGDPBlV299FrOEAt60isDcBm2r/+7rkZpjhjnpBBFy
qWM8BqroFML9VUwiiM9ftTQ/bt0mYhJWz2vR6GYVh9RoHHsZ4AfyYHn0xw6B2dK3
+l7wAH4iFVzeiNiTArzIdVtlNmMOySyhd3oZA6eHREZjik16W8SDrDiYsNDZyKAV
dM8=
-----END CERTIFICATE-----
Generated at Mon Apr 21 03:23:25 2025 by rpki-client