Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/9PgoKm8GNmh8hRH6lBKQiXsq1UQ.roa
File: 9PgoKm8GNmh8hRH6lBKQiXsq1UQ.roa (raw, json)
Hash identifier: 62PRqdNSZinTXrQ3LXU2XCHbyqJccSmf6PRUDlEuJCU=
Subject key identifier: F4:F8:28:2A:6F:06:36:68:7C:85:11:FA:94:12:90:89:7B:2A:D5:44
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C3D8B61CFE66AF231A130350521E7CD91
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/9PgoKm8GNmh8hRH6lBKQiXsq1UQ.roa
Signing time: Wed 06 Dec 2023 05:13:13 +0000
ROA not before: Wed 06 Dec 2023 05:13:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3d:8b:61:cf:e6:6a:f2:31:a1:30:35:05:21:e7:cd:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 6 05:13:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4f8282a6f0636687c8511fa941290897b2ad544
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:a3:1a:65:2f:57:b8:67:10:bb:91:1f:aa:a3:
ca:46:64:be:85:02:94:90:40:8c:15:00:30:20:d5:
52:9a:be:69:6f:0a:3d:e8:21:f4:46:1b:e2:ae:fd:
1d:5b:ac:46:4a:7c:32:f3:09:a2:71:3d:e5:bf:12:
de:22:6c:cd:06:c1:18:b3:a3:3f:e5:f7:64:67:68:
8d:95:bf:96:df:13:ef:e9:5f:6b:02:7f:a9:7f:59:
46:3b:58:81:bc:2b:db:a0:7f:d6:08:1f:cb:6d:43:
9a:fe:ea:62:51:f6:56:00:00:d3:66:d9:06:0d:c9:
14:ed:68:59:8d:6d:1d:34:b8:34:fc:67:88:05:d7:
bf:ff:7b:d1:28:d7:04:17:87:68:84:ca:ff:c1:51:
31:71:a1:09:ab:f4:e9:41:d7:37:ba:17:16:8d:e1:
2b:83:27:6e:74:95:e5:91:67:bc:96:77:23:d4:ef:
1d:cf:fb:1d:9b:21:3e:43:eb:6b:46:d5:3e:1a:66:
b6:17:82:9c:41:ca:49:9d:b8:f2:61:ca:77:a9:cd:
e7:ab:ee:ef:fe:63:b9:ea:af:23:19:d3:a6:00:7b:
cf:33:e4:52:89:45:a1:36:a4:34:35:65:37:26:ba:
dc:71:05:2c:20:94:d6:73:c7:9e:b7:4e:38:2d:62:
27:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:F8:28:2A:6F:06:36:68:7C:85:11:FA:94:12:90:89:7B:2A:D5:44
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/9PgoKm8GNmh8hRH6lBKQiXsq1UQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ce:a8:89:c8:b7:52:9e:b9:1d:8c:f9:a0:6e:6a:32:a7:d3:17:
03:22:88:d7:b9:c7:b7:be:88:aa:7b:5c:8d:da:58:b2:95:72:
df:e7:e3:92:f8:85:aa:ba:34:1e:bd:e8:81:9a:19:09:82:2e:
d9:95:5b:60:61:80:99:6e:1f:f3:d6:ee:b7:84:da:7d:2d:c3:
a4:88:12:4c:d8:d3:0d:66:d6:ef:f3:6c:f7:1d:c5:28:f9:62:
69:f4:a4:be:e5:a5:50:bf:8a:40:0a:cc:56:ba:ad:f1:e2:af:
00:3c:f5:f3:a1:2c:04:c0:8b:c7:54:37:76:53:dc:bc:56:71:
f7:1d:3f:14:9e:c7:29:c8:83:9b:a6:71:74:5b:86:ef:0e:db:
2f:43:17:1c:be:ff:b1:dc:0f:df:22:25:6b:1f:1d:6c:2d:41:
8b:af:c2:81:66:3d:ea:e4:df:f6:b8:9f:f3:1d:0a:40:f8:26:
87:92:a7:db:e4:1a:d9:74:32:35:6b:fe:aa:85:38:68:92:f4:
f6:8c:06:ea:b8:12:6c:bc:99:e5:fa:55:39:76:19:0d:41:01:
c1:69:9f:1e:d6:95:68:16:c8:d3:fc:df:a8:d2:f2:0a:5e:ca:
b7:c3:b5:93:68:20:0f:5c:76:cb:b3:dc:42:2d:28:7a:f6:0a:
e2:84:d9:2b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYw9i2HP5mryMaEwNQUh582RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA2MDUxMzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGY4MjgyYTZmMDYzNjY4N2M4NTExZmE5NDEyOTA4OTdiMmFkNTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA76MaZS9XuGcQu5EfqqPKRmS+hQKU
kECMFQAwINVSmr5pbwo96CH0Rhvirv0dW6xGSnwy8wmicT3lvxLeImzNBsEYs6M/
5fdkZ2iNlb+W3xPv6V9rAn+pf1lGO1iBvCvboH/WCB/LbUOa/upiUfZWAADTZtkG
DckU7WhZjW0dNLg0/GeIBde//3vRKNcEF4dohMr/wVExcaEJq/TpQdc3uhcWjeEr
gydudJXlkWe8lncj1O8dz/sdmyE+Q+trRtU+Gma2F4KcQcpJnbjyYcp3qc3nq+7v
/mO56q8jGdOmAHvPM+RSiUWhNqQ0NWU3JrrccQUsIJTWc8eet044LWInQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPT4KCpvBjZofIUR+pQSkIl7KtVEMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvOVBnb0ttOEdObWg4aFJINmxCS1FpWHNxMVVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAM6oici3Up65HYz5oG5q
MqfTFwMiiNe5x7e+iKp7XI3aWLKVct/n45L4haq6NB696IGaGQmCLtmVW2BhgJlu
H/PW7reE2n0tw6SIEkzY0w1m1u/zbPcdxSj5Ymn0pL7lpVC/ikAKzFa6rfHirwA8
9fOhLATAi8dUN3ZT3LxWcfcdPxSexynIg5umcXRbhu8O2y9DFxy+/7HcD98iJWsf
HWwtQYuvwoFmPerk3/a4n/MdCkD4JoeSp9vkGtl0MjVr/qqFOGiS9PaMBuq4Emy8
meX6VTl2GQ1BAcFpnx7WlWgWyNP836jS8gpeyrfDtZNoIA9cdsuz3EItKHr2CuKE
2Ss=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:50:21 2025 by rpki-client