Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/9ntASxHy5tXvPyhBiWRrI911eqY.roa
File: 9ntASxHy5tXvPyhBiWRrI911eqY.roa (raw, json)
Hash identifier: doMM83ImXrf1cMSAr3QcwB1O/zkGc8+QJI0cNQX/f0I=
Subject key identifier: F6:7B:40:4B:11:F2:E6:D5:EF:3F:28:41:89:64:6B:23:DD:75:7A:A6
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B75FFBCF66939DE506041816F47506CAF
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/9ntASxHy5tXvPyhBiWRrI911eqY.roa
Signing time: Sat 28 Oct 2023 11:16:16 +0000
ROA not before: Sat 28 Oct 2023 11:16:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:75:ff:bc:f6:69:39:de:50:60:41:81:6f:47:50:6c:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 28 11:16:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f67b404b11f2e6d5ef3f284189646b23dd757aa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:5e:73:1e:60:c5:ca:7b:3a:1b:0f:df:9a:d4:
4a:e4:42:a0:d3:92:28:60:c8:b4:80:a4:61:cf:10:
e8:65:85:58:90:d2:b2:6c:53:52:d9:4a:52:97:65:
e7:50:8b:34:fd:e9:1a:d2:8e:f6:bd:ac:5a:0f:a7:
ae:2a:4e:b4:b6:53:e4:8a:86:af:fd:6b:35:93:47:
78:30:67:94:10:93:ac:16:4d:45:f5:a7:70:20:1b:
73:ab:9a:75:27:79:82:93:49:d5:cf:64:43:af:1e:
b4:61:6d:50:23:87:50:62:42:79:94:56:bf:78:36:
69:37:06:a2:af:dd:ea:3a:69:00:e6:bb:d4:58:b2:
47:94:af:2f:5a:ff:14:c1:0d:b2:97:74:df:9b:c3:
c8:ba:14:ff:7d:85:95:5f:a6:e9:17:c9:94:68:45:
41:f7:ee:6b:de:48:ed:07:04:f8:ce:3d:ac:56:3d:
30:d6:f0:dd:15:f4:ef:00:df:f7:e6:fa:02:3b:2c:
35:27:75:d5:8d:64:33:e9:3e:40:2c:2c:bf:c2:ff:
e7:38:8a:0d:4b:92:4e:8f:31:f8:95:e3:d9:84:5f:
72:f6:a8:64:5b:8d:96:51:d5:0f:f0:4a:d0:a9:c7:
e2:84:cf:cf:ab:20:75:15:02:15:32:25:d8:c9:14:
2b:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:7B:40:4B:11:F2:E6:D5:EF:3F:28:41:89:64:6B:23:DD:75:7A:A6
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/9ntASxHy5tXvPyhBiWRrI911eqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
30:c4:03:82:e1:34:4e:d2:77:41:21:e2:a3:4c:aa:1e:23:e3:
73:30:97:f6:81:b7:8e:2c:2b:d7:c0:14:63:05:cb:86:f3:54:
1b:2d:28:72:36:34:56:a6:05:d9:3e:f6:ad:96:ba:c7:e9:60:
e4:b6:e6:ce:37:5b:1a:a0:73:cd:0d:5c:e3:d0:ca:a3:9a:62:
e7:61:96:d0:d7:3e:d3:bb:5d:f6:18:90:fe:37:66:85:c6:77:
c9:ee:59:9e:05:78:68:6c:be:6b:12:01:f0:1f:45:66:f5:e6:
52:ae:4b:e8:fa:ad:98:ab:78:69:09:45:4e:c4:83:3d:68:2e:
2d:60:0a:45:fd:50:d6:cc:03:22:ce:2a:f4:e2:29:b2:12:25:
8a:61:d6:10:c0:f7:bc:c9:d6:e3:a7:6d:67:30:45:8e:50:57:
04:89:f3:90:32:ae:15:e6:67:44:fb:0e:9e:c7:d1:6b:88:e8:
0f:52:8f:ba:fb:dc:82:b9:0e:9e:5a:35:00:88:c7:d2:2e:55:
dd:32:be:d6:7e:f4:7e:8a:cf:e9:f2:06:3d:54:30:8e:aa:71:
76:e5:88:49:c4:4c:e2:fb:4c:4b:a9:51:bc:f7:0b:1d:16:c0:
e2:f0:84:8b:f3:c9:b0:e5:72:18:9a:e3:5d:5f:03:85:46:2f:
81:0f:2f:fc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYt1/7z2aTneUGBBgW9HUGyvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI4MTExNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjdiNDA0YjExZjJlNmQ1ZWYzZjI4NDE4OTY0NmIyM2RkNzU3YWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArV5zHmDFyns6Gw/fmtRK5EKg05Io
YMi0gKRhzxDoZYVYkNKybFNS2UpSl2XnUIs0/eka0o72vaxaD6euKk60tlPkioav
/Ws1k0d4MGeUEJOsFk1F9adwIBtzq5p1J3mCk0nVz2RDrx60YW1QI4dQYkJ5lFa/
eDZpNwair93qOmkA5rvUWLJHlK8vWv8UwQ2yl3Tfm8PIuhT/fYWVX6bpF8mUaEVB
9+5r3kjtBwT4zj2sVj0w1vDdFfTvAN/35voCOyw1J3XVjWQz6T5ALCy/wv/nOIoN
S5JOjzH4lePZhF9y9qhkW42WUdUP8ErQqcfihM/PqyB1FQIVMiXYyRQrFQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPZ7QEsR8ubV7z8oQYlkayPddXqmMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvOW50QVN4SHk1dFh2UHloQmlXUnJJOTExZXFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADDEA4LhNE7Sd0Eh4qNM
qh4j43Mwl/aBt44sK9fAFGMFy4bzVBstKHI2NFamBdk+9q2WusfpYOS25s43Wxqg
c80NXOPQyqOaYudhltDXPtO7XfYYkP43ZoXGd8nuWZ4FeGhsvmsSAfAfRWb15lKu
S+j6rZireGkJRU7Egz1oLi1gCkX9UNbMAyLOKvTiKbISJYph1hDA97zJ1uOnbWcw
RY5QVwSJ85AyrhXmZ0T7Dp7H0WuI6A9Sj7r73IK5Dp5aNQCIx9IuVd0yvtZ+9H6K
z+nyBj1UMI6qcXbliEnETOL7TEupUbz3Cx0WwOLwhIvzybDlchia411fA4VGL4EP
L/w=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:53:42 2025 by rpki-client