Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/9rFree85K-Z9moOzg3god-lEcII.roa
File: 9rFree85K-Z9moOzg3god-lEcII.roa (raw, json)
Hash identifier: dSvfq8OrrAlDWkqq5KsHy0eYOjOkrlVkstygkkQDg7o=
Subject key identifier: F6:B1:6B:79:EF:39:2B:E6:7D:9A:83:B3:83:78:28:77:E9:44:70:82
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BC93C5A3C2B919F0C68BADE9E35125A45
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/9rFree85K-Z9moOzg3god-lEcII.roa
Signing time: Mon 13 Nov 2023 15:10:57 +0000
ROA not before: Mon 13 Nov 2023 15:10:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c9:3c:5a:3c:2b:91:9f:0c:68:ba:de:9e:35:12:5a:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 13 15:10:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f6b16b79ef392be67d9a83b383782877e9447082
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c1:96:b7:fe:e7:d0:20:3c:11:4f:70:cf:89:
aa:66:fa:22:90:60:e8:1c:a6:bf:6b:65:a1:18:24:
a0:94:71:fe:49:2e:d1:38:30:17:b5:ce:e1:13:b0:
c6:1d:b9:40:72:4d:bd:95:d6:5d:4e:3a:e4:22:02:
8c:2b:86:6c:d3:cb:f6:96:d1:19:a9:87:25:5f:c6:
cc:2a:44:11:f7:de:4a:4f:b1:da:c1:84:0e:fe:3c:
8f:91:f4:11:2c:73:da:3b:99:4d:bf:fd:52:e4:ca:
1c:36:f4:ad:5e:91:82:f9:3f:76:0a:ac:94:7e:e1:
2e:99:a8:f9:7c:d1:3d:82:94:c7:1a:91:ee:66:4c:
ab:46:55:82:91:6e:78:ba:c0:0a:6d:1d:ec:3a:a4:
de:2b:de:36:4c:c3:32:a4:b2:ed:92:07:48:9a:f5:
df:2b:c6:7b:34:6d:a9:b7:12:b0:51:8a:1d:33:64:
c7:e1:67:ca:86:11:78:e8:67:f0:48:71:6c:7f:93:
d1:3f:b1:83:ee:ac:01:d9:1f:15:59:e6:e5:b1:4f:
65:5b:c6:f7:b2:79:c7:5d:bb:7c:d6:d9:70:49:f3:
90:a4:b0:b5:af:56:46:52:66:c9:e0:67:ba:17:46:
59:6d:35:c8:7c:66:18:2a:1c:4e:19:00:36:ba:48:
e8:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:B1:6B:79:EF:39:2B:E6:7D:9A:83:B3:83:78:28:77:E9:44:70:82
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/9rFree85K-Z9moOzg3god-lEcII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a1:8b:91:cc:df:8f:52:83:15:89:dd:a7:a4:ba:d1:ce:d7:22:
70:57:3c:e8:83:e3:9a:62:3f:c6:19:53:e7:5f:dc:95:d5:b2:
1c:93:ea:e3:55:50:9f:cd:8a:a4:b7:07:fa:1c:45:a1:df:91:
f4:41:ed:38:5c:30:57:4f:c2:0d:05:60:cb:a7:92:eb:f5:c1:
80:82:09:69:62:33:ed:64:69:c2:f1:07:ad:d8:cc:f1:0b:51:
c5:b3:df:77:8f:44:b2:a4:1d:26:fa:d8:6b:64:90:d1:c5:70:
50:d4:61:b4:6a:25:6c:4d:a2:0a:6b:aa:2f:2f:e5:7c:3d:95:
79:9c:68:a2:4e:61:06:a3:f2:38:cc:64:7b:ca:83:ea:59:4c:
a2:54:14:8a:0a:4d:a5:e4:73:a8:64:b0:57:78:c3:2c:85:8a:
4c:2a:1d:db:a6:e3:4c:44:f9:7f:1c:6a:de:40:40:77:1e:cb:
16:ff:22:94:e0:00:bd:7f:ca:16:a1:dd:1e:88:33:df:19:8e:
aa:0d:85:bc:18:46:0f:8d:da:84:76:d4:1f:eb:c4:10:37:b2:
95:8b:6a:20:74:16:37:57:73:60:23:41:33:db:e7:09:9c:3e:
dc:b9:f6:76:95:d4:83:d3:59:aa:de:37:f1:0d:11:ec:83:8a:
06:44:97:60
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvJPFo8K5GfDGi63p41ElpFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTEzMTUxMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmIxNmI3OWVmMzkyYmU2N2Q5YTgzYjM4Mzc4Mjg3N2U5NDQ3MDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMGWt/7n0CA8EU9wz4mqZvoikGDo
HKa/a2WhGCSglHH+SS7RODAXtc7hE7DGHblAck29ldZdTjrkIgKMK4Zs08v2ltEZ
qYclX8bMKkQR995KT7HawYQO/jyPkfQRLHPaO5lNv/1S5MocNvStXpGC+T92CqyU
fuEumaj5fNE9gpTHGpHuZkyrRlWCkW54usAKbR3sOqTeK942TMMypLLtkgdImvXf
K8Z7NG2ptxKwUYodM2TH4WfKhhF46GfwSHFsf5PRP7GD7qwB2R8VWeblsU9lW8b3
snnHXbt81tlwSfOQpLC1r1ZGUmbJ4Ge6F0ZZbTXIfGYYKhxOGQA2ukjoZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPaxa3nvOSvmfZqDs4N4KHfpRHCCMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvOXJGcmVlODVLLVo5bW9PemczZ29kLWxFY0lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKGLkczfj1KDFYndp6S6
0c7XInBXPOiD45piP8YZU+df3JXVshyT6uNVUJ/NiqS3B/ocRaHfkfRB7ThcMFdP
wg0FYMunkuv1wYCCCWliM+1kacLxB63YzPELUcWz33ePRLKkHSb62GtkkNHFcFDU
YbRqJWxNogprqi8v5Xw9lXmcaKJOYQaj8jjMZHvKg+pZTKJUFIoKTaXkc6hksFd4
wyyFikwqHdum40xE+X8cat5AQHceyxb/IpTgAL1/yhah3R6IM98ZjqoNhbwYRg+N
2oR21B/rxBA3spWLaiB0FjdXc2AjQTPb5wmcPty59naV1IPTWareN/ENEeyDigZE
l2A=
-----END CERTIFICATE-----
Generated at Mon Apr 21 11:24:57 2025 by rpki-client