Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/AJVvlZawipGBxzK_xS1c8Ba_gGU.roa
File: AJVvlZawipGBxzK_xS1c8Ba_gGU.roa (raw, json)
Hash identifier: 86FboaZ8AOjeEX1a+9T+haWX09Gg8aEa4x0oKlNQm6Q=
Subject key identifier: 00:95:6F:95:96:B0:8A:91:81:C7:32:BF:C5:2D:5C:F0:16:BF:80:65
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ADE81C0020E576BBA470E4D472D3459E0
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/AJVvlZawipGBxzK_xS1c8Ba_gGU.roa
Signing time: Fri 29 Sep 2023 01:15:59 +0000
ROA not before: Fri 29 Sep 2023 01:15:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:de:81:c0:02:0e:57:6b:ba:47:0e:4d:47:2d:34:59:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 29 01:15:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00956f9596b08a9181c732bfc52d5cf016bf8065
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f4:48:23:8c:96:ae:28:8b:b0:e3:47:48:ab:
27:c6:fd:cd:89:ff:78:e4:c7:d9:a8:24:ac:e6:9a:
5e:3b:e9:fe:f2:47:7f:e6:b5:4b:c9:74:07:72:c5:
81:72:7c:02:b9:d3:fe:2d:c4:b0:c5:99:12:5b:39:
d0:df:29:5a:c8:4c:65:27:3e:d1:47:ab:e2:cc:a1:
b9:71:7a:36:73:ed:4d:1c:30:c3:a4:e4:b4:f9:50:
8d:da:8f:10:97:6f:64:74:c9:28:1c:53:29:49:f7:
5a:d5:36:19:da:35:26:26:fc:12:dd:39:9d:ed:ff:
9a:65:be:74:1b:e3:b1:fb:37:f4:11:95:94:11:0c:
33:f5:a9:e0:3d:05:82:b9:7f:59:fb:29:30:05:27:
9d:ea:14:bb:4d:d2:ca:02:b4:cd:a3:2a:3e:64:29:
45:40:b6:0b:48:54:3a:0a:7c:95:d8:d7:bf:3a:6e:
f3:1d:55:d3:9a:cf:05:73:e0:41:c4:ea:03:cd:48:
83:1b:17:f9:15:fa:8f:2a:25:ef:71:3d:89:d9:e2:
ed:36:44:b8:17:39:22:c2:67:cf:f2:e8:0b:55:e8:
5b:d8:02:44:d1:7c:c5:21:2c:bd:d0:33:4b:5c:f9:
f1:d7:00:94:b2:3c:e3:6e:d9:29:57:55:59:39:16:
d2:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:95:6F:95:96:B0:8A:91:81:C7:32:BF:C5:2D:5C:F0:16:BF:80:65
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/AJVvlZawipGBxzK_xS1c8Ba_gGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
22:a9:63:01:09:c3:77:e8:a4:ba:d5:26:8a:8e:e7:4c:73:c9:
15:32:8c:89:a4:5b:0f:62:cc:c6:5a:27:b5:42:a9:ba:e5:56:
31:f9:6b:7a:ff:f4:3f:93:99:ef:e3:9c:89:93:bd:02:db:69:
e0:dc:cc:df:40:44:e9:a5:de:34:7f:93:5f:cb:54:9b:78:b7:
9d:94:a8:9b:a0:ff:f0:02:5c:f8:22:ee:e2:2e:39:5b:44:93:
32:66:f3:0e:c0:c5:4e:3f:1d:01:85:d2:5a:01:20:2d:99:eb:
87:81:e7:e3:5b:5a:f7:a1:00:7c:73:9e:6c:52:5c:06:26:18:
73:4f:5a:07:bb:ae:78:10:35:e2:fd:b9:cb:75:d3:fa:35:c8:
da:f5:27:82:17:62:3b:75:b4:b7:57:34:c2:dc:d6:39:5a:81:
70:02:02:bd:70:71:a0:8c:d2:db:82:c0:3e:a8:69:c8:e6:ae:
e2:9b:8d:c8:30:3b:21:b1:05:58:63:36:93:82:2b:42:34:e5:
11:97:69:b6:bc:cc:32:d4:b6:c1:cb:8a:87:02:bb:84:22:8a:
da:cd:62:99:63:1b:b8:00:06:e2:86:f9:0c:78:76:d2:af:b3:
7c:73:c1:99:ed:a6:c1:a7:a9:22:79:17:af:8c:ff:8c:d0:f6:
ed:92:68:01
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYregcACDldrukcOTUctNFngMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI5MDExNTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDk1NmY5NTk2YjA4YTkxODFjNzMyYmZjNTJkNWNmMDE2YmY4MDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvRII4yWriiLsONHSKsnxv3Nif94
5MfZqCSs5ppeO+n+8kd/5rVLyXQHcsWBcnwCudP+LcSwxZkSWznQ3ylayExlJz7R
R6vizKG5cXo2c+1NHDDDpOS0+VCN2o8Ql29kdMkoHFMpSfda1TYZ2jUmJvwS3Tmd
7f+aZb50G+Ox+zf0EZWUEQwz9angPQWCuX9Z+ykwBSed6hS7TdLKArTNoyo+ZClF
QLYLSFQ6CnyV2Ne/Om7zHVXTms8Fc+BBxOoDzUiDGxf5FfqPKiXvcT2J2eLtNkS4
FzkiwmfP8ugLVehb2AJE0XzFISy90DNLXPnx1wCUsjzjbtkpV1VZORbSbQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFACVb5WWsIqRgccyv8UtXPAWv4BlMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQUpWdmxaYXdpcEdCeHpLX3hTMWM4QmFfZ0dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACKpYwEJw3fopLrVJoqO
50xzyRUyjImkWw9izMZaJ7VCqbrlVjH5a3r/9D+Tme/jnImTvQLbaeDczN9AROml
3jR/k1/LVJt4t52UqJug//ACXPgi7uIuOVtEkzJm8w7AxU4/HQGF0loBIC2Z64eB
5+NbWvehAHxznmxSXAYmGHNPWge7rngQNeL9uct10/o1yNr1J4IXYjt1tLdXNMLc
1jlagXACAr1wcaCM0tuCwD6oacjmruKbjcgwOyGxBVhjNpOCK0I05RGXaba8zDLU
tsHLiocCu4QiitrNYpljG7gABuKG+Qx4dtKvs3xzwZntpsGnqSJ5F6+M/4zQ9u2S
aAE=
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:33:39 2025 by rpki-client