Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/AVtIQ9uZm9BrP3roW8seBm2HaWY.roa
File: AVtIQ9uZm9BrP3roW8seBm2HaWY.roa (raw, json)
Hash identifier: NiPU0w8W+ijtYkfFWnJLGVec7SlGKopxqZU/Y57rWeE=
Subject key identifier: 01:5B:48:43:DB:99:9B:D0:6B:3F:7A:E8:5B:CB:1E:06:6D:87:69:66
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C04789A2F0424DACB03C4770FA6DE1A51
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/AVtIQ9uZm9BrP3roW8seBm2HaWY.roa
Signing time: Sat 25 Nov 2023 03:14:21 +0000
ROA not before: Sat 25 Nov 2023 03:14:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:04:78:9a:2f:04:24:da:cb:03:c4:77:0f:a6:de:1a:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 25 03:14:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=015b4843db999bd06b3f7ae85bcb1e066d876966
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:37:95:98:c5:2b:33:86:56:83:44:a9:38:5a:
80:e2:45:6d:dc:47:b8:fa:60:95:5d:af:5a:fe:5b:
02:aa:7a:c7:73:49:3a:a1:99:75:a4:6f:72:91:14:
8a:3a:2d:84:7a:43:ef:dc:5b:07:07:07:56:75:a0:
36:f5:53:68:7e:b5:90:e9:db:7d:63:ec:79:57:f6:
65:e4:9d:28:ac:5b:b8:ad:59:00:64:98:18:53:ba:
3c:23:4c:f7:e2:68:b9:97:35:c7:53:4d:41:a2:c7:
63:84:c3:f2:7b:47:61:b0:d6:fa:3b:bc:c3:1a:ae:
6f:ed:79:e5:ed:47:fe:d2:0d:b2:b5:ab:3b:4d:02:
d0:5c:41:f9:50:6b:fb:f1:fe:e9:20:98:a3:0b:98:
15:35:6e:8b:8d:fd:99:41:bd:78:f8:09:02:2f:0e:
44:c9:fc:5f:e8:47:80:44:61:35:1b:56:fb:da:5c:
df:6c:a6:cc:77:8f:0c:c7:6f:d0:6a:2f:3b:da:90:
4f:2c:e0:44:49:70:3b:2f:fe:8d:24:3e:de:33:14:
a2:bb:cc:40:b6:fc:d5:f8:ea:92:da:53:fd:66:19:
4c:61:6d:2c:55:8d:0c:71:a2:f6:96:d2:ed:f9:39:
64:0b:b2:87:37:27:5b:66:6c:29:1f:56:a3:5c:3e:
bd:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:5B:48:43:DB:99:9B:D0:6B:3F:7A:E8:5B:CB:1E:06:6D:87:69:66
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/AVtIQ9uZm9BrP3roW8seBm2HaWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9c:a4:1e:80:0f:78:71:7e:ff:b9:0b:4a:d1:04:99:2d:d4:4e:
00:66:3d:db:9d:eb:af:2c:e0:8b:33:fc:f8:65:89:54:ad:c0:
e3:e9:92:4a:e0:be:56:f0:1b:4a:d5:25:67:6d:f1:7f:40:69:
a0:ec:35:fe:2f:7d:4e:c1:0b:76:82:a1:8b:21:83:79:15:c1:
d2:94:79:1f:3c:1b:31:be:a0:5e:8e:1d:74:ea:67:8a:02:c4:
f1:bb:cd:ee:c3:79:93:12:48:d8:9f:de:5f:73:f9:0c:8d:8b:
64:02:a2:44:e3:9a:9a:6d:bf:0e:40:41:0b:99:4f:b4:3e:5f:
21:ff:05:98:bd:7a:7e:51:10:76:24:06:f1:03:92:77:3f:1e:
37:ee:c4:30:7a:a4:28:e6:c9:c9:91:a7:0d:d3:f6:f2:7f:60:
cd:09:e1:6d:e3:9b:92:be:b3:d9:19:38:1e:25:69:65:52:1b:
85:3a:64:16:f5:89:37:af:59:66:16:80:42:15:f8:e5:8e:0b:
f8:f0:5e:5c:5a:f1:43:e9:22:1e:85:b9:73:4c:91:44:48:c5:
86:02:c8:d3:72:c5:a4:49:3f:b6:91:b0:f5:05:a8:c3:8e:11:
71:2d:9f:b3:57:b5:02:9d:b3:14:1a:7a:36:91:b3:c3:7a:53:
71:c6:5d:1a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwEeJovBCTaywPEdw+m3hpRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI1MDMxNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTViNDg0M2RiOTk5YmQwNmIzZjdhZTg1YmNiMWUwNjZkODc2OTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDeVmMUrM4ZWg0SpOFqA4kVt3Ee4
+mCVXa9a/lsCqnrHc0k6oZl1pG9ykRSKOi2EekPv3FsHBwdWdaA29VNofrWQ6dt9
Y+x5V/Zl5J0orFu4rVkAZJgYU7o8I0z34mi5lzXHU01BosdjhMPye0dhsNb6O7zD
Gq5v7Xnl7Uf+0g2ytas7TQLQXEH5UGv78f7pIJijC5gVNW6Ljf2ZQb14+AkCLw5E
yfxf6EeARGE1G1b72lzfbKbMd48Mx2/Qai872pBPLOBESXA7L/6NJD7eMxSiu8xA
tvzV+OqS2lP9ZhlMYW0sVY0McaL2ltLt+TlkC7KHNydbZmwpH1ajXD695wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAFbSEPbmZvQaz966FvLHgZth2lmMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQVZ0SVE5dVptOUJyUDNyb1c4c2VCbTJIYVdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJykHoAPeHF+/7kLStEE
mS3UTgBmPdud668s4Isz/PhliVStwOPpkkrgvlbwG0rVJWdt8X9AaaDsNf4vfU7B
C3aCoYshg3kVwdKUeR88GzG+oF6OHXTqZ4oCxPG7ze7DeZMSSNif3l9z+QyNi2QC
okTjmpptvw5AQQuZT7Q+XyH/BZi9en5REHYkBvEDknc/HjfuxDB6pCjmycmRpw3T
9vJ/YM0J4W3jm5K+s9kZOB4laWVSG4U6ZBb1iTevWWYWgEIV+OWOC/jwXlxa8UPp
Ih6FuXNMkURIxYYCyNNyxaRJP7aRsPUFqMOOEXEtn7NXtQKdsxQaejaRs8N6U3HG
XRo=
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:53:10 2025 by rpki-client