Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Ax07L3650ZFNPBkmoxEHArgI9Do.roa
File: Ax07L3650ZFNPBkmoxEHArgI9Do.roa (raw, json)
Hash identifier: yhdQfEksKNpiITT+IvnIccM0bCByfShrmkWYdKyuGzw=
Subject key identifier: 03:1D:3B:2F:7E:B9:D1:91:4D:3C:19:26:A3:11:07:02:B8:08:F4:3A
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AEBC5718508545D80A7A1F5A9B5258844
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Ax07L3650ZFNPBkmoxEHArgI9Do.roa
Signing time: Sun 01 Oct 2023 15:04:59 +0000
ROA not before: Sun 01 Oct 2023 15:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:ebc4:f518/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:eb:c5:71:85:08:54:5d:80:a7:a1:f5:a9:b5:25:88:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 1 15:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=031d3b2f7eb9d1914d3c1926a3110702b808f43a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f1:37:11:0b:e8:eb:0a:0f:b5:98:06:69:c4:
02:07:7b:b3:91:4b:b6:85:04:07:cd:cd:5c:31:1e:
4e:c0:9a:95:ca:3d:d9:8e:87:b1:54:1e:38:03:63:
c6:f4:cf:9d:0b:8a:e1:40:17:de:97:80:a7:76:3b:
cd:13:f6:5f:97:22:a2:59:0c:a5:69:11:06:4c:c6:
e6:74:9c:ba:72:db:31:37:f8:85:79:03:0b:e5:9a:
45:e8:9d:e1:bf:a8:27:fa:f9:13:f2:a7:20:3a:a9:
05:da:ee:4d:39:54:46:47:01:d8:4f:28:47:74:10:
80:81:8d:3a:b9:47:eb:ca:fc:2e:c4:5c:84:b0:cf:
99:de:2a:9d:13:e1:8b:cd:ea:76:c5:e0:fe:87:82:
48:67:da:62:04:19:e5:28:d6:af:2f:6a:ae:6b:07:
f1:4d:76:cf:58:50:94:65:9c:bc:92:12:ac:1f:08:
f5:3a:67:cf:29:06:93:76:8d:f2:29:b9:05:65:e0:
5e:18:8b:d3:d0:e1:1b:1d:70:34:f2:6c:c3:07:f0:
97:39:e9:c7:b1:41:c2:d1:d4:5e:2c:f4:e3:e6:79:
3f:64:75:86:e7:45:64:07:a5:a3:b9:82:85:3d:0c:
e3:67:14:8b:f0:3d:33:01:0d:d2:be:f1:88:d8:e8:
18:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:1D:3B:2F:7E:B9:D1:91:4D:3C:19:26:A3:11:07:02:B8:08:F4:3A
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Ax07L3650ZFNPBkmoxEHArgI9Do.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
cd:40:52:a9:fc:a8:68:f0:71:ba:9c:ee:51:3d:8b:ce:cb:07:
0d:f6:00:b6:8d:a8:c5:e3:4c:bd:99:0f:f7:34:94:d0:7a:e6:
4b:23:16:6a:9b:c7:d2:26:7a:65:5d:af:5d:37:1b:0a:07:f3:
8a:94:9e:0d:1a:a8:67:31:ed:7d:9f:11:e8:d6:95:8f:03:0f:
72:bf:90:3a:6d:74:af:52:89:30:a5:a1:59:1d:33:01:08:cb:
93:fd:a9:f1:c0:d4:88:f6:c7:c3:00:2c:4a:69:52:73:a4:0f:
57:8c:ae:05:78:34:1f:4b:73:cd:5e:ae:1b:f2:10:ab:46:c4:
6d:72:2d:be:86:85:a7:8b:70:70:31:84:3c:8c:7c:44:cd:43:
29:cd:e2:29:64:b0:cc:dd:69:29:01:3a:7e:99:ef:6f:b0:b2:
ea:ae:b3:51:40:1f:0b:5e:38:d5:b2:99:a7:1c:22:33:f3:c5:
f5:4b:ad:3b:73:00:76:8e:26:eb:0d:4a:54:23:47:0b:94:df:
f3:62:b8:80:49:cd:74:23:76:2e:b6:af:f5:2c:75:7e:f9:3c:
c9:14:7d:84:e8:2e:10:40:25:d2:1b:35:5b:83:a3:00:25:f6:
4e:f2:37:7e:cb:1b:3a:48:97:88:d1:f3:72:54:c5:02:8c:5a:
12:7c:58:04
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrrxXGFCFRdgKeh9am1JYhEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDAxMTUwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzFkM2IyZjdlYjlkMTkxNGQzYzE5MjZhMzExMDcwMmI4MDhmNDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/E3EQvo6woPtZgGacQCB3uzkUu2
hQQHzc1cMR5OwJqVyj3ZjoexVB44A2PG9M+dC4rhQBfel4CndjvNE/ZflyKiWQyl
aREGTMbmdJy6ctsxN/iFeQML5ZpF6J3hv6gn+vkT8qcgOqkF2u5NOVRGRwHYTyhH
dBCAgY06uUfryvwuxFyEsM+Z3iqdE+GLzep2xeD+h4JIZ9piBBnlKNavL2quawfx
TXbPWFCUZZy8khKsHwj1OmfPKQaTdo3yKbkFZeBeGIvT0OEbHXA08mzDB/CXOenH
sUHC0dReLPTj5nk/ZHWG50VkB6WjuYKFPQzjZxSL8D0zAQ3SvvGI2OgY1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAMdOy9+udGRTTwZJqMRBwK4CPQ6MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQXgwN0wzNjUwWkZOUEJrbW94RUhBcmdJOURvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAM1AUqn8qGjwcbqc7lE9
i87LBw32ALaNqMXjTL2ZD/c0lNB65ksjFmqbx9ImemVdr103GwoH84qUng0aqGcx
7X2fEejWlY8DD3K/kDptdK9SiTCloVkdMwEIy5P9qfHA1Ij2x8MALEppUnOkD1eM
rgV4NB9Lc81erhvyEKtGxG1yLb6GhaeLcHAxhDyMfETNQynN4ilksMzdaSkBOn6Z
72+wsuqus1FAHwteONWymaccIjPzxfVLrTtzAHaOJusNSlQjRwuU3/NiuIBJzXQj
di62r/UsdX75PMkUfYToLhBAJdIbNVuDowAl9k7yN37LGzpIl4jR83JUxQKMWhJ8
WAQ=
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:35:18 2025 by rpki-client