Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/CfB2iFkhl2gHP34KCuGQkq1nxPE.roa
File: CfB2iFkhl2gHP34KCuGQkq1nxPE.roa (raw, json)
Hash identifier: dcI6CMWXT2SVZveI/uesoGH2FQovGTVAZF9dVx8/c+4=
Subject key identifier: 09:F0:76:88:59:21:97:68:07:3F:7E:0A:0A:E1:90:92:AD:67:C4:F1
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BD6F70F27D84ECD8185A3F11A3D665B2B
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/CfB2iFkhl2gHP34KCuGQkq1nxPE.roa
Signing time: Thu 16 Nov 2023 07:09:57 +0000
ROA not before: Thu 16 Nov 2023 07:09:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d6:f7:0f:27:d8:4e:cd:81:85:a3:f1:1a:3d:66:5b:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 16 07:09:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09f0768859219768073f7e0a0ae19092ad67c4f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a5:5c:19:24:d3:06:2a:8e:2d:7f:76:c5:84:
57:ee:62:b7:6e:c6:96:c7:70:02:e3:f7:b0:e2:ff:
75:9a:b5:b2:c9:a8:f5:8d:39:b5:71:0a:a6:7d:33:
a5:eb:5b:63:a1:ac:22:8c:6d:3d:68:dc:72:21:38:
13:b9:a8:81:e7:fd:7b:35:5c:80:8c:d5:02:19:3a:
e1:f7:1c:64:a1:b5:68:6d:fe:7e:8b:d6:1d:d5:b6:
b9:b3:66:f4:7f:5f:2a:2b:7a:7f:9f:bc:17:4d:e4:
da:2b:8c:b6:7f:bf:12:1b:4e:ad:cc:c5:fc:e0:ab:
3f:46:2b:ad:76:7b:c7:49:4b:52:3f:2e:9d:84:68:
13:f7:fa:67:ef:e2:63:7a:77:15:43:24:d1:1a:2d:
79:1a:bf:92:00:1c:0f:3e:12:4d:73:93:de:2f:0e:
4a:c7:d8:5f:f6:f2:29:31:04:c8:d8:3e:40:04:f8:
2b:54:b0:a6:a3:3f:48:59:88:03:40:7b:c6:e5:6d:
8a:61:c0:5c:55:d2:ed:b0:00:68:41:4b:a4:7c:6a:
47:f5:d4:9e:32:a4:48:d1:6b:88:6f:89:fc:b3:f6:
02:9b:0d:33:71:07:83:ff:88:83:d0:36:25:84:92:
93:3f:8a:34:be:d6:75:61:2e:f4:02:30:a6:1e:9d:
5e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:F0:76:88:59:21:97:68:07:3F:7E:0A:0A:E1:90:92:AD:67:C4:F1
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/CfB2iFkhl2gHP34KCuGQkq1nxPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a0:2e:31:1c:85:6b:8d:8f:25:c3:23:c2:11:2a:36:98:38:3a:
d6:f1:50:43:11:ac:ad:1c:93:ab:6a:f7:1c:f7:03:69:10:87:
27:91:c9:f6:e3:ef:68:fe:a6:85:f3:8e:8d:df:1c:b2:72:6e:
84:03:98:e2:48:c0:14:94:95:30:d2:03:0d:78:2c:b4:38:af:
7c:4b:a8:43:a2:2b:a4:f5:91:8f:d4:4b:16:b6:6f:24:26:35:
c6:20:5e:b7:b1:fa:aa:b0:2c:9f:c1:09:2d:bc:ce:ae:9d:eb:
7a:b4:07:cb:00:49:cc:e9:49:a6:85:a6:6a:e2:31:f5:be:b7:
da:bb:23:51:a3:09:30:73:8a:d1:71:78:72:91:59:73:a4:e1:
86:96:23:28:eb:4f:9b:d0:71:3b:59:bf:d5:50:24:56:c7:35:
81:81:44:f7:d0:1a:87:c3:e5:77:4e:67:15:69:51:d9:76:ed:
ca:c1:db:91:18:3f:bf:58:7e:64:88:5c:a9:2c:27:69:bc:ef:
d5:86:d8:e8:34:64:0c:a3:0e:ee:85:f6:0f:6e:50:3b:1f:72:
bc:c9:32:77:7c:38:62:20:08:15:6e:e8:1f:ae:d1:2a:9a:21:
bc:99:2a:1e:ea:ac:14:78:85:c1:88:45:c8:7f:79:7e:2a:40:
b8:a1:72:5c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvW9w8n2E7NgYWj8Ro9ZlsrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTE2MDcwOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWYwNzY4ODU5MjE5NzY4MDczZjdlMGEwYWUxOTA5MmFkNjdjNGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKVcGSTTBiqOLX92xYRX7mK3bsaW
x3AC4/ew4v91mrWyyaj1jTm1cQqmfTOl61tjoawijG09aNxyITgTuaiB5/17NVyA
jNUCGTrh9xxkobVobf5+i9Yd1ba5s2b0f18qK3p/n7wXTeTaK4y2f78SG06tzMX8
4Ks/RiutdnvHSUtSPy6dhGgT9/pn7+JjencVQyTRGi15Gr+SABwPPhJNc5PeLw5K
x9hf9vIpMQTI2D5ABPgrVLCmoz9IWYgDQHvG5W2KYcBcVdLtsABoQUukfGpH9dSe
MqRI0WuIb4n8s/YCmw0zcQeD/4iD0DYlhJKTP4o0vtZ1YS70AjCmHp1eewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAnwdohZIZdoBz9+CgrhkJKtZ8TxMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQ2ZCMmlGa2hsMmdIUDM0S0N1R1FrcTFueFBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKAuMRyFa42PJcMjwhEq
Npg4OtbxUEMRrK0ck6tq9xz3A2kQhyeRyfbj72j+poXzjo3fHLJyboQDmOJIwBSU
lTDSAw14LLQ4r3xLqEOiK6T1kY/USxa2byQmNcYgXrex+qqwLJ/BCS28zq6d63q0
B8sASczpSaaFpmriMfW+t9q7I1GjCTBzitFxeHKRWXOk4YaWIyjrT5vQcTtZv9VQ
JFbHNYGBRPfQGofD5XdOZxVpUdl27crB25EYP79YfmSIXKksJ2m879WG2Og0ZAyj
Du6F9g9uUDsfcrzJMnd8OGIgCBVu6B+u0SqaIbyZKh7qrBR4hcGIRch/eX4qQLih
clw=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:09:13 2025 by rpki-client