Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/FmTO3C7e8VscIXnZIPfUQSSRU28.roa
File: FmTO3C7e8VscIXnZIPfUQSSRU28.roa (raw, json)
Hash identifier: bbxmmN4TLXgdkw+kD1k/BhlIV5/xogTAkhPwxoz5syY=
Subject key identifier: 16:64:CE:DC:2E:DE:F1:5B:1C:21:79:D9:20:F7:D4:41:24:91:53:6F
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B2473935A59E95F4CC5611B66A06E697F
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/FmTO3C7e8VscIXnZIPfUQSSRU28.roa
Signing time: Thu 12 Oct 2023 15:13:55 +0000
ROA not before: Thu 12 Oct 2023 15:13:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:24:73:93:5a:59:e9:5f:4c:c5:61:1b:66:a0:6e:69:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 12 15:13:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1664cedc2edef15b1c2179d920f7d4412491536f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:16:6c:be:6c:e6:05:c4:ec:22:0e:da:27:c8:
e3:73:24:a4:6d:e7:1f:33:b3:00:9f:8f:96:9e:a6:
2c:10:70:c0:37:2e:60:5d:e2:b9:ef:3a:8c:34:cc:
92:59:ca:60:bf:06:0a:a5:fc:ba:3d:57:74:69:48:
94:43:f6:bd:c4:76:7e:2f:06:90:01:9c:c5:f0:f6:
8d:e2:b4:a5:ab:54:7b:1c:fe:f1:d1:f0:5c:a5:83:
02:ed:8a:92:05:2b:60:ca:0d:f9:36:1a:bf:f2:1a:
19:0a:1f:d6:b2:d5:56:10:ed:67:43:6e:66:20:3f:
ac:ff:d1:3e:0e:62:c1:0a:84:70:de:e7:bc:21:e7:
d4:5e:7d:61:c4:5e:6b:95:59:6f:4d:5a:a0:fb:76:
be:7b:12:42:e9:9a:a5:d4:b5:6a:06:13:cd:05:31:
81:b0:73:87:26:e7:80:cb:2d:7a:96:ee:26:8a:30:
5a:37:d2:39:0d:18:e8:9e:db:94:85:49:68:98:46:
69:c5:fc:7b:13:e4:74:1f:d7:b6:fd:fc:6a:37:bc:
c3:85:00:c1:95:9f:38:6a:94:d5:8f:37:d1:de:66:
b9:bf:89:a1:ab:b5:e4:1e:89:b3:2e:36:77:bd:6d:
fd:c7:e4:40:74:4a:a4:ac:d5:86:0e:85:db:98:84:
9d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:64:CE:DC:2E:DE:F1:5B:1C:21:79:D9:20:F7:D4:41:24:91:53:6F
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/FmTO3C7e8VscIXnZIPfUQSSRU28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1d:b4:e2:63:68:3c:e6:70:83:8e:a7:1d:d9:fb:41:5e:3d:a5:
23:29:c3:b9:15:81:b1:6a:d9:21:9b:af:d9:f0:0a:b5:72:09:
6d:e3:42:fe:97:ea:71:29:76:ac:88:7a:49:71:ca:60:ff:09:
42:2e:2a:1c:69:78:d7:a0:50:c5:f3:7b:43:6d:21:aa:50:83:
ba:6e:4b:36:a3:7c:8f:8f:a3:82:54:e7:b0:e1:df:3f:01:59:
29:11:ea:d6:d3:59:02:74:cd:17:a6:7e:80:b8:84:81:3f:3d:
13:cd:23:da:e0:5b:49:d1:82:9a:48:0d:c5:68:17:65:1e:cc:
ed:ab:20:53:ec:e2:b2:5e:f9:5f:c3:89:6a:65:ea:b3:1f:72:
34:0f:76:e0:81:f9:0f:38:26:6f:98:76:4f:55:5b:cd:9b:a7:
59:61:e1:8d:48:df:0e:44:3e:a4:1f:d2:0d:88:40:59:64:c2:
f2:f0:47:17:ad:ba:e0:fa:7a:a9:77:ba:5c:50:8e:19:11:9b:
2e:70:e0:a6:56:6a:2d:51:04:ee:6c:44:a8:35:39:89:c9:1b:
d6:a7:1f:75:f7:4b:6b:3f:fc:fc:35:7e:13:c7:a4:cc:0a:73:
cf:f9:95:f7:d7:fe:49:c4:7a:46:21:63:8f:ec:00:de:8d:38:
e2:20:a5:95
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYskc5NaWelfTMVhG2agbml/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDEyMTUxMzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjY0Y2VkYzJlZGVmMTViMWMyMTc5ZDkyMGY3ZDQ0MTI0OTE1MzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBZsvmzmBcTsIg7aJ8jjcySkbecf
M7MAn4+WnqYsEHDANy5gXeK57zqMNMySWcpgvwYKpfy6PVd0aUiUQ/a9xHZ+LwaQ
AZzF8PaN4rSlq1R7HP7x0fBcpYMC7YqSBStgyg35Nhq/8hoZCh/WstVWEO1nQ25m
ID+s/9E+DmLBCoRw3ue8IefUXn1hxF5rlVlvTVqg+3a+exJC6Zql1LVqBhPNBTGB
sHOHJueAyy16lu4mijBaN9I5DRjontuUhUlomEZpxfx7E+R0H9e2/fxqN7zDhQDB
lZ84apTVjzfR3ma5v4mhq7XkHomzLjZ3vW39x+RAdEqkrNWGDoXbmISdrwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBZkztwu3vFbHCF52SD31EEkkVNvMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvRm1UTzNDN2U4VnNjSVhuWklQZlVRU1NSVTI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB204mNoPOZwg46nHdn7
QV49pSMpw7kVgbFq2SGbr9nwCrVyCW3jQv6X6nEpdqyIeklxymD/CUIuKhxpeNeg
UMXze0NtIapQg7puSzajfI+Po4JU57Dh3z8BWSkR6tbTWQJ0zRemfoC4hIE/PRPN
I9rgW0nRgppIDcVoF2UezO2rIFPs4rJe+V/DiWpl6rMfcjQPduCB+Q84Jm+Ydk9V
W82bp1lh4Y1I3w5EPqQf0g2IQFlkwvLwRxetuuD6eql3ulxQjhkRmy5w4KZWai1R
BO5sRKg1OYnJG9anH3X3S2s//Pw1fhPHpMwKc8/5lffX/knEekYhY4/sAN6NOOIg
pZU=
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:14:08 2025 by rpki-client