Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/LVtfPfn-9rXhKZGfbYMnEs8tiWA.roa
File: LVtfPfn-9rXhKZGfbYMnEs8tiWA.roa (raw, json)
Hash identifier: /5usqKiRBFBBk+K0EKYPQQHgFulrKxCSW87NKK30nls=
Subject key identifier: 2D:5B:5F:3D:F9:FE:F6:B5:E1:29:91:9F:6D:83:27:12:CF:2D:89:60
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B1F7BE9129C1A3F1159E195123E290C41
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/LVtfPfn-9rXhKZGfbYMnEs8tiWA.roa
Signing time: Wed 11 Oct 2023 16:04:56 +0000
ROA not before: Wed 11 Oct 2023 16:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:1f7b:6212/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1f:7b:e9:12:9c:1a:3f:11:59:e1:95:12:3e:29:0c:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 11 16:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d5b5f3df9fef6b5e129919f6d832712cf2d8960
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c3:da:2b:cf:6b:74:98:3b:43:b3:10:55:6e:
af:39:77:2a:47:01:e5:30:88:1c:9d:ef:d8:22:a3:
06:2d:dc:3e:da:39:3e:83:1e:e3:70:11:ca:79:e4:
01:a4:59:18:6f:18:07:0c:23:eb:e6:8a:cf:78:8b:
64:cc:07:b0:83:34:60:5c:35:dc:1a:81:3c:70:90:
81:11:7b:ba:d4:5e:0e:27:03:0b:11:2c:f0:9f:bd:
f2:c8:b5:0a:8c:09:fc:1d:d5:d4:c5:52:ca:18:05:
d6:d7:2e:02:5c:00:ce:c2:89:60:09:54:36:11:10:
21:52:bb:67:29:44:e2:fe:28:bf:41:c7:c6:18:f2:
9f:be:47:4c:61:ad:eb:55:5b:38:e8:54:67:89:0d:
e4:ed:cf:ed:30:e8:73:f9:ca:f2:f6:43:99:a8:9b:
9d:e5:90:95:8c:99:f1:94:09:af:58:ff:95:03:61:
3f:7d:80:7a:69:d3:64:0f:91:52:f9:1b:22:29:ba:
4c:95:ec:21:70:e3:06:81:6d:4b:19:8a:ac:ea:30:
10:4e:6b:7f:11:23:34:7d:f7:17:ff:e0:0f:38:84:
0f:e6:1c:93:31:82:04:bc:22:a4:c5:df:3c:e3:91:
30:c0:07:aa:3a:de:1a:be:76:ce:d1:83:8a:a6:3f:
a6:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:5B:5F:3D:F9:FE:F6:B5:E1:29:91:9F:6D:83:27:12:CF:2D:89:60
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/LVtfPfn-9rXhKZGfbYMnEs8tiWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0f:b9:bd:48:e2:4e:1e:67:f9:78:16:7d:ab:bf:4f:7b:48:dc:
03:bc:84:a9:1d:9b:d7:47:4a:ab:3b:cf:d3:af:52:f2:97:2c:
bb:bc:2d:0a:b0:62:d0:0e:35:24:2c:66:e5:ff:1a:c7:28:44:
d0:35:76:c8:24:d8:fe:a6:aa:fb:49:0e:e4:64:cf:3d:eb:86:
b3:01:0a:a7:d6:ec:c3:f6:51:93:0f:71:4e:1c:01:0f:e7:f7:
2a:83:69:d5:06:d7:fb:e0:af:08:52:ae:60:40:f9:ab:41:04:
b3:24:ec:c5:6d:b6:59:ee:48:64:c9:9f:04:3b:07:26:3b:b3:
01:c7:1c:f3:5d:26:b0:5e:25:68:b6:42:8d:a1:89:4e:09:6d:
22:71:11:d7:43:54:61:57:f1:a5:54:7a:2f:34:f8:be:02:69:
4c:bd:68:6e:9d:cc:17:8a:75:70:6d:d5:08:ff:41:27:37:85:
55:8a:6b:9d:ca:8a:0e:f3:e4:58:ec:cb:e4:b4:e1:de:be:ce:
f8:a4:81:db:dc:09:c4:3f:e2:87:ec:3e:23:fa:4f:86:59:ce:
19:c2:15:89:61:31:a2:55:4c:e6:27:f6:16:cc:36:c4:dc:e2:
04:4c:bf:34:29:d7:be:04:08:6c:fd:f5:7c:a1:74:97:fc:9d:
9e:59:2f:e1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsfe+kSnBo/EVnhlRI+KQxBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDExMTYwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDViNWYzZGY5ZmVmNmI1ZTEyOTkxOWY2ZDgzMjcxMmNmMmQ4OTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcPaK89rdJg7Q7MQVW6vOXcqRwHl
MIgcne/YIqMGLdw+2jk+gx7jcBHKeeQBpFkYbxgHDCPr5orPeItkzAewgzRgXDXc
GoE8cJCBEXu61F4OJwMLESzwn73yyLUKjAn8HdXUxVLKGAXW1y4CXADOwolgCVQ2
ERAhUrtnKUTi/ii/QcfGGPKfvkdMYa3rVVs46FRniQ3k7c/tMOhz+cry9kOZqJud
5ZCVjJnxlAmvWP+VA2E/fYB6adNkD5FS+RsiKbpMlewhcOMGgW1LGYqs6jAQTmt/
ESM0ffcX/+APOIQP5hyTMYIEvCKkxd8845EwwAeqOt4avnbO0YOKpj+mPwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC1bXz35/va14SmRn22DJxLPLYlgMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvTFZ0ZlBmbi05clhoS1pHZmJZTW5Fczh0aVdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA+5vUjiTh5n+XgWfau/
T3tI3AO8hKkdm9dHSqs7z9OvUvKXLLu8LQqwYtAONSQsZuX/GscoRNA1dsgk2P6m
qvtJDuRkzz3rhrMBCqfW7MP2UZMPcU4cAQ/n9yqDadUG1/vgrwhSrmBA+atBBLMk
7MVttlnuSGTJnwQ7ByY7swHHHPNdJrBeJWi2Qo2hiU4JbSJxEddDVGFX8aVUei80
+L4CaUy9aG6dzBeKdXBt1Qj/QSc3hVWKa53Kig7z5Fjsy+S04d6+zvikgdvcCcQ/
4ofsPiP6T4ZZzhnCFYlhMaJVTOYn9hbMNsTc4gRMvzQp174ECGz99XyhdJf8nZ5Z
L+E=
-----END CERTIFICATE-----
Generated at Wed Apr 23 03:53:38 2025 by rpki-client