Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/NFyKbqnkfSOgDrS4phViowbj4nQ.roa
File: NFyKbqnkfSOgDrS4phViowbj4nQ.roa (raw, json)
Hash identifier: 7nzqCpPDgLYhwX26vcc1LSEmKxZ7Jvj054ngKATw210=
Subject key identifier: 34:5C:8A:6E:A9:E4:7D:23:A0:0E:B4:B8:A6:15:62:A3:06:E3:E2:74
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C01B0C7313775A3F9FD90851FCF86AB4A
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/NFyKbqnkfSOgDrS4phViowbj4nQ.roa
Signing time: Fri 24 Nov 2023 14:16:51 +0000
ROA not before: Fri 24 Nov 2023 14:16:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:01:b0:c7:31:37:75:a3:f9:fd:90:85:1f:cf:86:ab:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 24 14:16:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=345c8a6ea9e47d23a00eb4b8a61562a306e3e274
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ae:ce:e7:25:d2:95:29:b2:aa:17:d1:d8:17:
ad:54:de:c1:79:6c:c5:45:75:58:13:a8:06:af:57:
01:9d:fe:0b:65:d2:54:ee:5e:6d:c4:a6:c6:7c:d8:
84:42:1d:fd:17:9e:b7:10:69:b9:a0:c1:75:51:09:
67:50:54:d9:ed:b3:1b:94:ae:85:3f:e1:8f:f4:e2:
41:db:5c:50:00:e8:c0:71:b9:6d:a3:11:67:19:0b:
5c:7f:8d:14:bb:8e:20:fd:2c:d8:3c:5f:c3:c3:01:
09:ec:34:c8:af:b1:af:05:02:20:f6:fe:9a:85:53:
6c:89:6a:ab:90:e5:10:a7:6e:2b:5d:bf:51:a1:91:
79:99:3d:ef:50:4b:f1:23:cf:5c:e4:76:68:67:e1:
e6:d8:38:bb:ee:3e:55:6b:d5:e4:a2:e5:c8:26:25:
9e:8c:b9:5d:36:80:e5:37:4e:d3:d4:30:76:42:64:
87:da:52:81:6a:5a:49:96:c1:45:05:24:bf:30:be:
24:61:ee:9c:9b:ef:4e:1c:ec:ba:45:a9:de:ca:39:
56:1a:03:a9:26:72:40:b0:91:bf:25:b3:e1:42:a3:
03:c6:30:43:33:21:59:69:a9:ce:77:0b:91:92:95:
f4:52:cf:c1:04:ec:aa:03:6d:1b:06:9d:d1:f0:b4:
4f:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:5C:8A:6E:A9:E4:7D:23:A0:0E:B4:B8:A6:15:62:A3:06:E3:E2:74
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/NFyKbqnkfSOgDrS4phViowbj4nQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
58:47:ea:ac:06:a1:a2:c5:4d:25:db:37:9f:0f:1e:73:79:ba:
d6:c7:ed:53:cc:46:2e:00:07:23:8e:3a:17:b2:2c:6a:81:bb:
0e:f4:c6:05:9b:59:95:ce:70:aa:c6:de:8f:d0:41:08:22:8e:
7c:12:02:d6:a4:06:fb:00:f8:e6:92:a0:4f:dd:e1:22:68:f1:
6e:93:01:10:e2:ff:4f:5a:44:c0:9d:f4:4b:23:29:b6:6a:bb:
6a:97:f4:c7:74:74:cb:b0:5e:d0:4c:00:a3:ac:b8:b1:cd:fb:
53:57:a5:3e:8b:d3:7f:a9:e6:66:03:8f:af:83:6c:8f:d4:92:
6c:97:9b:3e:91:21:69:52:3a:e1:c3:44:ef:35:cc:40:c7:6f:
a2:b4:db:46:6a:7a:ed:5e:dc:f0:38:fe:1e:a9:ce:94:5e:34:
13:52:7f:64:14:35:cd:59:02:15:e3:bc:a8:85:db:f7:b4:84:
e1:9b:7b:26:4e:da:cb:a5:e8:da:85:b1:f3:98:88:36:9c:dd:
84:2f:2a:c4:f1:bc:b6:1f:74:cf:eb:63:4c:09:53:52:b7:55:
8a:5c:7c:ae:10:9e:04:46:fe:ef:a1:70:59:64:3c:31:f0:ef:
fc:d0:1d:78:48:6c:2b:3a:26:72:04:f8:71:20:b1:40:2e:4d:
00:cb:3b:ec
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwBsMcxN3Wj+f2QhR/PhqtKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI0MTQxNjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDVjOGE2ZWE5ZTQ3ZDIzYTAwZWI0YjhhNjE1NjJhMzA2ZTNlMjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoq7O5yXSlSmyqhfR2BetVN7BeWzF
RXVYE6gGr1cBnf4LZdJU7l5txKbGfNiEQh39F563EGm5oMF1UQlnUFTZ7bMblK6F
P+GP9OJB21xQAOjAcbltoxFnGQtcf40Uu44g/SzYPF/DwwEJ7DTIr7GvBQIg9v6a
hVNsiWqrkOUQp24rXb9RoZF5mT3vUEvxI89c5HZoZ+Hm2Di77j5Va9XkouXIJiWe
jLldNoDlN07T1DB2QmSH2lKBalpJlsFFBSS/ML4kYe6cm+9OHOy6RaneyjlWGgOp
JnJAsJG/JbPhQqMDxjBDMyFZaanOdwuRkpX0Us/BBOyqA20bBp3R8LRPywIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDRcim6p5H0joA60uKYVYqMG4+J0MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvTkZ5S2JxbmtmU09nRHJTNHBoVmlvd2JqNG5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFhH6qwGoaLFTSXbN58P
HnN5utbH7VPMRi4AByOOOheyLGqBuw70xgWbWZXOcKrG3o/QQQgijnwSAtakBvsA
+OaSoE/d4SJo8W6TARDi/09aRMCd9EsjKbZqu2qX9Md0dMuwXtBMAKOsuLHN+1NX
pT6L03+p5mYDj6+DbI/UkmyXmz6RIWlSOuHDRO81zEDHb6K020Zqeu1e3PA4/h6p
zpReNBNSf2QUNc1ZAhXjvKiF2/e0hOGbeyZO2sul6NqFsfOYiDac3YQvKsTxvLYf
dM/rY0wJU1K3VYpcfK4QngRG/u+hcFlkPDHw7/zQHXhIbCs6JnIE+HEgsUAuTQDL
O+w=
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:55:32 2025 by rpki-client