Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/P0v-tnvZP8WqEOo93vkqypSoUKk.roa
File: P0v-tnvZP8WqEOo93vkqypSoUKk.roa (raw, json)
Hash identifier: GUthsdBtAUEu5rEyw46DN+lgMmKYNJXmCpgnytYccJ0=
Subject key identifier: 3F:4B:FE:B6:7B:D9:3F:C5:AA:10:EA:3D:DE:F9:2A:CA:94:A8:50:A9
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BA340D1344B307D10EED19468D1FA7D97
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/P0v-tnvZP8WqEOo93vkqypSoUKk.roa
Signing time: Mon 06 Nov 2023 06:10:15 +0000
ROA not before: Mon 06 Nov 2023 06:10:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a3:40:d1:34:4b:30:7d:10:ee:d1:94:68:d1:fa:7d:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 6 06:10:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f4bfeb67bd93fc5aa10ea3ddef92aca94a850a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d2:95:a6:99:fc:a5:96:ce:b7:a6:02:8e:db:
6c:7e:0b:0d:a1:d7:a4:73:3c:b9:7e:74:cc:83:c0:
f5:d0:cd:58:81:b6:de:1f:36:44:45:e1:69:c9:0a:
e9:5a:82:fb:20:f2:ed:6c:9e:d7:dd:f1:29:4c:ab:
ef:b4:02:8b:e9:cf:a6:71:8d:4d:30:1a:b9:2b:1e:
3e:6d:48:d9:07:c9:e9:ca:8a:a0:85:3c:26:34:b0:
3c:fe:31:77:e1:b2:4d:8f:76:97:1e:d8:ac:62:18:
14:4b:49:b0:f7:2d:6e:2f:6b:1e:d1:d8:dc:ba:25:
f9:52:3d:eb:5e:b9:94:4e:b7:6d:c6:65:25:f2:05:
a8:64:2e:72:22:c2:3c:32:5e:01:31:c0:4a:87:08:
fa:54:c8:49:92:5f:53:7d:09:52:96:65:85:fa:8f:
fb:a2:06:ef:62:57:0e:12:e6:57:72:86:0d:2d:af:
83:86:5d:09:73:76:a9:29:10:0a:26:c2:99:ee:fc:
b7:9e:7f:dc:0f:1e:dd:a9:04:b3:9d:67:83:0a:7d:
f7:7e:e8:7a:e4:e2:ff:60:ff:89:eb:68:02:dd:20:
6d:dc:68:a5:93:eb:cf:cd:35:11:8d:df:05:3f:06:
a9:9f:4a:f7:2f:a0:86:4c:f0:04:ac:87:ff:6e:71:
76:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:4B:FE:B6:7B:D9:3F:C5:AA:10:EA:3D:DE:F9:2A:CA:94:A8:50:A9
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/P0v-tnvZP8WqEOo93vkqypSoUKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
36:6b:1b:35:7c:61:42:22:fd:b7:8d:88:f7:24:94:6b:9b:0a:
90:d3:f5:0e:a2:39:8f:d3:82:93:6d:05:45:4d:8d:b5:0b:a5:
b0:0e:9e:25:0d:de:00:ea:42:8d:39:d0:88:82:06:2c:a0:33:
22:52:93:04:ed:30:91:92:8e:4b:7d:e2:f1:df:84:a4:25:03:
0d:e6:63:8b:c2:bf:f5:88:7b:c0:36:fb:a7:73:8f:b5:6d:92:
87:75:2f:da:e5:c1:50:40:d6:dc:e3:0a:f2:2c:3a:8b:dc:1c:
70:e3:ea:fe:bc:dc:e9:f3:d0:fa:60:19:62:29:e5:cf:b8:fc:
43:c2:a7:cc:be:22:21:63:81:1e:02:6a:b2:e6:7c:16:7d:1a:
e7:75:e9:52:a1:21:49:9d:70:5a:f2:b1:46:5f:3d:e7:35:c5:
1d:96:5b:33:0f:ce:2c:cc:d2:20:d4:aa:aa:0d:1a:e4:99:0b:
d2:bc:60:18:a5:ec:24:58:8f:52:7d:00:0b:34:37:e0:bc:b0:
f8:d1:57:46:0b:9e:4d:50:d3:01:64:d5:c0:d1:f9:17:da:47:
22:90:25:d8:6f:74:cf:d6:ca:be:8e:d7:82:33:d6:8c:42:ff:
20:f4:45:9e:e0:de:fb:b1:ce:c5:d3:19:38:88:ba:eb:e5:37:
f6:0e:13:26
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYujQNE0SzB9EO7RlGjR+n2XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA2MDYxMDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjRiZmViNjdiZDkzZmM1YWExMGVhM2RkZWY5MmFjYTk0YTg1MGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9KVppn8pZbOt6YCjttsfgsNodek
czy5fnTMg8D10M1YgbbeHzZEReFpyQrpWoL7IPLtbJ7X3fEpTKvvtAKL6c+mcY1N
MBq5Kx4+bUjZB8npyoqghTwmNLA8/jF34bJNj3aXHtisYhgUS0mw9y1uL2se0djc
uiX5Uj3rXrmUTrdtxmUl8gWoZC5yIsI8Ml4BMcBKhwj6VMhJkl9TfQlSlmWF+o/7
ogbvYlcOEuZXcoYNLa+Dhl0Jc3apKRAKJsKZ7vy3nn/cDx7dqQSznWeDCn33fuh6
5OL/YP+J62gC3SBt3Gilk+vPzTURjd8FPwapn0r3L6CGTPAErIf/bnF2ywIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD9L/rZ72T/FqhDqPd75KsqUqFCpMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUDB2LXRudlpQOFdxRU9vOTN2a3F5cFNvVUtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADZrGzV8YUIi/beNiPck
lGubCpDT9Q6iOY/TgpNtBUVNjbULpbAOniUN3gDqQo050IiCBiygMyJSkwTtMJGS
jkt94vHfhKQlAw3mY4vCv/WIe8A2+6dzj7Vtkod1L9rlwVBA1tzjCvIsOovcHHDj
6v683Onz0PpgGWIp5c+4/EPCp8y+IiFjgR4CarLmfBZ9Gud16VKhIUmdcFrysUZf
Pec1xR2WWzMPzizM0iDUqqoNGuSZC9K8YBil7CRYj1J9AAs0N+C8sPjRV0YLnk1Q
0wFk1cDR+RfaRyKQJdhvdM/Wyr6O14Iz1oxC/yD0RZ7g3vuxzsXTGTiIuuvlN/YO
EyY=
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:05:32 2025 by rpki-client