Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/P1OTM6hdFAaW0ieEr0PVNcRr64k.roa
File: P1OTM6hdFAaW0ieEr0PVNcRr64k.roa (raw, json)
Hash identifier: acjkXvcV+VTbWgWKPhJ65xRPDRb65rZeacIT+SpxGn8=
Subject key identifier: 3F:53:93:33:A8:5D:14:06:96:D2:27:84:AF:43:D5:35:C4:6B:EB:89
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AEF05A7E99367E0C2472E0FB81B9F654C
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/P1OTM6hdFAaW0ieEr0PVNcRr64k.roa
Signing time: Mon 02 Oct 2023 06:13:59 +0000
ROA not before: Mon 02 Oct 2023 06:13:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ef:05:a7:e9:93:67:e0:c2:47:2e:0f:b8:1b:9f:65:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 2 06:13:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f539333a85d140696d22784af43d535c46beb89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d0:0d:90:71:1e:41:2d:00:32:46:df:28:b1:
0e:af:0d:30:18:dd:c6:63:52:f6:04:82:93:6b:69:
8e:12:80:0e:1a:e7:b8:11:4c:be:4b:d4:2d:9b:93:
17:ea:e8:68:13:2e:a7:ea:f4:df:a0:10:af:d0:49:
30:9e:91:96:78:67:f5:62:a0:bd:27:5b:20:05:21:
6a:e6:86:c4:85:1c:0a:7a:18:26:3b:72:9f:38:ae:
8c:4a:fe:c9:7d:bb:1f:63:3c:f9:71:72:df:82:0d:
e9:7e:d4:a2:cc:fb:62:78:7d:72:62:4c:90:a0:0e:
db:ca:b7:e3:5d:db:c6:be:8f:24:99:9b:66:78:89:
a7:f0:80:b1:6f:d2:4c:db:e3:c3:84:cc:0c:d5:2e:
6b:44:10:39:2e:9a:67:79:18:9e:1e:49:03:a7:64:
34:34:ec:f1:91:c9:f9:01:23:57:e1:f0:fc:a8:82:
47:27:9f:59:55:f7:aa:a7:7a:d4:68:11:4d:0a:fd:
6b:11:20:e6:f8:86:88:cd:72:fd:7f:33:29:d2:91:
d9:60:c0:73:e2:36:9c:73:ef:7e:4d:bf:b5:90:8b:
f0:ac:ed:58:a6:d4:a7:3d:bb:a4:94:cf:e7:84:16:
3f:3a:f6:a1:01:9d:18:a6:1c:d8:ea:a4:fd:51:68:
53:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:53:93:33:A8:5D:14:06:96:D2:27:84:AF:43:D5:35:C4:6B:EB:89
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/P1OTM6hdFAaW0ieEr0PVNcRr64k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
d2:b1:13:00:25:15:69:ad:99:a0:55:b0:81:e6:3c:00:ac:59:
75:1a:b7:9e:a1:86:d8:cd:a3:6f:c4:2a:09:f5:1a:7b:11:af:
85:24:c0:f4:4b:5f:2a:64:ef:cf:3e:47:02:bf:52:9b:7d:f5:
aa:d4:67:91:d3:55:b3:89:82:78:db:8c:d4:c1:f8:dd:7a:14:
4d:4e:5f:a6:9e:ea:55:02:1c:77:cf:53:81:d0:a0:04:77:2e:
c8:b5:66:9b:7d:59:09:8b:b5:70:8c:85:df:9c:57:28:ec:fd:
86:e4:fb:4a:72:8b:b4:77:d1:09:f7:8e:13:07:3b:f6:63:51:
42:9f:61:2e:e9:d3:0c:9b:5b:c8:c3:78:23:7c:d6:78:af:29:
f0:51:03:35:08:aa:44:d0:7b:5b:42:44:58:21:81:05:23:0f:
49:5f:32:25:d5:c7:f1:d6:36:91:3d:ed:af:35:47:65:a2:63:
7b:77:fb:11:29:7a:3f:09:b1:30:c0:51:93:2b:ec:5e:62:52:
1c:28:32:fd:de:47:04:6b:0e:11:00:59:82:04:1b:5c:c3:89:
1f:d3:c1:60:e7:99:13:ac:29:b0:c4:f8:d5:bb:55:fb:7b:48:
d0:d5:58:9c:07:32:53:fb:42:cb:85:0d:61:69:47:9e:a0:09:
e6:4e:38:4e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrvBafpk2fgwkcuD7gbn2VMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDAyMDYxMzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjUzOTMzM2E4NWQxNDA2OTZkMjI3ODRhZjQzZDUzNWM0NmJlYjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9ANkHEeQS0AMkbfKLEOrw0wGN3G
Y1L2BIKTa2mOEoAOGue4EUy+S9Qtm5MX6uhoEy6n6vTfoBCv0EkwnpGWeGf1YqC9
J1sgBSFq5obEhRwKehgmO3KfOK6MSv7JfbsfYzz5cXLfgg3pftSizPtieH1yYkyQ
oA7byrfjXdvGvo8kmZtmeImn8ICxb9JM2+PDhMwM1S5rRBA5LppneRieHkkDp2Q0
NOzxkcn5ASNX4fD8qIJHJ59ZVfeqp3rUaBFNCv1rESDm+IaIzXL9fzMp0pHZYMBz
4jacc+9+Tb+1kIvwrO1YptSnPbuklM/nhBY/OvahAZ0YphzY6qT9UWhTDQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD9TkzOoXRQGltInhK9D1TXEa+uJMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUDFPVE02aGRGQWFXMGllRXIwUFZOY1JyNjRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBANKxEwAlFWmtmaBVsIHm
PACsWXUat56hhtjNo2/EKgn1GnsRr4UkwPRLXypk788+RwK/Upt99arUZ5HTVbOJ
gnjbjNTB+N16FE1OX6ae6lUCHHfPU4HQoAR3Lsi1Zpt9WQmLtXCMhd+cVyjs/Ybk
+0pyi7R30Qn3jhMHO/ZjUUKfYS7p0wybW8jDeCN81nivKfBRAzUIqkTQe1tCRFgh
gQUjD0lfMiXVx/HWNpE97a81R2WiY3t3+xEpej8JsTDAUZMr7F5iUhwoMv3eRwRr
DhEAWYIEG1zDiR/TwWDnmROsKbDE+NW7Vft7SNDVWJwHMlP7QsuFDWFpR56gCeZO
OE4=
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:19:45 2025 by rpki-client