Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/P6HQAJ4E2o_Vqb3bz5rabMy6W6k.roa
File: P6HQAJ4E2o_Vqb3bz5rabMy6W6k.roa (raw, json)
Hash identifier: jNs1Y0WkY0WAqlEfWSAFJ2gH8qd3JYSJuWEXSSp1L8E=
Subject key identifier: 3F:A1:D0:00:9E:04:DA:8F:D5:A9:BD:DB:CF:9A:DA:6C:CC:BA:5B:A9
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AE06F3844308FD9D1CBAC7CBEF73330DA
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/P6HQAJ4E2o_Vqb3bz5rabMy6W6k.roa
Signing time: Fri 29 Sep 2023 10:14:59 +0000
ROA not before: Fri 29 Sep 2023 10:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e0:6f:38:44:30:8f:d9:d1:cb:ac:7c:be:f7:33:30:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 29 10:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3fa1d0009e04da8fd5a9bddbcf9ada6cccba5ba9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:65:16:c2:49:0f:7c:56:40:42:ad:53:c9:91:
c8:be:5f:d6:ae:f5:0f:94:f6:d5:e2:26:90:12:38:
27:be:13:34:dc:ec:0f:d2:49:68:74:35:50:6c:2a:
dc:0c:a4:38:f5:b0:15:81:db:9a:47:5f:80:fb:15:
5a:b3:b5:06:db:db:3b:ba:71:72:af:cf:9f:c1:81:
f1:5e:f2:5d:8c:1c:cb:b2:21:bc:5b:e3:89:2c:88:
91:0c:52:d8:d4:17:24:d0:ba:03:1d:cf:e5:d7:bd:
74:78:17:90:e4:f5:5c:ea:bd:d7:a0:b0:82:f2:54:
89:e8:2c:42:f3:67:6f:55:37:eb:e2:5c:c8:e7:3e:
db:ce:b1:ba:4b:01:15:e6:8b:49:ea:1d:32:23:a1:
3c:51:07:f0:7f:75:c3:7c:a8:cf:cf:e8:6d:a6:db:
82:8b:60:c7:0d:bd:df:2d:99:3d:af:c0:f7:c1:9b:
6f:3c:de:61:77:b9:ed:fb:46:c4:6e:f0:48:c0:c0:
5a:7e:86:45:c3:1f:8a:0d:de:a7:c7:ca:5e:29:9c:
71:a3:cf:0b:4a:8c:a5:7d:de:a8:08:ee:f4:c2:bf:
18:d7:6d:7f:5e:b4:37:b7:20:e1:e8:50:08:d2:16:
9d:71:0b:05:2c:e7:e4:5d:cb:55:b4:13:22:de:6d:
5f:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:A1:D0:00:9E:04:DA:8F:D5:A9:BD:DB:CF:9A:DA:6C:CC:BA:5B:A9
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/P6HQAJ4E2o_Vqb3bz5rabMy6W6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9c:df:c8:10:1a:d0:e5:11:64:bd:53:85:c1:26:60:75:a9:fe:
bb:5f:85:d3:cf:ba:03:45:9c:cd:af:68:de:c7:1a:ae:90:2c:
0b:df:37:f1:be:52:a1:a9:55:9e:5f:f3:64:5d:d0:5b:a6:aa:
e9:d8:43:62:37:fa:f1:d4:36:33:e4:f7:58:b0:3c:05:56:88:
72:51:57:f9:ac:a9:39:22:e5:c0:6b:86:c6:eb:9f:61:26:19:
8f:01:91:d3:ac:cb:af:ff:b8:4a:d2:ad:68:69:14:8e:b9:7e:
ca:cf:d0:4e:97:52:3c:1f:b1:fd:c5:83:cc:87:24:48:a9:4b:
ac:27:47:bb:cf:8c:05:86:7f:4e:0c:e3:09:c4:a7:28:9a:c3:
30:ce:6f:29:8b:d2:44:3c:66:5d:1f:78:18:f0:87:a7:b6:89:
80:26:a3:66:c2:27:b3:3b:c2:11:02:fb:04:dc:80:57:75:91:
a6:86:83:47:0e:dc:6b:63:bd:b5:38:c9:41:23:98:e0:9e:07:
99:89:74:f6:d5:c1:0a:1c:bc:4e:5a:ea:29:4e:b1:26:92:a5:
c0:5f:12:ee:d7:fc:f0:83:76:4a:c3:84:fd:2b:54:bb:ba:e1:
1a:77:db:4f:52:52:f7:aa:6b:5c:4d:c4:d1:ca:09:6a:f7:6b:
b5:f3:c6:fb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrgbzhEMI/Z0cusfL73MzDaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI5MTAxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmExZDAwMDllMDRkYThmZDVhOWJkZGJjZjlhZGE2Y2NjYmE1YmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2UWwkkPfFZAQq1TyZHIvl/WrvUP
lPbV4iaQEjgnvhM03OwP0klodDVQbCrcDKQ49bAVgduaR1+A+xVas7UG29s7unFy
r8+fwYHxXvJdjBzLsiG8W+OJLIiRDFLY1Bck0LoDHc/l1710eBeQ5PVc6r3XoLCC
8lSJ6CxC82dvVTfr4lzI5z7bzrG6SwEV5otJ6h0yI6E8UQfwf3XDfKjPz+htptuC
i2DHDb3fLZk9r8D3wZtvPN5hd7nt+0bEbvBIwMBafoZFwx+KDd6nx8peKZxxo88L
Soylfd6oCO70wr8Y121/XrQ3tyDh6FAI0hadcQsFLOfkXctVtBMi3m1fzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD+h0ACeBNqP1am928+a2mzMulupMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUDZIUUFKNEUyb19WcWIzYno1cmFiTXk2VzZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJzfyBAa0OURZL1ThcEm
YHWp/rtfhdPPugNFnM2vaN7HGq6QLAvfN/G+UqGpVZ5f82Rd0FumqunYQ2I3+vHU
NjPk91iwPAVWiHJRV/msqTki5cBrhsbrn2EmGY8BkdOsy6//uErSrWhpFI65fsrP
0E6XUjwfsf3Fg8yHJEipS6wnR7vPjAWGf04M4wnEpyiawzDObymL0kQ8Zl0feBjw
h6e2iYAmo2bCJ7M7whEC+wTcgFd1kaaGg0cO3GtjvbU4yUEjmOCeB5mJdPbVwQoc
vE5a6ilOsSaSpcBfEu7X/PCDdkrDhP0rVLu64Rp3209SUveqa1xNxNHKCWr3a7Xz
xvs=
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:51:26 2025 by rpki-client