Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PFIJNFX70dwEg38ZBJJi1DTAFxY.roa
File: PFIJNFX70dwEg38ZBJJi1DTAFxY.roa (raw, json)
Hash identifier: y8k7Ei5FAsK7SWb1LPrEKkOOzOr287otvD9eMVr7cZQ=
Subject key identifier: 3C:52:09:34:55:FB:D1:DC:04:83:7F:19:04:92:62:D4:34:C0:17:16
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C0744D97D73C3632B3E81D2C2905BF1DF
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PFIJNFX70dwEg38ZBJJi1DTAFxY.roa
Signing time: Sat 25 Nov 2023 16:16:41 +0000
ROA not before: Sat 25 Nov 2023 16:16:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:07:44:d9:7d:73:c3:63:2b:3e:81:d2:c2:90:5b:f1:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 25 16:16:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c52093455fbd1dc04837f19049262d434c01716
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:94:32:50:6d:d4:67:70:e4:88:67:04:97:e6:
5b:0e:ca:3e:00:32:94:e8:78:c2:54:5d:08:81:47:
49:84:7e:fa:c5:ef:0a:8c:d8:70:84:95:9c:3a:39:
89:ed:e2:ec:43:12:3b:f4:34:c3:c3:58:e0:4d:50:
1c:b7:2e:29:c2:cb:2f:8a:ea:98:11:39:40:db:0a:
6f:7b:b1:76:f7:99:89:0a:d4:e2:2a:58:c8:8e:a9:
a2:6f:eb:12:00:bc:ca:1f:33:53:89:34:eb:16:ed:
cd:6b:c0:42:95:03:c4:22:e9:d6:47:8e:cb:5d:d9:
73:52:61:09:6b:c0:07:b1:e2:44:7f:3b:fc:61:8c:
95:7b:81:77:1f:3b:e7:6f:43:31:c7:6a:69:f3:b4:
a0:de:11:de:b1:19:37:65:8c:ae:da:08:e0:e4:96:
94:9f:85:35:b0:1f:40:b8:71:f4:6a:a3:f4:41:f4:
53:ed:a0:da:03:f7:7e:4f:cf:0b:59:7d:fc:35:0f:
70:d6:61:39:7d:a6:1f:3b:7d:a3:4a:8a:c8:9d:8b:
de:7c:b9:fe:14:b9:f2:44:63:a8:89:1c:39:49:e2:
a4:b8:04:25:44:2d:a3:40:c1:5e:80:68:0d:cb:8c:
58:1b:68:55:ef:5e:2d:81:78:c6:b5:43:39:26:3d:
1e:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:52:09:34:55:FB:D1:DC:04:83:7F:19:04:92:62:D4:34:C0:17:16
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PFIJNFX70dwEg38ZBJJi1DTAFxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
26:d7:be:22:58:89:20:23:89:cc:b9:8d:1a:02:b8:32:9f:db:
48:da:86:aa:27:e2:cd:19:6d:ea:93:f3:74:b4:43:fe:8c:f8:
b3:1d:a4:9f:89:ad:e4:83:13:4f:3f:86:86:5d:d4:b2:14:28:
4a:6d:7f:8a:f8:09:1e:9e:4e:b8:14:ad:3b:be:18:80:bb:c2:
bc:f0:48:ad:6b:43:2f:95:3a:8c:8f:66:76:8b:f6:ef:1a:da:
6b:98:71:59:a7:2b:e4:df:84:6d:74:fc:c9:5b:47:d0:ae:44:
56:62:17:ec:b1:83:b6:e8:ae:83:7a:31:a2:f0:15:0c:6c:4c:
70:94:0d:ed:b0:f5:52:5d:b3:9a:b8:a2:92:b3:2e:ba:29:c1:
fd:cc:b0:bc:e9:c7:cc:06:8b:49:e7:ba:85:5b:da:37:02:ce:
50:81:3b:5d:53:35:80:d8:3c:f7:75:bb:0f:45:05:e6:45:64:
6f:65:b7:39:6f:87:5e:59:c1:6d:b9:f6:ad:af:b0:5f:58:6e:
7e:5e:4e:96:41:ba:be:aa:a6:46:d7:18:8c:bc:5c:6b:60:14:
f7:fa:fb:1e:bf:40:68:e3:a8:2f:ff:94:51:84:17:16:84:21:
85:77:9d:d7:08:ad:ba:b2:9b:92:ee:cb:4b:31:8a:35:f6:cb:
2c:8a:1f:55
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwHRNl9c8NjKz6B0sKQW/HfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI1MTYxNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzUyMDkzNDU1ZmJkMWRjMDQ4MzdmMTkwNDkyNjJkNDM0YzAxNzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZQyUG3UZ3DkiGcEl+ZbDso+ADKU
6HjCVF0IgUdJhH76xe8KjNhwhJWcOjmJ7eLsQxI79DTDw1jgTVActy4pwssviuqY
ETlA2wpve7F295mJCtTiKljIjqmib+sSALzKHzNTiTTrFu3Na8BClQPEIunWR47L
XdlzUmEJa8AHseJEfzv8YYyVe4F3Hzvnb0Mxx2pp87Sg3hHesRk3ZYyu2gjg5JaU
n4U1sB9AuHH0aqP0QfRT7aDaA/d+T88LWX38NQ9w1mE5faYfO32jSorInYvefLn+
FLnyRGOoiRw5SeKkuAQlRC2jQMFegGgNy4xYG2hV714tgXjGtUM5Jj0e2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDxSCTRV+9HcBIN/GQSSYtQ0wBcWMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUEZJSk5GWDcwZHdFZzM4WkJKSmkxRFRBRnhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACbXviJYiSAjicy5jRoC
uDKf20jahqon4s0ZbeqT83S0Q/6M+LMdpJ+JreSDE08/hoZd1LIUKEptf4r4CR6e
TrgUrTu+GIC7wrzwSK1rQy+VOoyPZnaL9u8a2muYcVmnK+TfhG10/MlbR9CuRFZi
F+yxg7boroN6MaLwFQxsTHCUDe2w9VJds5q4opKzLropwf3MsLzpx8wGi0nnuoVb
2jcCzlCBO11TNYDYPPd1uw9FBeZFZG9ltzlvh15ZwW259q2vsF9Ybn5eTpZBur6q
pkbXGIy8XGtgFPf6+x6/QGjjqC//lFGEFxaEIYV3ndcIrbqym5Luy0sxijX2yyyK
H1U=
-----END CERTIFICATE-----
Generated at Tue Apr 22 14:25:17 2025 by rpki-client