Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PvhOp6ClvaJVIEP-SMheE1QM9Lw.roa
File: PvhOp6ClvaJVIEP-SMheE1QM9Lw.roa (raw, json)
Hash identifier: NOyLaZlfk53nwRWXdIdNOb7EWAvh1whOu2jWRvWcOYI=
Subject key identifier: 3E:F8:4E:A7:A0:A5:BD:A2:55:20:43:FE:48:C8:5E:13:54:0C:F4:BC
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BBB4AB45657D80FC02221442335EA6F22
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PvhOp6ClvaJVIEP-SMheE1QM9Lw.roa
Signing time: Fri 10 Nov 2023 22:11:57 +0000
ROA not before: Fri 10 Nov 2023 22:11:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:bb:4a:b4:56:57:d8:0f:c0:22:21:44:23:35:ea:6f:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 10 22:11:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ef84ea7a0a5bda2552043fe48c85e13540cf4bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:fa:a5:36:e2:8a:b6:aa:be:87:85:94:49:04:
5a:83:79:10:25:d6:0a:5a:79:0e:e9:fc:54:17:2e:
e0:3d:b2:45:a7:79:e4:99:02:c3:73:d6:74:99:5a:
f4:26:e6:20:f8:31:9e:a9:62:43:24:e7:1f:4d:d2:
d0:5a:4e:04:d2:0b:90:3b:04:7c:96:fe:b5:ea:49:
e8:6f:5b:67:2c:0c:87:1d:81:47:b9:56:f1:cd:21:
50:4d:72:5b:21:e0:b4:a3:67:08:d8:14:ca:17:b0:
a1:ec:a2:1d:0f:00:cb:f0:b8:19:75:1e:19:89:9d:
02:27:8a:b6:f3:5d:79:02:b8:07:46:13:08:60:cb:
3d:e6:cd:ad:8d:31:c1:36:e8:0f:a2:53:b9:2b:0a:
13:37:b6:9a:a7:70:a3:7c:45:bc:ab:c7:39:38:1c:
6f:4f:19:6a:f9:25:ea:d8:b2:6f:9b:03:1b:e8:70:
81:0b:7d:c0:cf:2d:29:16:84:21:42:d1:e9:44:d0:
7f:6d:c9:40:87:58:b6:98:e2:f1:ec:50:25:f7:a9:
44:64:92:62:12:37:19:fb:25:f7:69:e8:4f:4c:c0:
8b:7e:65:4d:ee:db:e0:a0:26:db:c2:17:ef:4f:61:
c7:8d:fc:6d:2e:8d:de:e5:e9:33:30:7f:da:2e:50:
cd:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:F8:4E:A7:A0:A5:BD:A2:55:20:43:FE:48:C8:5E:13:54:0C:F4:BC
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PvhOp6ClvaJVIEP-SMheE1QM9Lw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7f:e7:ac:9f:41:02:e2:9a:8d:8f:31:f0:90:dc:3d:35:e3:58:
4d:82:27:de:36:00:ea:90:b7:0e:dc:2a:94:a2:9e:82:3b:75:
f0:2d:6c:cd:99:52:9a:5b:98:fd:19:d3:eb:cc:98:bc:82:f5:
1a:50:cd:de:b1:8a:49:eb:9c:71:68:ad:c2:c2:4f:cd:4b:67:
05:dd:c3:af:b8:48:09:ac:95:81:01:c3:45:40:7d:b5:b4:06:
ea:dd:94:db:f0:4f:db:7e:83:7e:d6:50:4b:78:1d:09:62:44:
dc:f6:07:35:fb:d7:dd:4f:f6:c0:9a:a9:0e:8b:ac:fc:0e:59:
9f:9a:82:43:f6:a2:23:b6:fd:9e:dc:c7:b7:9b:16:13:53:17:
30:c2:5b:a2:29:26:4e:cb:64:e0:b2:b4:5c:5b:50:76:21:ee:
03:9f:fb:68:6d:e5:8a:48:73:fc:7a:53:76:d1:27:7b:97:06:
65:66:bf:86:b5:99:4c:0a:d2:c1:f3:e9:f0:69:6a:a2:67:21:
86:84:f4:f8:66:7f:f8:83:d2:aa:7e:4e:21:29:c3:4b:18:d2:
f5:02:ef:52:e1:6c:33:71:d8:5e:21:de:c0:77:18:eb:c5:d6:
9a:a8:82:95:5c:b5:e4:19:1f:c2:bf:ec:c7:b1:cb:43:ab:84:
6f:6e:f8:1c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYu7SrRWV9gPwCIhRCM16m8iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTEwMjIxMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWY4NGVhN2EwYTViZGEyNTUyMDQzZmU0OGM4NWUxMzU0MGNmNGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzfqlNuKKtqq+h4WUSQRag3kQJdYK
WnkO6fxUFy7gPbJFp3nkmQLDc9Z0mVr0JuYg+DGeqWJDJOcfTdLQWk4E0guQOwR8
lv616knob1tnLAyHHYFHuVbxzSFQTXJbIeC0o2cI2BTKF7Ch7KIdDwDL8LgZdR4Z
iZ0CJ4q28115ArgHRhMIYMs95s2tjTHBNugPolO5KwoTN7aap3CjfEW8q8c5OBxv
Txlq+SXq2LJvmwMb6HCBC33Azy0pFoQhQtHpRNB/bclAh1i2mOLx7FAl96lEZJJi
EjcZ+yX3aehPTMCLfmVN7tvgoCbbwhfvT2HHjfxtLo3e5ekzMH/aLlDNEwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD74Tqegpb2iVSBD/kjIXhNUDPS8MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUHZoT3A2Q2x2YUpWSUVQLVNNaGVFMVFNOUx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH/nrJ9BAuKajY8x8JDc
PTXjWE2CJ942AOqQtw7cKpSinoI7dfAtbM2ZUppbmP0Z0+vMmLyC9RpQzd6xiknr
nHForcLCT81LZwXdw6+4SAmslYEBw0VAfbW0BurdlNvwT9t+g37WUEt4HQliRNz2
BzX7191P9sCaqQ6LrPwOWZ+agkP2oiO2/Z7cx7ebFhNTFzDCW6IpJk7LZOCytFxb
UHYh7gOf+2ht5YpIc/x6U3bRJ3uXBmVmv4a1mUwK0sHz6fBpaqJnIYaE9Phmf/iD
0qp+TiEpw0sY0vUC71LhbDNx2F4h3sB3GOvF1pqogpVcteQZH8K/7Mexy0OrhG9u
+Bw=
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:43:09 2025 by rpki-client