Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Rj-nKp1LxA2mEzuZAuu_AWM-kXQ.roa
File: Rj-nKp1LxA2mEzuZAuu_AWM-kXQ.roa (raw, json)
Hash identifier: l7OdjjkbuixIdeNCvTPlo2pKKOE+CAUArspd0OOKmSg=
Subject key identifier: 46:3F:A7:2A:9D:4B:C4:0D:A6:13:3B:99:02:EB:BF:01:63:3E:91:74
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B769F0921B8A49D8ECDDE29CF3A970749
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Rj-nKp1LxA2mEzuZAuu_AWM-kXQ.roa
Signing time: Sat 28 Oct 2023 14:10:15 +0000
ROA not before: Sat 28 Oct 2023 14:10:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:76:9f:09:21:b8:a4:9d:8e:cd:de:29:cf:3a:97:07:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 28 14:10:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=463fa72a9d4bc40da6133b9902ebbf01633e9174
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:71:b0:3d:ce:8a:29:7f:88:df:de:12:4c:38:
54:c1:a2:ad:6d:84:44:4d:a5:99:0d:97:97:ec:02:
02:ce:48:0a:c5:c2:30:fb:e1:d0:cb:d1:66:64:31:
80:e8:0c:fb:3e:6a:62:6b:80:84:ca:e1:a3:ef:dd:
f7:61:15:6b:e3:4f:fa:d0:9c:42:5c:d4:df:d8:47:
6a:29:c3:a3:7c:83:73:19:2d:86:39:bf:ae:cd:fd:
cd:c2:a5:ec:e7:3e:8b:fa:e4:d7:81:6c:88:0c:9a:
3b:97:12:23:48:9f:be:53:0b:ad:90:37:ab:21:9f:
52:b5:ac:71:5c:a7:68:2d:ef:62:a3:78:f5:fb:7b:
44:d6:b9:24:26:d8:8b:82:7c:92:97:d5:2f:de:8c:
04:a4:6b:7b:04:5b:eb:f5:5d:e2:56:52:e5:00:8b:
3e:a9:a4:5e:a3:ec:2d:f0:55:67:f2:ee:df:08:51:
c0:60:73:79:90:99:f7:c9:ed:5b:47:b2:58:4b:d2:
32:1c:03:a8:bf:6b:15:fb:73:47:98:93:de:c8:b6:
c0:cf:4d:1c:3f:25:e0:01:5a:59:a2:bb:1c:10:f3:
b5:8d:a5:a5:e0:07:67:03:6e:7d:1f:cd:7c:03:0e:
c2:2e:48:db:ae:e6:d3:b4:be:99:b8:3e:50:c5:2f:
e6:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:3F:A7:2A:9D:4B:C4:0D:A6:13:3B:99:02:EB:BF:01:63:3E:91:74
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Rj-nKp1LxA2mEzuZAuu_AWM-kXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
af:8e:cd:8d:0d:20:bd:75:92:f0:55:5b:5d:9d:2e:df:0c:b4:
42:09:88:e5:81:31:67:4c:94:5f:04:90:9d:f1:c1:71:7d:19:
e0:9c:4a:e3:bc:69:4c:ff:d7:30:13:d0:77:52:3c:e5:8d:1f:
c3:9d:ea:0e:9f:62:83:2f:67:e0:7e:9b:d3:9e:0f:be:64:93:
a5:b1:42:51:03:8b:c3:ff:a0:ac:e9:3d:bd:3e:82:ac:65:d9:
e6:7b:54:df:94:80:06:e2:01:b0:26:cc:5b:a5:d3:19:d5:b8:
b5:c5:69:45:e1:1e:21:b2:56:2a:30:78:04:30:1e:ef:29:1d:
a8:15:87:61:98:2c:cc:0f:68:49:88:8c:5f:27:d0:09:2d:20:
45:9c:7c:ac:c5:cb:ce:57:ca:75:87:6a:42:3e:61:84:1c:59:
fe:a2:b4:08:5b:41:56:e9:29:95:33:0a:a1:25:5e:44:fe:8e:
b6:b4:5f:e6:a1:86:b4:df:5f:eb:4b:95:9b:79:7a:00:5b:da:
68:25:48:1f:22:99:c0:23:b6:0a:71:4f:6e:37:f6:25:14:33:
68:57:19:7c:c2:8f:83:50:93:4d:48:9e:79:02:bf:ab:58:82:
b3:e7:1f:8d:3b:48:20:65:e6:09:3e:93:45:cb:97:2b:0e:e5:
1a:91:7d:7f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYt2nwkhuKSdjs3eKc86lwdJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI4MTQxMDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjNmYTcyYTlkNGJjNDBkYTYxMzNiOTkwMmViYmYwMTYzM2U5MTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3GwPc6KKX+I394STDhUwaKtbYRE
TaWZDZeX7AICzkgKxcIw++HQy9FmZDGA6Az7Pmpia4CEyuGj7933YRVr40/60JxC
XNTf2EdqKcOjfINzGS2GOb+uzf3NwqXs5z6L+uTXgWyIDJo7lxIjSJ++UwutkDer
IZ9StaxxXKdoLe9io3j1+3tE1rkkJtiLgnySl9Uv3owEpGt7BFvr9V3iVlLlAIs+
qaReo+wt8FVn8u7fCFHAYHN5kJn3ye1bR7JYS9IyHAOov2sV+3NHmJPeyLbAz00c
PyXgAVpZorscEPO1jaWl4AdnA259H818Aw7CLkjbrubTtL6ZuD5QxS/mvQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEY/pyqdS8QNphM7mQLrvwFjPpF0MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUmotbktwMUx4QTJtRXp1WkF1dV9BV00ta1hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAK+OzY0NIL11kvBVW12d
Lt8MtEIJiOWBMWdMlF8EkJ3xwXF9GeCcSuO8aUz/1zAT0HdSPOWNH8Od6g6fYoMv
Z+B+m9OeD75kk6WxQlEDi8P/oKzpPb0+gqxl2eZ7VN+UgAbiAbAmzFul0xnVuLXF
aUXhHiGyVioweAQwHu8pHagVh2GYLMwPaEmIjF8n0AktIEWcfKzFy85XynWHakI+
YYQcWf6itAhbQVbpKZUzCqElXkT+jra0X+ahhrTfX+tLlZt5egBb2mglSB8imcAj
tgpxT2439iUUM2hXGXzCj4NQk01InnkCv6tYgrPnH407SCBl5gk+k0XLlysO5RqR
fX8=
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:59:39 2025 by rpki-client