Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/S02f-fyIt_GV-BUGyM3dHyWEZ8M.roa
File: S02f-fyIt_GV-BUGyM3dHyWEZ8M.roa (raw, json)
Hash identifier: z7k3l9iAvy9xpMUk/SrR7iAQ2izqM8Co0ZI8/ikEyeY=
Subject key identifier: 4B:4D:9F:F9:FC:88:B7:F1:95:F8:15:06:C8:CD:DD:1F:25:84:67:C3
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B329C24A46DCF82505BE70A47D4846800
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/S02f-fyIt_GV-BUGyM3dHyWEZ8M.roa
Signing time: Sun 15 Oct 2023 09:12:55 +0000
ROA not before: Sun 15 Oct 2023 09:12:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:32:9c:24:a4:6d:cf:82:50:5b:e7:0a:47:d4:84:68:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 15 09:12:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b4d9ff9fc88b7f195f81506c8cddd1f258467c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b0:73:dd:e6:b2:71:60:16:8d:5d:0b:01:57:
23:d4:ed:5a:be:4b:d8:70:5c:cd:64:6e:99:2f:be:
aa:fb:e5:d3:c9:bf:e2:aa:8d:31:3f:a8:fc:67:23:
9a:d2:c3:95:75:38:2a:8e:20:23:5d:81:af:8f:92:
3e:3f:10:eb:0f:9e:7c:1e:8d:60:af:b6:3c:8e:f0:
ed:27:db:8c:23:b5:99:89:21:b2:f5:31:af:44:9c:
4d:c5:90:0e:31:28:4a:49:1e:69:60:7e:64:0c:c9:
e7:8e:a3:2f:50:b2:47:49:c4:aa:a9:61:31:34:9b:
8b:41:e1:04:71:6f:e9:be:94:f1:fb:e8:26:de:83:
5e:df:b3:4f:13:12:1e:03:26:44:77:7d:9f:bc:04:
00:02:08:c1:71:3b:ef:cd:7a:6a:cc:24:36:b6:9c:
ff:c4:67:4b:85:c3:1e:67:26:b5:b5:93:72:ac:4a:
13:75:ad:b0:f8:86:d7:c0:f4:bc:97:42:86:6a:20:
cb:cf:c8:c4:87:02:db:7e:74:39:a3:3d:64:23:60:
eb:e2:0d:69:6f:ff:f7:03:09:87:63:fb:94:d3:e5:
7b:b9:72:f1:66:01:d4:6d:11:11:60:43:7f:13:f5:
51:78:21:c0:a2:df:9a:4e:3e:ad:c7:6a:7e:75:0a:
e7:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:4D:9F:F9:FC:88:B7:F1:95:F8:15:06:C8:CD:DD:1F:25:84:67:C3
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/S02f-fyIt_GV-BUGyM3dHyWEZ8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9b:19:14:11:1b:df:bb:89:4e:8f:62:23:81:3d:79:e1:3d:01:
20:9a:3f:71:e9:c3:d1:ca:2a:75:50:48:a6:5f:9e:bc:a9:31:
be:3e:f6:ac:cd:22:d1:13:3a:e1:bb:e5:78:1a:f5:52:2d:88:
63:d1:fa:08:a5:7e:03:d3:a0:fb:ae:a2:0d:51:df:25:53:b7:
d8:e9:b4:e7:fe:60:c7:da:02:49:e1:d1:2a:71:db:e5:18:34:
67:51:e5:eb:32:94:c0:ef:b9:95:65:9b:2e:18:fd:5d:57:56:
0f:5d:ee:e6:38:3a:57:a3:d2:43:a0:95:81:6b:fb:d8:83:1c:
80:d4:d4:ac:fb:be:11:24:b3:30:87:ca:a3:b5:30:24:a1:d4:
cb:16:f2:80:bf:67:18:c9:99:fc:b6:c0:98:d1:b0:70:d6:55:
46:6b:0b:82:d3:f4:11:8a:e1:a2:fd:50:55:45:2f:e6:5a:6f:
ee:95:25:8b:8e:f0:24:9c:0f:56:f4:ba:a0:37:c0:c6:3b:26:
69:ee:29:94:39:c4:3f:5d:4f:b5:a1:42:c9:9a:87:3c:e0:b9:
8a:47:72:e8:fb:bb:9c:5f:4d:9a:6f:8a:19:13:90:c7:b5:b8:
96:65:6b:fd:26:9a:51:ce:47:c0:24:3d:01:73:1c:d6:51:46:
89:30:e1:ef
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsynCSkbc+CUFvnCkfUhGgAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE1MDkxMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjRkOWZmOWZjODhiN2YxOTVmODE1MDZjOGNkZGQxZjI1ODQ2N2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7Bz3eaycWAWjV0LAVcj1O1avkvY
cFzNZG6ZL76q++XTyb/iqo0xP6j8ZyOa0sOVdTgqjiAjXYGvj5I+PxDrD558Ho1g
r7Y8jvDtJ9uMI7WZiSGy9TGvRJxNxZAOMShKSR5pYH5kDMnnjqMvULJHScSqqWEx
NJuLQeEEcW/pvpTx++gm3oNe37NPExIeAyZEd32fvAQAAgjBcTvvzXpqzCQ2tpz/
xGdLhcMeZya1tZNyrEoTda2w+IbXwPS8l0KGaiDLz8jEhwLbfnQ5oz1kI2Dr4g1p
b//3AwmHY/uU0+V7uXLxZgHUbRERYEN/E/VReCHAot+aTj6tx2p+dQrnOQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEtNn/n8iLfxlfgVBsjN3R8lhGfDMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUzAyZi1meUl0X0dWLUJVR3lNM2RIeVdFWjhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJsZFBEb37uJTo9iI4E9
eeE9ASCaP3Hpw9HKKnVQSKZfnrypMb4+9qzNItETOuG75Xga9VItiGPR+gilfgPT
oPuuog1R3yVTt9jptOf+YMfaAknh0Spx2+UYNGdR5esylMDvuZVlmy4Y/V1XVg9d
7uY4Olej0kOglYFr+9iDHIDU1Kz7vhEkszCHyqO1MCSh1MsW8oC/ZxjJmfy2wJjR
sHDWVUZrC4LT9BGK4aL9UFVFL+Zab+6VJYuO8CScD1b0uqA3wMY7JmnuKZQ5xD9d
T7WhQsmahzzguYpHcuj7u5xfTZpvihkTkMe1uJZla/0mmlHOR8AkPQFzHNZRRokw
4e8=
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:38:51 2025 by rpki-client