Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/V04xuJAY4zI1hOBMB5wXuKohOtY.roa
File: V04xuJAY4zI1hOBMB5wXuKohOtY.roa (raw, json)
Hash identifier: xVcAMU4DvrAdbCaeFMcCDcHg/d9ueZR84Tz99uLq4Ak=
Subject key identifier: 57:4E:31:B8:90:18:E3:32:35:84:E0:4C:07:9C:17:B8:AA:21:3A:D6
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B6E4547840145D055275B72F265307C00
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/V04xuJAY4zI1hOBMB5wXuKohOtY.roa
Signing time: Thu 26 Oct 2023 23:15:15 +0000
ROA not before: Thu 26 Oct 2023 23:15:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6e:45:47:84:01:45:d0:55:27:5b:72:f2:65:30:7c:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 26 23:15:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=574e31b89018e3323584e04c079c17b8aa213ad6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:24:2f:53:44:4b:32:0f:34:95:1b:ee:6a:ce:
bc:ef:7b:a2:fd:59:ec:0d:47:7e:a2:ed:7f:f3:2e:
37:9e:83:0a:0a:77:72:68:c5:c3:bd:42:fe:27:90:
1c:84:1b:20:e8:87:1e:f0:96:6b:38:44:76:a4:d4:
42:f0:df:6d:ae:4f:d5:76:54:44:51:e2:80:c8:87:
81:76:52:5f:ab:58:d3:0e:89:9e:20:50:9c:1c:71:
b5:d6:97:1c:5f:fe:05:ea:8a:22:f1:51:74:3d:da:
b0:3c:c8:29:7d:ea:33:16:92:72:c9:77:73:94:f1:
ba:65:92:e7:93:e3:fe:cd:5c:1c:9d:80:0c:5e:ef:
52:82:39:c2:c9:39:70:79:3b:b4:be:e0:8f:82:5d:
94:06:0d:eb:d4:29:55:8d:c7:ea:e7:38:ca:15:aa:
13:07:03:ff:8d:8f:3a:3d:b1:df:76:a2:88:79:cb:
53:22:c4:de:1f:c4:0d:67:b1:1b:d0:20:2d:98:77:
11:77:16:7e:24:e8:f4:a4:a0:db:0a:20:1b:0a:11:
62:a9:0f:0b:15:57:db:d8:1b:d1:66:f1:d7:8f:03:
86:c3:db:2b:da:41:de:f6:38:02:c0:8a:7c:70:cf:
ff:03:ba:a4:b5:3a:f5:5d:f6:f0:24:5c:94:bf:96:
da:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:4E:31:B8:90:18:E3:32:35:84:E0:4C:07:9C:17:B8:AA:21:3A:D6
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/V04xuJAY4zI1hOBMB5wXuKohOtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
21:ee:2d:11:cd:88:ba:42:3b:f8:45:8a:4a:f9:e7:01:0b:d2:
7e:00:9f:bd:3d:23:c6:b4:99:c7:57:82:a3:86:fa:b3:04:0e:
3d:25:c7:1a:05:37:77:11:63:db:18:9e:35:42:90:a9:c7:dd:
32:cd:67:57:72:99:ff:8b:e4:34:76:2e:b5:a6:bc:c8:d7:f7:
a4:75:b3:4a:cb:de:ad:90:78:e3:4f:da:ab:cf:9c:55:fd:f6:
c6:9b:66:13:0b:c2:7a:c7:7f:c4:77:b1:0a:35:5e:a9:0c:f2:
50:71:b4:dc:f5:6d:ae:6f:b1:23:7e:2a:f3:be:68:53:84:0e:
7e:f9:32:50:f0:36:33:9e:1d:9b:21:7b:d5:fe:23:56:34:8e:
3c:3f:f9:ce:c5:0c:a2:e0:db:fa:6d:40:65:44:40:82:18:a7:
ac:36:6b:d7:0a:83:89:85:40:08:89:eb:08:e6:c1:1f:a9:94:
00:a2:3b:71:f1:0f:af:70:17:0d:cd:52:4c:06:0e:65:a2:8e:
3b:56:01:d1:fa:79:4d:0e:ef:03:fd:ae:25:df:10:e8:dc:8b:
91:3d:be:0e:a7:fa:af:27:5b:2c:94:d6:8c:77:6b:30:72:b8:
fe:97:36:7f:48:67:a9:72:36:f5:f2:63:e7:c4:29:89:fd:7d:
df:c3:35:00
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtuRUeEAUXQVSdbcvJlMHwAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI2MjMxNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzRlMzFiODkwMThlMzMyMzU4NGUwNGMwNzljMTdiOGFhMjEzYWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuiQvU0RLMg80lRvuas6873ui/Vns
DUd+ou1/8y43noMKCndyaMXDvUL+J5AchBsg6Ice8JZrOER2pNRC8N9trk/VdlRE
UeKAyIeBdlJfq1jTDomeIFCcHHG11pccX/4F6ooi8VF0PdqwPMgpfeozFpJyyXdz
lPG6ZZLnk+P+zVwcnYAMXu9SgjnCyTlweTu0vuCPgl2UBg3r1ClVjcfq5zjKFaoT
BwP/jY86PbHfdqKIectTIsTeH8QNZ7Eb0CAtmHcRdxZ+JOj0pKDbCiAbChFiqQ8L
FVfb2BvRZvHXjwOGw9sr2kHe9jgCwIp8cM//A7qktTr1XfbwJFyUv5baFwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFdOMbiQGOMyNYTgTAecF7iqITrWMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVjA0eHVKQVk0ekkxaE9CTUI1d1h1S29oT3RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACHuLRHNiLpCO/hFikr5
5wEL0n4An709I8a0mcdXgqOG+rMEDj0lxxoFN3cRY9sYnjVCkKnH3TLNZ1dymf+L
5DR2LrWmvMjX96R1s0rL3q2QeONP2qvPnFX99sabZhMLwnrHf8R3sQo1XqkM8lBx
tNz1ba5vsSN+KvO+aFOEDn75MlDwNjOeHZshe9X+I1Y0jjw/+c7FDKLg2/ptQGVE
QIIYp6w2a9cKg4mFQAiJ6wjmwR+plACiO3HxD69wFw3NUkwGDmWijjtWAdH6eU0O
7wP9riXfEOjci5E9vg6n+q8nWyyU1ox3azByuP6XNn9IZ6lyNvXyY+fEKYn9fd/D
NQA=
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:01:53 2025 by rpki-client