Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/VBdDP_SPKpUHuj0xQyrMXGf4On0.roa
File: VBdDP_SPKpUHuj0xQyrMXGf4On0.roa (raw, json)
Hash identifier: sYZ7sMQ4YkKY3RAwHutQZyah5vprZ2g3aTyiMtNCZqA=
Subject key identifier: 54:17:43:3F:F4:8F:2A:95:07:BA:3D:31:43:2A:CC:5C:67:F8:3A:7D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B375A4BF4A522A7AFAC11A1490B739A05
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/VBdDP_SPKpUHuj0xQyrMXGf4On0.roa
Signing time: Mon 16 Oct 2023 07:19:06 +0000
ROA not before: Mon 16 Oct 2023 07:19:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:37:5a:4b:f4:a5:22:a7:af:ac:11:a1:49:0b:73:9a:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 16 07:19:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5417433ff48f2a9507ba3d31432acc5c67f83a7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:1f:55:b0:92:3f:82:85:c1:06:b0:22:82:12:
86:c9:f5:d4:2e:b4:0f:b7:3e:e2:54:26:6d:25:6e:
8a:e9:20:b0:92:1a:a4:af:46:ac:49:29:70:15:99:
2d:36:02:94:a1:5c:35:e2:23:0e:75:85:82:61:8b:
cf:68:69:5b:14:27:df:7c:7f:bc:21:fc:17:29:e5:
a6:8c:ba:39:0a:30:37:96:29:26:c1:c7:28:23:ec:
5d:0d:55:eb:51:6c:57:02:5b:ce:6e:45:cd:03:45:
2c:1b:ef:5f:15:6c:b1:41:1b:9e:74:23:26:8e:c0:
16:63:c0:53:e7:cf:82:5a:43:c1:b8:5d:c3:33:41:
b1:5a:b6:9a:97:c8:54:a8:4a:82:ef:32:60:1b:47:
ba:7f:1b:68:14:10:d0:64:96:04:2d:3d:f4:b6:f2:
c2:29:73:b9:bf:7d:6e:a9:0c:60:cc:91:bc:0d:4a:
1d:51:8d:69:2f:f1:3e:43:b2:2b:aa:0a:ae:5f:f7:
c0:e7:f6:1a:ee:70:39:f5:a1:4a:3a:1f:9d:17:13:
e6:f4:e2:29:90:67:47:be:74:49:bc:df:12:b9:1a:
08:13:a8:4d:ae:d9:92:f0:08:2e:d9:4d:5a:d5:e0:
af:86:86:f1:60:97:27:ee:c8:2d:36:7c:c3:17:e1:
17:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:17:43:3F:F4:8F:2A:95:07:BA:3D:31:43:2A:CC:5C:67:F8:3A:7D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/VBdDP_SPKpUHuj0xQyrMXGf4On0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
80:80:a8:5f:0c:d1:08:f6:fb:64:d1:d0:4b:c0:36:4d:cb:74:
cf:86:c5:5f:bc:d4:22:fe:81:0e:d2:17:4c:41:bf:c2:ea:5d:
8c:93:52:7e:fb:d2:ca:8e:1c:e0:2f:2a:89:9f:be:8d:de:57:
85:d2:03:b2:50:9d:0e:f4:15:45:d7:5a:ab:36:52:3d:97:ad:
fd:8d:db:53:87:8d:ba:c0:a1:58:57:8d:e5:d9:9d:f2:2c:cd:
70:68:96:4c:73:1d:7a:1c:b2:8f:c3:72:85:32:45:3a:2f:82:
0e:7b:7c:3f:3f:18:7f:3f:52:a4:fd:09:d7:06:10:a7:7b:19:
c7:f7:a0:e5:7f:5b:3b:f5:f1:e9:89:4c:49:db:46:a2:8d:c0:
d1:2e:8e:e2:82:64:65:ac:53:da:59:5e:a6:d6:12:fd:09:ce:
e0:81:2a:6d:9f:97:48:9f:28:d1:99:0d:c6:55:38:6e:75:50:
18:68:cf:b7:91:d1:d9:6a:a6:22:81:05:9f:9c:46:80:b6:1f:
ec:29:40:47:f8:e0:66:98:54:38:a8:37:d4:7f:80:9d:a2:e1:
f4:49:3a:0b:b7:bf:bb:c2:9f:9e:43:c2:47:f6:4f:64:65:b7:
51:d1:35:de:4c:8f:69:2f:a3:8e:e8:20:1d:e7:f5:ad:e7:8d:
7f:e2:6c:3e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYs3Wkv0pSKnr6wRoUkLc5oFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE2MDcxOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDE3NDMzZmY0OGYyYTk1MDdiYTNkMzE0MzJhY2M1YzY3ZjgzYTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAph9VsJI/goXBBrAighKGyfXULrQP
tz7iVCZtJW6K6SCwkhqkr0asSSlwFZktNgKUoVw14iMOdYWCYYvPaGlbFCfffH+8
IfwXKeWmjLo5CjA3likmwccoI+xdDVXrUWxXAlvObkXNA0UsG+9fFWyxQRuedCMm
jsAWY8BT58+CWkPBuF3DM0GxWraal8hUqEqC7zJgG0e6fxtoFBDQZJYELT30tvLC
KXO5v31uqQxgzJG8DUodUY1pL/E+Q7IrqgquX/fA5/Ya7nA59aFKOh+dFxPm9OIp
kGdHvnRJvN8SuRoIE6hNrtmS8Agu2U1a1eCvhobxYJcn7sgtNnzDF+EXtwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFQXQz/0jyqVB7o9MUMqzFxn+Dp9MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVkJkRFBfU1BLcFVIdWoweFF5ck1YR2Y0T24wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAICAqF8M0Qj2+2TR0EvA
Nk3LdM+GxV+81CL+gQ7SF0xBv8LqXYyTUn770sqOHOAvKomfvo3eV4XSA7JQnQ70
FUXXWqs2Uj2Xrf2N21OHjbrAoVhXjeXZnfIszXBolkxzHXocso/DcoUyRTovgg57
fD8/GH8/UqT9CdcGEKd7Gcf3oOV/Wzv18emJTEnbRqKNwNEujuKCZGWsU9pZXqbW
Ev0JzuCBKm2fl0ifKNGZDcZVOG51UBhoz7eR0dlqpiKBBZ+cRoC2H+wpQEf44GaY
VDioN9R/gJ2i4fRJOgu3v7vCn55Dwkf2T2Rlt1HRNd5Mj2kvo47oIB3n9a3njX/i
bD4=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:17:41 2025 by rpki-client