Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/VmXVc5a0iidpg3R6P2FwILbwEnw.roa
File: VmXVc5a0iidpg3R6P2FwILbwEnw.roa (raw, json)
Hash identifier: Z3QbWzZL+AtxzzdevxmvFHuTN65Oe6fsoMz9wiObcLk=
Subject key identifier: 56:65:D5:73:96:B4:8A:27:69:83:74:7A:3F:61:70:20:B6:F0:12:7C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AE9DE61841F95814AB8A336F5B807BD9A
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/VmXVc5a0iidpg3R6P2FwILbwEnw.roa
Signing time: Sun 01 Oct 2023 06:12:59 +0000
ROA not before: Sun 01 Oct 2023 06:12:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e9:de:61:84:1f:95:81:4a:b8:a3:36:f5:b8:07:bd:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 1 06:12:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5665d57396b48a276983747a3f617020b6f0127c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:6b:1b:23:87:7c:0f:34:49:b0:c1:bd:f4:a7:
62:d7:ef:17:45:76:62:31:64:0a:ef:95:a7:fd:82:
7e:ef:83:27:db:1f:d0:5f:95:91:0f:14:68:4e:d9:
8f:83:fe:3f:47:35:f7:a7:3b:a4:33:5f:75:9d:d8:
5b:20:3a:bb:7b:19:91:06:d6:3f:f4:4c:80:91:de:
d0:ae:ff:03:f9:40:18:24:29:f3:24:98:c5:ee:e7:
ad:71:f0:c3:39:e6:91:c3:c8:e7:a3:32:8a:48:1b:
69:32:a8:38:96:6b:10:28:c4:dd:5c:8a:33:f2:28:
65:e4:d0:02:31:7f:52:97:e4:e5:3e:9f:d9:13:47:
aa:1d:a8:ea:f3:1f:a4:b0:eb:98:c6:bf:b1:d6:a1:
88:94:47:14:83:09:61:e8:3e:b9:f2:2d:48:bf:d6:
dc:84:61:27:4a:3c:9d:6e:d6:69:e7:81:36:6f:8c:
c8:80:33:19:a3:12:3c:92:2e:4e:ae:f9:26:85:c3:
3c:96:5e:df:98:58:27:d0:01:36:66:ae:5d:15:9b:
39:91:50:b2:86:7a:27:4c:b8:6c:ce:20:c5:5a:59:
c3:b6:32:d3:d8:b6:b3:b8:12:74:e5:95:fe:83:98:
a0:dc:78:22:26:88:3d:b7:3d:2b:bb:4b:0d:0e:cd:
78:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:65:D5:73:96:B4:8A:27:69:83:74:7A:3F:61:70:20:B6:F0:12:7C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/VmXVc5a0iidpg3R6P2FwILbwEnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b0:ee:75:b8:33:ac:3e:c7:05:50:0c:c6:cf:7f:9f:39:33:cf:
a6:a1:dc:7d:de:68:1c:b5:3d:85:9e:5e:4c:69:aa:fe:89:3c:
37:44:90:fb:3c:1c:ea:d6:d0:0a:d2:4d:38:01:11:7b:b3:39:
ba:48:a9:f7:c3:5c:dc:73:5a:d1:9b:e2:f6:eb:77:13:59:ec:
6b:40:e9:c4:5d:07:1c:ba:cb:e2:ed:5f:b4:f4:f3:f4:45:11:
64:c5:15:73:6e:9b:62:df:bd:04:76:f7:5e:9f:64:bb:05:f1:
81:65:e8:66:ce:ed:89:82:41:48:cf:d8:6b:99:a1:0a:05:e6:
39:0f:4a:b1:de:47:d0:f8:74:6f:59:e8:f4:a8:13:9d:48:27:
de:cf:f9:46:7a:bf:26:97:04:dc:e4:b9:92:ec:c3:c9:08:6a:
c5:ba:b7:9d:65:5a:2f:33:27:b8:87:6c:40:04:f2:a1:b4:08:
9b:e5:ca:e5:76:4c:05:58:38:40:c8:01:34:74:64:7e:31:40:
70:6e:84:fe:ec:ce:b7:f9:c3:cb:4f:d1:bf:1b:8b:c9:d5:56:
2b:54:13:8b:8e:b9:29:63:10:4e:b7:f3:9a:30:28:70:f0:b8:
af:d9:d5:20:c1:4e:92:33:5b:d5:19:b1:0a:de:28:d1:17:7d:
a7:de:de:95
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrp3mGEH5WBSrijNvW4B72aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDAxMDYxMjU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjY1ZDU3Mzk2YjQ4YTI3Njk4Mzc0N2EzZjYxNzAyMGI2ZjAxMjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGsbI4d8DzRJsMG99Kdi1+8XRXZi
MWQK75Wn/YJ+74Mn2x/QX5WRDxRoTtmPg/4/RzX3pzukM191ndhbIDq7exmRBtY/
9EyAkd7Qrv8D+UAYJCnzJJjF7uetcfDDOeaRw8jnozKKSBtpMqg4lmsQKMTdXIoz
8ihl5NACMX9Sl+TlPp/ZE0eqHajq8x+ksOuYxr+x1qGIlEcUgwlh6D658i1Iv9bc
hGEnSjydbtZp54E2b4zIgDMZoxI8ki5OrvkmhcM8ll7fmFgn0AE2Zq5dFZs5kVCy
hnonTLhsziDFWlnDtjLT2LazuBJ05ZX+g5ig3HgiJog9tz0ru0sNDs14OwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFZl1XOWtIonaYN0ej9hcCC28BJ8MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVm1YVmM1YTBpaWRwZzNSNlAyRndJTGJ3RW53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALDudbgzrD7HBVAMxs9/
nzkzz6ah3H3eaBy1PYWeXkxpqv6JPDdEkPs8HOrW0ArSTTgBEXuzObpIqffDXNxz
WtGb4vbrdxNZ7GtA6cRdBxy6y+LtX7T08/RFEWTFFXNum2LfvQR2916fZLsF8YFl
6GbO7YmCQUjP2GuZoQoF5jkPSrHeR9D4dG9Z6PSoE51IJ97P+UZ6vyaXBNzkuZLs
w8kIasW6t51lWi8zJ7iHbEAE8qG0CJvlyuV2TAVYOEDIATR0ZH4xQHBuhP7szrf5
w8tP0b8bi8nVVitUE4uOuSljEE6385owKHDwuK/Z1SDBTpIzW9UZsQreKNEXfafe
3pU=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:16:19 2025 by rpki-client