Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Vo2jp7cnROijAgnutqnBF4jfPDA.roa
File: Vo2jp7cnROijAgnutqnBF4jfPDA.roa (raw, json)
Hash identifier: iO0chR5aUtOtERGBGgcClxOSYqG0gXonrGTxh1+eTQU=
Subject key identifier: 56:8D:A3:A7:B7:27:44:E8:A3:02:09:EE:B6:A9:C1:17:88:DF:3C:30
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B481806B5D7465428D985C704AAA4F132
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Vo2jp7cnROijAgnutqnBF4jfPDA.roa
Signing time: Thu 19 Oct 2023 13:20:15 +0000
ROA not before: Thu 19 Oct 2023 13:20:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:48:18:06:b5:d7:46:54:28:d9:85:c7:04:aa:a4:f1:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 19 13:20:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=568da3a7b72744e8a30209eeb6a9c11788df3c30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:8a:80:40:5a:da:fd:e7:fe:5e:71:fd:a2:44:
1b:c0:e3:b2:ab:e4:58:5c:ed:d7:9c:87:10:4b:52:
1c:b8:c2:e0:9d:06:51:3e:67:45:b0:14:4f:17:5d:
64:91:33:4c:89:32:4d:4c:3f:2b:d6:a4:b7:ef:42:
cc:bc:4c:7c:6c:93:c0:7d:db:99:a4:7c:4d:41:7f:
ad:66:3c:fe:b0:20:3a:2d:a7:9f:cc:59:62:8b:05:
8e:bc:69:ae:4f:58:e4:2d:7f:80:12:ef:5e:20:96:
fe:e8:b9:b8:86:4c:a2:dc:9d:ab:0b:89:54:c0:a1:
ff:eb:f8:86:cb:44:0d:22:b5:92:d5:43:0b:a2:50:
b0:8b:d2:e7:c2:0e:d9:1f:1e:2b:eb:da:fc:1b:c1:
60:25:b6:b1:45:c8:17:40:37:25:1b:6d:ad:56:fc:
7a:1e:27:09:be:6f:12:45:7b:0d:46:c5:73:4b:cb:
5c:68:55:9e:a0:21:a0:e4:96:48:99:0d:3e:41:3a:
e0:ec:c1:1e:1d:ce:92:46:fd:35:6a:a7:fb:30:e3:
00:ab:7e:1d:f9:4f:61:8d:09:d1:6b:3b:cd:96:b0:
b8:3f:3e:5d:2f:b8:28:c3:df:2a:68:97:91:0b:6f:
b2:7a:3d:ee:c6:50:4a:0b:0f:1a:92:a9:6a:78:58:
10:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:8D:A3:A7:B7:27:44:E8:A3:02:09:EE:B6:A9:C1:17:88:DF:3C:30
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Vo2jp7cnROijAgnutqnBF4jfPDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3a:b4:2b:39:4e:01:6b:b8:bd:98:05:a7:14:23:d8:f1:81:ad:
13:8d:eb:b0:16:9d:1d:8d:11:a1:90:05:4e:b0:d6:57:43:fe:
65:cd:ff:66:46:15:63:f6:18:df:c2:c7:de:a4:19:05:67:7e:
a9:7d:01:a1:17:61:a4:60:dc:93:d9:0a:ad:bf:10:b1:38:48:
ba:66:fe:8b:97:fb:2d:c1:c7:21:d2:79:6f:1c:85:fb:15:b0:
e0:30:9a:e5:0d:34:da:c6:a2:71:52:5e:6c:a8:ac:54:7c:9e:
09:99:1a:ae:28:ba:f6:54:80:8c:0c:08:f1:59:72:0e:59:fe:
de:ba:4c:c6:11:a8:36:44:0b:31:6b:ae:ab:f8:67:3d:d9:98:
e8:ea:9e:0e:ec:37:87:2c:50:57:af:1e:76:53:85:25:a1:af:
71:ba:f3:97:da:ac:af:28:ef:f3:bc:4a:cc:f8:69:9f:ce:0c:
79:13:4b:c8:94:e3:f3:89:11:d7:f4:3c:82:14:00:0d:08:fb:
4e:8d:e1:14:b1:34:c6:88:70:c1:6b:8b:5e:c7:e2:a2:af:61:
d0:8f:6a:35:bb:20:97:60:80:33:98:fd:a9:3d:6c:a6:ae:a2:
d1:54:f4:1d:b0:4c:48:7a:9e:85:3b:79:73:46:c6:57:c8:e8:
3f:98:10:be
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtIGAa110ZUKNmFxwSqpPEyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE5MTMyMDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjhkYTNhN2I3Mjc0NGU4YTMwMjA5ZWViNmE5YzExNzg4ZGYzYzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4qAQFra/ef+XnH9okQbwOOyq+RY
XO3XnIcQS1IcuMLgnQZRPmdFsBRPF11kkTNMiTJNTD8r1qS370LMvEx8bJPAfduZ
pHxNQX+tZjz+sCA6LaefzFliiwWOvGmuT1jkLX+AEu9eIJb+6Lm4hkyi3J2rC4lU
wKH/6/iGy0QNIrWS1UMLolCwi9Lnwg7ZHx4r69r8G8FgJbaxRcgXQDclG22tVvx6
HicJvm8SRXsNRsVzS8tcaFWeoCGg5JZImQ0+QTrg7MEeHc6SRv01aqf7MOMAq34d
+U9hjQnRazvNlrC4Pz5dL7gow98qaJeRC2+yej3uxlBKCw8akqlqeFgQGwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFaNo6e3J0ToowIJ7rapwReI3zwwMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVm8yanA3Y25ST2lqQWdudXRxbkJGNGpmUERBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADq0KzlOAWu4vZgFpxQj
2PGBrRON67AWnR2NEaGQBU6w1ldD/mXN/2ZGFWP2GN/Cx96kGQVnfql9AaEXYaRg
3JPZCq2/ELE4SLpm/ouX+y3BxyHSeW8chfsVsOAwmuUNNNrGonFSXmyorFR8ngmZ
Gq4ouvZUgIwMCPFZcg5Z/t66TMYRqDZECzFrrqv4Zz3ZmOjqng7sN4csUFevHnZT
hSWhr3G685farK8o7/O8Ssz4aZ/ODHkTS8iU4/OJEdf0PIIUAA0I+06N4RSxNMaI
cMFri17H4qKvYdCPajW7IJdggDOY/ak9bKauotFU9B2wTEh6noU7eXNGxlfI6D+Y
EL4=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:07:44 2025 by rpki-client