Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/_Aw8369job70BZo5sogPoFMsGrQ.roa
File: _Aw8369job70BZo5sogPoFMsGrQ.roa (raw, json)
Hash identifier: bJIPApP0mQa7kVyYOJdYCJVs6DIeq4hGMqa5sbDx36o=
Subject key identifier: FC:0C:3C:DF:AF:63:A1:BE:F4:05:9A:39:B2:88:0F:A0:53:2C:1A:B4
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B774479FEDF73C27B725AAC2589DD3C83
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/_Aw8369job70BZo5sogPoFMsGrQ.roa
Signing time: Sat 28 Oct 2023 17:10:58 +0000
ROA not before: Sat 28 Oct 2023 17:10:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:77:44:79:fe:df:73:c2:7b:72:5a:ac:25:89:dd:3c:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 28 17:10:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc0c3cdfaf63a1bef4059a39b2880fa0532c1ab4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0e:b6:94:81:5e:f9:8b:b7:0f:49:64:99:7c:
8f:a8:8c:c4:02:7b:ec:ea:0f:b0:0c:dc:f1:ef:b1:
81:07:30:41:79:14:dd:51:8d:01:f5:1e:2e:73:a5:
05:58:16:ac:66:94:eb:f8:66:9e:5c:65:13:bd:2e:
2b:2c:fe:a3:b8:84:f7:71:88:1f:fd:8f:7f:f3:4c:
3d:ff:7b:dc:c7:14:bb:73:ba:8d:a2:ce:95:39:1a:
95:bc:1f:9a:f6:c9:c6:8f:63:ab:c2:ac:a6:dd:37:
80:93:9e:dc:8f:8f:89:bb:51:94:23:2b:e8:f2:30:
88:48:88:16:36:73:cd:90:dc:15:49:26:8c:df:e5:
b4:93:7d:a4:0d:96:dd:bd:82:36:a4:40:80:5a:d8:
f6:f0:0c:fe:33:9f:ac:82:ca:0f:d2:1b:97:45:d6:
f1:d5:7b:47:c9:9c:d0:8f:0a:34:e6:e2:46:87:55:
39:54:ce:7e:9c:ea:65:3a:ac:08:da:31:ff:99:04:
44:3c:72:dd:9d:b2:8f:5e:77:c8:4c:9d:ec:9d:2a:
f4:c1:5b:e0:20:64:71:5e:62:68:b6:4f:80:6c:87:
fd:59:f2:51:c9:80:f2:ec:20:7d:bb:a3:3f:7e:da:
b8:85:bc:f4:6e:fb:29:be:c1:7b:ec:49:92:fe:4c:
3c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:0C:3C:DF:AF:63:A1:BE:F4:05:9A:39:B2:88:0F:A0:53:2C:1A:B4
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/_Aw8369job70BZo5sogPoFMsGrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ab:41:af:60:76:51:ae:47:04:a6:56:9a:db:30:1e:5a:6d:b7:
f9:7b:ea:76:b0:95:20:38:c4:a2:70:b2:16:06:07:4d:7a:9b:
f0:bc:79:f6:a0:64:24:36:f6:35:9d:a9:7d:f0:82:87:10:e9:
1e:c9:02:c6:ea:65:a5:11:1b:ee:3e:cf:d8:40:04:8b:8e:05:
ca:c8:a5:54:c5:f1:c5:48:0c:35:01:8b:cf:18:21:f1:48:6e:
35:a6:19:f1:58:58:e7:5c:2f:a2:4f:cb:4d:cc:32:4b:00:e7:
40:68:03:7e:58:ce:56:69:41:3d:58:f9:cd:77:28:71:c3:1c:
11:ae:08:af:30:72:4d:ae:89:b9:01:1d:70:f6:d1:aa:60:0a:
18:a8:7e:20:22:5c:1e:de:47:3b:85:b4:12:2d:7c:40:fb:b2:
8a:db:de:0a:de:99:53:54:d9:5a:11:56:24:70:76:56:53:f4:
40:12:aa:3c:fb:aa:00:eb:6f:37:27:a3:2d:69:78:6a:ca:81:
9b:51:a3:84:bb:f8:b1:c5:13:4b:1a:c0:c5:98:7c:ab:a6:c7:
7a:08:4e:bc:ac:55:0e:8c:8a:4c:32:88:5b:39:83:97:91:36:
7b:61:8c:e2:70:68:89:eb:67:a2:78:3b:a4:c7:bf:69:d5:14:
cc:25:79:ff
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYt3RHn+33PCe3JarCWJ3TyDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI4MTcxMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzBjM2NkZmFmNjNhMWJlZjQwNTlhMzliMjg4MGZhMDUzMmMxYWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtw62lIFe+Yu3D0lkmXyPqIzEAnvs
6g+wDNzx77GBBzBBeRTdUY0B9R4uc6UFWBasZpTr+GaeXGUTvS4rLP6juIT3cYgf
/Y9/80w9/3vcxxS7c7qNos6VORqVvB+a9snGj2Orwqym3TeAk57cj4+Ju1GUIyvo
8jCISIgWNnPNkNwVSSaM3+W0k32kDZbdvYI2pECAWtj28Az+M5+sgsoP0huXRdbx
1XtHyZzQjwo05uJGh1U5VM5+nOplOqwI2jH/mQREPHLdnbKPXnfITJ3snSr0wVvg
IGRxXmJotk+AbIf9WfJRyYDy7CB9u6M/ftq4hbz0bvspvsF77EmS/kw8/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPwMPN+vY6G+9AWaObKID6BTLBq0MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvX0F3ODM2OWpvYjcwQlpvNXNvZ1BvRk1zR3JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKtBr2B2Ua5HBKZWmtsw
Hlptt/l76nawlSA4xKJwshYGB016m/C8efagZCQ29jWdqX3wgocQ6R7JAsbqZaUR
G+4+z9hABIuOBcrIpVTF8cVIDDUBi88YIfFIbjWmGfFYWOdcL6JPy03MMksA50Bo
A35YzlZpQT1Y+c13KHHDHBGuCK8wck2uibkBHXD20apgChiofiAiXB7eRzuFtBIt
fED7sorb3gremVNU2VoRViRwdlZT9EASqjz7qgDrbzcnoy1peGrKgZtRo4S7+LHF
E0sawMWYfKumx3oITrysVQ6MikwyiFs5g5eRNnthjOJwaInrZ6J4O6THv2nVFMwl
ef8=
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:26:58 2025 by rpki-client