Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/_FhLei2RHgIX6YaNqFsa3fU9v6U.roa
File: _FhLei2RHgIX6YaNqFsa3fU9v6U.roa (raw, json)
Hash identifier: DFC3SrttuOQhx1HjH+scm01jKOczS1Z6e1BqEieAPh0=
Subject key identifier: FC:58:4B:7A:2D:91:1E:02:17:E9:86:8D:A8:5B:1A:DD:F5:3D:BF:A5
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C6F1F3857C797420D937CF426301640C1
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/_FhLei2RHgIX6YaNqFsa3fU9v6U.roa
Signing time: Fri 15 Dec 2023 20:16:06 +0000
ROA not before: Fri 15 Dec 2023 20:16:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6f:1f:38:57:c7:97:42:0d:93:7c:f4:26:30:16:40:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 15 20:16:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc584b7a2d911e0217e9868da85b1addf53dbfa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:8b:aa:e2:c2:7a:72:f7:dd:76:d6:76:a5:44:
8a:87:6a:29:f3:5d:cc:b1:5c:06:59:ab:50:43:ce:
80:81:c8:43:eb:c7:28:da:18:d8:66:7d:fa:b5:4d:
e2:f9:77:04:69:72:b3:8d:f2:9e:00:1a:06:6a:52:
e6:75:8c:ed:78:c9:23:01:5e:ab:34:99:10:1e:88:
62:6f:1e:8a:ff:d8:1f:5b:7c:3f:2d:a1:56:03:b0:
94:0c:89:7f:3e:13:d8:3b:b4:e3:5f:53:d2:5e:82:
a7:7f:5b:84:49:a7:45:6d:f0:1e:a2:5e:a2:dc:1c:
fe:d3:ae:83:ee:1e:fd:ac:9a:9d:1d:3e:7b:1a:ff:
41:88:87:51:26:62:db:70:09:7f:f5:2b:78:8c:f9:
09:9e:dd:e5:19:c5:40:84:03:0c:c0:ba:27:4c:01:
86:e0:30:9e:44:1d:05:90:e8:0a:cd:1d:61:bf:66:
c8:bb:8a:1b:5a:4a:6e:68:fd:b9:0c:3b:d5:e5:65:
dc:91:69:90:c9:94:4e:1d:b9:c4:84:19:51:d0:cc:
d8:4f:26:9e:8f:82:44:18:28:11:61:2f:c0:8e:2a:
dd:cc:d7:67:e1:b1:3f:a9:22:fb:e9:8e:04:a6:cf:
5b:3d:f6:6b:ba:bf:7a:fb:40:64:51:71:53:44:8f:
c9:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:58:4B:7A:2D:91:1E:02:17:E9:86:8D:A8:5B:1A:DD:F5:3D:BF:A5
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/_FhLei2RHgIX6YaNqFsa3fU9v6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4f:c1:2c:c1:4b:18:71:82:b8:80:99:14:7f:20:eb:16:db:aa:
e4:d0:bb:ab:70:c7:b1:03:cf:42:32:4d:f6:8f:66:4c:c5:12:
eb:3d:91:4c:96:de:2c:13:dc:c1:79:8d:1e:37:57:24:89:62:
1c:e8:5b:a2:ba:a0:10:5b:67:9c:64:c5:53:d6:18:16:e2:14:
2f:7b:d4:5b:52:fa:c3:9b:93:62:ca:9c:06:a1:90:54:f4:36:
a2:03:da:d2:70:e8:1d:e8:9f:d2:e4:6d:3d:c9:2a:b0:99:14:
7d:de:f2:8a:e9:0b:3f:4e:d6:f1:09:d5:2b:f9:c7:4f:a1:1f:
2f:ba:f5:a3:e3:52:e2:6c:7e:1d:ef:b4:59:48:95:72:72:be:
fa:f5:b4:96:06:94:ad:2a:38:c9:6d:f8:1d:68:de:3d:11:6a:
1c:38:02:aa:24:24:17:d4:d0:73:8e:0d:40:36:77:b3:83:7f:
62:05:63:de:ec:09:bd:7a:25:45:31:76:b0:29:1e:14:ed:87:
c8:7f:74:80:eb:ff:e9:21:88:22:d1:12:b2:2d:00:ca:25:98:
c8:dc:ac:f6:80:a1:c3:27:7c:74:bb:17:74:6b:23:ef:7f:b8:
b3:53:72:7e:5c:6d:7e:57:f1:3e:85:58:a5:b8:1b:31:af:82:
0a:2a:dc:cb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxvHzhXx5dCDZN89CYwFkDBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE1MjAxNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzU4NGI3YTJkOTExZTAyMTdlOTg2OGRhODViMWFkZGY1M2RiZmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArouq4sJ6cvfddtZ2pUSKh2op813M
sVwGWatQQ86AgchD68co2hjYZn36tU3i+XcEaXKzjfKeABoGalLmdYzteMkjAV6r
NJkQHohibx6K/9gfW3w/LaFWA7CUDIl/PhPYO7TjX1PSXoKnf1uESadFbfAeol6i
3Bz+066D7h79rJqdHT57Gv9BiIdRJmLbcAl/9St4jPkJnt3lGcVAhAMMwLonTAGG
4DCeRB0FkOgKzR1hv2bIu4obWkpuaP25DDvV5WXckWmQyZROHbnEhBlR0MzYTyae
j4JEGCgRYS/AjirdzNdn4bE/qSL76Y4Eps9bPfZrur96+0BkUXFTRI/JnQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPxYS3otkR4CF+mGjahbGt31Pb+lMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvX0ZoTGVpMlJIZ0lYNllhTnFGc2EzZlU5djZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE/BLMFLGHGCuICZFH8g
6xbbquTQu6twx7EDz0IyTfaPZkzFEus9kUyW3iwT3MF5jR43VySJYhzoW6K6oBBb
Z5xkxVPWGBbiFC971FtS+sObk2LKnAahkFT0NqID2tJw6B3on9LkbT3JKrCZFH3e
8orpCz9O1vEJ1Sv5x0+hHy+69aPjUuJsfh3vtFlIlXJyvvr1tJYGlK0qOMlt+B1o
3j0Rahw4AqokJBfU0HOODUA2d7ODf2IFY97sCb16JUUxdrApHhTth8h/dIDr/+kh
iCLRErItAMolmMjcrPaAocMnfHS7F3RrI+9/uLNTcn5cbX5X8T6FWKW4GzGvggoq
3Ms=
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:55:08 2025 by rpki-client