Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/_i89A7UjpZyYWH8p1VPYdIbAEgs.roa
File: _i89A7UjpZyYWH8p1VPYdIbAEgs.roa (raw, json)
Hash identifier: HmF2TQgoG0kMtABeuiQBULXjWzl1HW/PgelNJmO/8gA=
Subject key identifier: FE:2F:3D:03:B5:23:A5:9C:98:58:7F:29:D5:53:D8:74:86:C0:12:0B
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B29630052646DEB1F1EE87B88B6BC731E
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/_i89A7UjpZyYWH8p1VPYdIbAEgs.roa
Signing time: Fri 13 Oct 2023 14:13:55 +0000
ROA not before: Fri 13 Oct 2023 14:13:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:29:63:00:52:64:6d:eb:1f:1e:e8:7b:88:b6:bc:73:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 13 14:13:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe2f3d03b523a59c98587f29d553d87486c0120b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:68:60:c3:d2:46:85:a0:9f:4a:c9:a0:b6:37:
6d:06:cc:e2:ee:de:3a:fb:ec:f5:89:6a:78:30:40:
73:a4:1d:39:9a:f8:14:ce:f2:49:e2:74:98:f5:22:
d2:48:5e:89:d5:da:20:e6:8b:5b:c6:df:c1:c2:08:
d3:0d:10:62:17:03:a6:78:01:2e:04:dd:f6:85:ba:
dc:da:12:2b:09:46:d7:44:ba:03:18:f3:73:23:ad:
77:b4:86:8d:fd:bb:c1:61:82:0d:93:96:34:31:f9:
a9:62:78:06:5c:55:2c:ac:77:0e:99:c7:51:ea:d3:
4c:43:82:ac:34:fc:8d:96:3d:76:a0:20:f0:8d:e0:
66:42:45:46:05:a6:3c:cf:d9:a2:81:e2:6a:27:be:
b1:c1:a4:ba:00:41:b4:cb:22:1c:2b:4b:5d:1b:ed:
12:d1:83:81:00:43:ca:95:36:e9:97:54:6c:14:9e:
36:19:9d:45:c6:b9:66:a1:86:b6:df:cf:a1:b1:d6:
d1:fe:60:76:90:fc:15:66:08:e2:c1:0d:02:9c:ff:
50:fe:15:a6:57:88:d5:6c:a2:0c:b0:66:76:fd:6c:
31:7a:93:97:76:6d:21:33:d6:a9:d4:42:8f:3f:ad:
93:a4:cc:0e:84:1e:97:e1:b9:d9:c6:d0:0f:16:0e:
13:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:2F:3D:03:B5:23:A5:9C:98:58:7F:29:D5:53:D8:74:86:C0:12:0B
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/_i89A7UjpZyYWH8p1VPYdIbAEgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3e:24:c7:0d:a2:42:3d:5f:9a:33:21:02:66:63:48:4d:4d:94:
4e:32:b5:e3:23:64:2d:ed:5a:ae:4e:93:c9:03:41:c0:9a:b6:
6c:7a:19:e1:97:02:28:f5:41:43:8b:62:68:ec:dc:9c:9c:22:
93:82:29:43:27:78:14:94:5c:94:0c:f8:d9:23:80:8e:ea:dc:
3f:66:8d:78:8f:e5:29:90:d9:25:87:dc:81:59:05:4c:c0:18:
f8:e9:77:e8:9f:21:85:b3:61:14:a9:de:ba:b8:f6:1b:37:e0:
78:89:09:55:76:d5:04:d7:17:3b:f4:27:ae:ba:11:d0:9b:3f:
f2:b9:97:34:6b:c9:50:e4:10:79:57:ad:64:b0:0c:fa:db:ff:
07:2b:fa:d8:38:38:8b:d5:c3:a0:c9:9b:a2:b9:a4:6d:51:dd:
98:af:51:0e:06:d5:c6:89:4f:52:c2:86:8a:b2:20:16:be:01:
c7:c2:ba:44:60:5d:a6:37:8c:3d:52:86:3a:57:0a:6d:00:55:
5e:73:2e:41:ad:79:20:99:7a:3e:b2:89:89:fe:b4:98:cb:38:
7f:ba:42:5e:fa:63:b6:50:e5:aa:b4:9e:74:3a:ac:59:db:2c:
1f:37:29:9d:cb:ce:3d:50:91:33:ae:bd:ff:40:b7:d1:06:df:
00:ac:24:2a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYspYwBSZG3rHx7oe4i2vHMeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDEzMTQxMzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTJmM2QwM2I1MjNhNTljOTg1ODdmMjlkNTUzZDg3NDg2YzAxMjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWhgw9JGhaCfSsmgtjdtBszi7t46
++z1iWp4MEBzpB05mvgUzvJJ4nSY9SLSSF6J1dog5otbxt/BwgjTDRBiFwOmeAEu
BN32hbrc2hIrCUbXRLoDGPNzI613tIaN/bvBYYINk5Y0MfmpYngGXFUsrHcOmcdR
6tNMQ4KsNPyNlj12oCDwjeBmQkVGBaY8z9migeJqJ76xwaS6AEG0yyIcK0tdG+0S
0YOBAEPKlTbpl1RsFJ42GZ1FxrlmoYa238+hsdbR/mB2kPwVZgjiwQ0CnP9Q/hWm
V4jVbKIMsGZ2/WwxepOXdm0hM9ap1EKPP62TpMwOhB6X4bnZxtAPFg4TNwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP4vPQO1I6WcmFh/KdVT2HSGwBILMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvX2k4OUE3VWpwWnlZV0g4cDFWUFlkSWJBRWdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD4kxw2iQj1fmjMhAmZj
SE1NlE4yteMjZC3tWq5Ok8kDQcCatmx6GeGXAij1QUOLYmjs3JycIpOCKUMneBSU
XJQM+NkjgI7q3D9mjXiP5SmQ2SWH3IFZBUzAGPjpd+ifIYWzYRSp3rq49hs34HiJ
CVV21QTXFzv0J666EdCbP/K5lzRryVDkEHlXrWSwDPrb/wcr+tg4OIvVw6DJm6K5
pG1R3ZivUQ4G1caJT1LChoqyIBa+AcfCukRgXaY3jD1ShjpXCm0AVV5zLkGteSCZ
ej6yiYn+tJjLOH+6Ql76Y7ZQ5aq0nnQ6rFnbLB83KZ3Lzj1QkTOuvf9At9EG3wCs
JCo=
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:44:04 2025 by rpki-client