Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/a7KtrA1k1JuzU6GNXYAX8dAD2qE.roa
File: a7KtrA1k1JuzU6GNXYAX8dAD2qE.roa (raw, json)
Hash identifier: yzgku5bMVbtIQx6Dv+yT/eEdRHvw5NxTdk69NKg2HEM=
Subject key identifier: 6B:B2:AD:AC:0D:64:D4:9B:B3:53:A1:8D:5D:80:17:F1:D0:03:DA:A1
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B8C518AB23A5714FA8673F5FEE45663A0
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/a7KtrA1k1JuzU6GNXYAX8dAD2qE.roa
Signing time: Wed 01 Nov 2023 19:17:15 +0000
ROA not before: Wed 01 Nov 2023 19:17:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8c:51:8a:b2:3a:57:14:fa:86:73:f5:fe:e4:56:63:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 1 19:17:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6bb2adac0d64d49bb353a18d5d8017f1d003daa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:01:2e:fd:3e:68:fb:51:b7:19:df:0b:b3:f5:
53:71:2f:97:77:9e:18:fc:5d:44:80:8a:d2:77:5b:
67:0a:8f:26:08:14:1f:fc:2e:b4:cb:26:36:50:8e:
e1:cb:2f:b1:96:f3:89:10:5e:b9:f7:84:9a:3c:8f:
48:9f:1b:40:c8:4b:89:36:f6:94:e1:2e:65:45:10:
6a:eb:9d:6f:1c:8f:57:9a:2e:b2:0f:87:08:1d:8e:
0c:9f:e4:43:c8:30:99:a9:2a:30:1c:0f:cf:0d:23:
ee:06:1b:bb:eb:41:36:55:f4:54:e7:28:f7:65:59:
80:5a:af:bb:88:2b:6b:5a:1b:06:ef:7d:08:5d:ef:
3a:4b:cb:43:e7:1d:93:eb:67:a8:48:ae:5c:0a:7b:
94:e7:a9:c4:50:fe:87:44:7e:17:9d:ab:e9:d7:73:
90:1f:d1:27:d4:cf:de:50:28:be:08:4e:60:ef:81:
b6:73:66:31:7e:61:30:77:21:af:3d:1d:89:11:6c:
9c:a9:9f:fb:55:b5:1f:23:79:a0:a3:f8:f3:18:f2:
18:e4:4c:df:27:03:54:1b:97:30:86:f3:07:15:68:
e0:ca:8c:d2:4c:58:5b:89:89:50:d4:b7:6b:99:93:
17:01:27:a6:55:83:27:e1:ec:7d:54:73:84:90:ae:
b1:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:B2:AD:AC:0D:64:D4:9B:B3:53:A1:8D:5D:80:17:F1:D0:03:DA:A1
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/a7KtrA1k1JuzU6GNXYAX8dAD2qE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1c:85:00:e6:03:3c:e0:eb:a0:2a:d8:b9:46:ee:cd:e0:08:f1:
ff:9e:c5:ca:95:73:3a:60:94:ee:e7:31:31:ff:fd:21:dc:4b:
ea:2b:c6:ef:91:37:82:79:ed:3d:c2:f9:67:33:b3:a1:08:3b:
70:39:1b:2a:64:cf:49:e6:1d:94:5f:d9:92:37:d0:31:a5:e4:
67:82:d5:0a:e5:b0:58:1c:dc:eb:c0:d9:fd:72:27:a6:e4:df:
1f:fb:9b:7f:f6:4d:78:35:4c:25:66:b1:56:bb:aa:ab:54:f8:
89:d7:2e:a4:05:18:ba:cf:02:7b:f6:5f:32:ed:c1:e3:d8:5d:
aa:27:94:f0:af:70:53:3f:7c:70:cb:a7:0f:84:e3:c2:9e:c5:
f4:62:dc:ca:26:48:5b:8b:de:9e:b3:69:58:30:02:66:c0:dc:
fb:85:7c:e4:07:ce:ef:09:f7:24:70:79:1f:c4:bd:1d:d7:4d:
57:1a:b0:c6:79:58:55:94:0c:a3:69:f7:d1:da:03:4f:c1:a9:
b1:ac:c7:49:61:6e:ea:fa:71:f8:3e:52:96:fa:fe:da:24:c3:
e9:03:0f:fb:55:88:0b:b2:7c:29:3b:95:02:b9:92:c9:81:fb:
dd:6d:8c:d6:72:c0:f0:6c:f5:95:c9:57:1b:05:e9:14:f0:e4:
ff:75:54:53
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuMUYqyOlcU+oZz9f7kVmOgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTAxMTkxNzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmIyYWRhYzBkNjRkNDliYjM1M2ExOGQ1ZDgwMTdmMWQwMDNkYWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQEu/T5o+1G3Gd8Ls/VTcS+Xd54Y
/F1EgIrSd1tnCo8mCBQf/C60yyY2UI7hyy+xlvOJEF6594SaPI9InxtAyEuJNvaU
4S5lRRBq651vHI9Xmi6yD4cIHY4Mn+RDyDCZqSowHA/PDSPuBhu760E2VfRU5yj3
ZVmAWq+7iCtrWhsG730IXe86S8tD5x2T62eoSK5cCnuU56nEUP6HRH4Xnavp13OQ
H9En1M/eUCi+CE5g74G2c2YxfmEwdyGvPR2JEWycqZ/7VbUfI3mgo/jzGPIY5Ezf
JwNUG5cwhvMHFWjgyozSTFhbiYlQ1LdrmZMXASemVYMn4ex9VHOEkK6xewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGuyrawNZNSbs1OhjV2AF/HQA9qhMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYTdLdHJBMWsxSnV6VTZHTlhZQVg4ZEFEMnFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAByFAOYDPODroCrYuUbu
zeAI8f+excqVczpglO7nMTH//SHcS+orxu+RN4J57T3C+Wczs6EIO3A5Gypkz0nm
HZRf2ZI30DGl5GeC1QrlsFgc3OvA2f1yJ6bk3x/7m3/2TXg1TCVmsVa7qqtU+InX
LqQFGLrPAnv2XzLtwePYXaonlPCvcFM/fHDLpw+E48KexfRi3MomSFuL3p6zaVgw
AmbA3PuFfOQHzu8J9yRweR/EvR3XTVcasMZ5WFWUDKNp99HaA0/BqbGsx0lhbur6
cfg+Upb6/tokw+kDD/tViAuyfCk7lQK5ksmB+91tjNZywPBs9ZXJVxsF6RTw5P91
VFM=
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:29:26 2025 by rpki-client