Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/aLWRfotHKVY_uOcfLyhSfc4Di0c.roa
File: aLWRfotHKVY_uOcfLyhSfc4Di0c.roa (raw, json)
Hash identifier: GfVb+u3Y8B5zlokKdNE0DrSL6M1cTlOa2AqWWLSU94s=
Subject key identifier: 68:B5:91:7E:8B:47:29:56:3F:B8:E7:1F:2F:28:52:7D:CE:03:8B:47
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B70D9602169182C42ED3719CE265A7C50
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/aLWRfotHKVY_uOcfLyhSfc4Di0c.roa
Signing time: Fri 27 Oct 2023 11:16:15 +0000
ROA not before: Fri 27 Oct 2023 11:16:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:70:d9:60:21:69:18:2c:42:ed:37:19:ce:26:5a:7c:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 27 11:16:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68b5917e8b4729563fb8e71f2f28527dce038b47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f2:9b:a3:06:c5:69:6a:dd:8b:fd:bd:12:db:
94:b2:12:46:a8:16:84:66:aa:25:46:3e:d0:60:8e:
15:3e:e5:30:f4:0d:f2:bc:39:b5:09:92:8a:a8:ab:
b7:31:3e:e6:4c:23:23:49:9a:93:41:c1:31:85:5a:
d8:52:c6:a5:e5:25:f0:60:3b:77:8e:01:2c:e0:88:
e4:7d:28:d4:23:e5:3a:4a:9f:81:5b:81:38:38:8a:
31:2d:1a:9d:3b:c3:3d:c0:1f:2c:17:13:31:bd:f7:
ef:e5:91:0f:43:aa:bc:2b:96:6a:13:dd:d7:b8:83:
1d:25:44:e0:21:f8:63:b5:7e:e4:c2:aa:b8:d8:b7:
29:1b:bd:48:1e:7a:7e:2b:8c:1a:63:a9:4a:89:53:
1c:bf:fe:6e:6c:f4:e1:ad:93:54:fe:79:87:bd:86:
9f:4a:fc:ad:94:9e:a9:72:e4:c5:08:84:06:8a:15:
08:c8:a9:d3:41:81:73:90:0f:26:2a:e8:71:da:93:
0e:ed:ab:64:ed:27:0c:b8:6d:eb:16:bf:c4:92:ae:
bb:9f:ce:40:99:74:b5:84:71:54:b0:81:96:ad:4a:
b0:31:85:0b:89:ab:e0:f7:59:51:55:47:b0:3c:be:
1f:36:9c:29:a6:7d:ea:ad:54:43:0a:2a:e0:b2:c0:
b6:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:B5:91:7E:8B:47:29:56:3F:B8:E7:1F:2F:28:52:7D:CE:03:8B:47
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/aLWRfotHKVY_uOcfLyhSfc4Di0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
25:64:0e:3b:df:e8:43:b2:7d:d7:16:bc:30:65:35:76:54:12:
bd:44:7b:8d:c6:54:f8:94:99:9b:80:c0:bc:e5:af:41:bc:11:
ce:98:2f:ac:22:7b:bc:1f:99:74:57:40:6d:2c:5b:86:29:0e:
4e:d9:27:ec:35:16:1c:8c:13:54:0f:12:c1:65:56:b8:3b:5d:
e7:30:f6:85:1d:f4:ff:9e:3b:2b:e7:c8:c5:fb:b0:49:a5:5c:
03:07:ad:98:93:bb:c9:58:78:7d:fe:9f:9b:30:2b:30:bc:cd:
2c:1d:9c:bf:a3:92:e0:16:88:6f:39:90:63:bc:77:03:3b:57:
dd:73:52:7b:d6:41:d3:6b:44:30:21:41:3d:49:93:41:4c:a7:
8d:90:86:94:69:b7:9d:f2:42:54:54:e2:c8:51:8d:27:00:40:
6d:39:77:dd:64:3d:c9:62:ed:13:36:5b:69:6a:f3:d6:2a:91:
03:8a:85:4b:c9:82:a9:f3:3c:aa:f9:94:27:02:74:6f:a6:b0:
c5:f5:a6:a6:4b:8b:9f:88:be:43:76:02:8d:9e:33:55:87:6c:
e9:f6:10:d4:26:ac:a2:c2:a7:e9:d4:34:9f:f8:db:db:2b:76:
91:17:64:2f:68:0e:ce:7e:19:02:ad:45:f4:b8:ba:64:45:c1:
7a:24:5b:6d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtw2WAhaRgsQu03Gc4mWnxQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI3MTExNjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGI1OTE3ZThiNDcyOTU2M2ZiOGU3MWYyZjI4NTI3ZGNlMDM4YjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofKbowbFaWrdi/29EtuUshJGqBaE
ZqolRj7QYI4VPuUw9A3yvDm1CZKKqKu3MT7mTCMjSZqTQcExhVrYUsal5SXwYDt3
jgEs4IjkfSjUI+U6Sp+BW4E4OIoxLRqdO8M9wB8sFxMxvffv5ZEPQ6q8K5ZqE93X
uIMdJUTgIfhjtX7kwqq42LcpG71IHnp+K4waY6lKiVMcv/5ubPThrZNU/nmHvYaf
SvytlJ6pcuTFCIQGihUIyKnTQYFzkA8mKuhx2pMO7atk7ScMuG3rFr/Ekq67n85A
mXS1hHFUsIGWrUqwMYULiavg91lRVUewPL4fNpwppn3qrVRDCirgssC2lQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGi1kX6LRylWP7jnHy8oUn3OA4tHMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYUxXUmZvdEhLVllfdU9jZkx5aFNmYzREaTBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACVkDjvf6EOyfdcWvDBl
NXZUEr1Ee43GVPiUmZuAwLzlr0G8Ec6YL6wie7wfmXRXQG0sW4YpDk7ZJ+w1FhyM
E1QPEsFlVrg7Xecw9oUd9P+eOyvnyMX7sEmlXAMHrZiTu8lYeH3+n5swKzC8zSwd
nL+jkuAWiG85kGO8dwM7V91zUnvWQdNrRDAhQT1Jk0FMp42QhpRpt53yQlRU4shR
jScAQG05d91kPcli7RM2W2lq89YqkQOKhUvJgqnzPKr5lCcCdG+msMX1pqZLi5+I
vkN2Ao2eM1WHbOn2ENQmrKLCp+nUNJ/429srdpEXZC9oDs5+GQKtRfS4umRFwXok
W20=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:24:10 2025 by rpki-client