Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/df7rWfrmHrKYVkpJn_pVGADFsFE.roa
File: df7rWfrmHrKYVkpJn_pVGADFsFE.roa (raw, json)
Hash identifier: sU1HqgVS4DPNWaSxb4ezrMi3TgBx8vSF4m6YLKvGryw=
Subject key identifier: 75:FE:EB:59:FA:E6:1E:B2:98:56:4A:49:9F:FA:55:18:00:C5:B0:51
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BEF02845299DF30459A978691FD92089B
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/df7rWfrmHrKYVkpJn_pVGADFsFE.roa
Signing time: Mon 20 Nov 2023 23:13:21 +0000
ROA not before: Mon 20 Nov 2023 23:13:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ef:02:84:52:99:df:30:45:9a:97:86:91:fd:92:08:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 20 23:13:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75feeb59fae61eb298564a499ffa551800c5b051
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:39:48:31:c0:bd:02:c3:ea:18:74:b5:cf:81:
7e:35:87:6b:8f:0d:e2:42:01:6a:dd:21:41:af:17:
63:d3:0c:06:93:38:68:eb:98:d0:78:f2:d1:73:3c:
f2:ab:5c:22:8a:14:28:1f:e7:4c:c4:9b:7d:be:47:
71:1f:fd:6e:94:1c:cf:53:97:a5:09:97:32:17:25:
b1:a1:94:ef:93:73:0c:ba:01:3e:dd:dd:82:98:b4:
99:98:60:2a:c2:f1:f6:52:63:57:4f:36:c6:b7:ee:
0c:00:67:19:a6:32:b1:e0:ff:fa:46:e4:0e:92:6d:
f7:31:8e:39:1a:44:7e:14:d5:8f:d9:4d:83:8c:66:
de:4e:cc:ab:46:dd:11:b6:62:ad:91:3a:66:10:db:
09:78:d9:b2:4c:29:82:bc:9e:92:4a:d6:29:4c:55:
0c:8b:00:2e:05:48:48:9d:89:11:a2:bf:7b:9f:a2:
6c:8d:91:61:b7:28:90:db:00:ec:2a:21:ca:c0:10:
53:53:5a:5c:74:49:0f:17:bf:e6:ed:c3:97:2d:3f:
d5:80:02:ba:e9:72:24:8c:ae:04:01:6a:8d:cc:38:
40:2d:f7:87:36:5e:56:08:c2:66:de:fd:5d:49:a4:
69:bc:cc:d6:46:da:a3:e8:42:4b:f3:01:9e:11:7c:
6e:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:FE:EB:59:FA:E6:1E:B2:98:56:4A:49:9F:FA:55:18:00:C5:B0:51
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/df7rWfrmHrKYVkpJn_pVGADFsFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
12:cf:21:ee:d5:fc:d5:b3:2a:5d:54:5c:d3:de:28:88:88:ac:
34:05:30:2b:b6:19:5a:fe:b4:ff:de:8f:0c:93:3e:76:cd:de:
16:10:eb:65:45:6e:3f:ee:9b:84:7e:c8:da:f9:af:a7:5b:82:
3c:0d:86:16:58:ec:8a:dd:ea:51:46:d1:cc:14:fe:b3:ca:81:
20:c5:b7:15:95:5d:0f:96:4b:cb:43:0b:f8:3d:61:51:7c:22:
ef:4d:71:2c:ac:5c:7a:70:b8:f4:c8:43:58:55:3a:fd:6d:d8:
03:d1:06:3f:88:6f:ce:fc:9a:5e:d5:cc:9e:e6:dc:3a:ba:35:
cf:77:7f:6f:60:68:45:ef:5f:9a:31:04:ce:e3:0c:55:54:0b:
a2:ae:93:47:34:57:07:48:47:29:f1:1b:aa:81:58:92:46:68:
78:99:cc:dd:a0:e2:e3:a2:f8:6a:11:27:94:c9:8e:8c:09:d5:
35:a0:f7:af:05:61:10:33:64:e3:76:ef:e6:08:8b:ac:92:2f:
13:ba:30:ff:03:fd:c1:94:dd:34:22:9e:0c:1b:3b:c9:c1:21:
a8:44:df:6d:3d:e7:5b:eb:2e:d8:6a:2c:08:27:87:86:c7:46:
b2:a8:65:66:7c:ef:9e:dd:30:ab:25:52:0e:8a:b1:46:69:ed:
ef:e2:58:8f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvvAoRSmd8wRZqXhpH9kgibMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTIwMjMxMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWZlZWI1OWZhZTYxZWIyOTg1NjRhNDk5ZmZhNTUxODAwYzViMDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjlIMcC9AsPqGHS1z4F+NYdrjw3i
QgFq3SFBrxdj0wwGkzho65jQePLRczzyq1wiihQoH+dMxJt9vkdxH/1ulBzPU5el
CZcyFyWxoZTvk3MMugE+3d2CmLSZmGAqwvH2UmNXTzbGt+4MAGcZpjKx4P/6RuQO
km33MY45GkR+FNWP2U2DjGbeTsyrRt0RtmKtkTpmENsJeNmyTCmCvJ6SStYpTFUM
iwAuBUhInYkRor97n6JsjZFhtyiQ2wDsKiHKwBBTU1pcdEkPF7/m7cOXLT/VgAK6
6XIkjK4EAWqNzDhALfeHNl5WCMJm3v1dSaRpvMzWRtqj6EJL8wGeEXxu0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHX+61n65h6ymFZKSZ/6VRgAxbBRMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZGY3cldmcm1IcktZVmtwSm5fcFZHQURGc0ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABLPIe7V/NWzKl1UXNPe
KIiIrDQFMCu2GVr+tP/ejwyTPnbN3hYQ62VFbj/um4R+yNr5r6dbgjwNhhZY7Ird
6lFG0cwU/rPKgSDFtxWVXQ+WS8tDC/g9YVF8Iu9NcSysXHpwuPTIQ1hVOv1t2APR
Bj+Ib878ml7VzJ7m3Dq6Nc93f29gaEXvX5oxBM7jDFVUC6Kuk0c0VwdIRynxG6qB
WJJGaHiZzN2g4uOi+GoRJ5TJjowJ1TWg968FYRAzZON27+YIi6ySLxO6MP8D/cGU
3TQingwbO8nBIahE320951vrLthqLAgnh4bHRrKoZWZ8757dMKslUg6KsUZp7e/i
WI8=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:20:38 2025 by rpki-client