Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/exNVTJaN-1xlcGIyKLU7OsyEbNw.roa
File: exNVTJaN-1xlcGIyKLU7OsyEbNw.roa (raw, json)
Hash identifier: U0Ss6NBFkCwpHYyPxC+TRliXXPXi+4ROaqZ9pgD7leY=
Subject key identifier: 7B:13:55:4C:96:8D:FB:5C:65:70:62:32:28:B5:3B:3A:CC:84:6C:DC
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C85006AE677586E4B4D8BF4A599858379
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/exNVTJaN-1xlcGIyKLU7OsyEbNw.roa
Signing time: Wed 20 Dec 2023 02:14:06 +0000
ROA not before: Wed 20 Dec 2023 02:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:85:00:6a:e6:77:58:6e:4b:4d:8b:f4:a5:99:85:83:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 20 02:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7b13554c968dfb5c6570623228b53b3acc846cdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:6a:80:bd:d8:cb:93:95:31:cd:d7:11:75:6e:
53:5e:32:26:80:91:85:a7:01:de:7e:4f:39:d4:64:
ae:be:b5:4f:e4:7f:8c:e8:c8:b3:a8:7c:92:af:c5:
87:e7:34:9a:f3:7c:b7:4b:95:2c:3e:cf:1a:25:f2:
50:9e:72:d4:40:42:73:6a:a8:5b:00:b2:50:c5:8a:
db:77:57:12:13:cb:c8:7b:25:29:2f:47:00:a8:41:
5f:de:c1:f8:63:f8:9d:9f:c9:59:3e:ad:a9:69:2e:
c9:61:45:73:15:a1:03:cd:61:40:43:72:44:5e:48:
44:39:63:ae:6d:38:12:a2:99:83:7a:24:77:d4:ba:
e1:13:2c:4d:a5:36:2a:00:b7:39:68:5f:7b:e2:d0:
2f:9e:57:84:18:10:8c:7c:d8:69:08:e9:dc:7f:b9:
7a:ea:1c:81:68:f2:21:99:bf:a7:e1:8c:7e:66:61:
47:4c:77:e7:09:7c:dd:72:e2:81:58:e2:8c:ae:62:
c3:7f:85:38:5b:01:4a:b6:6c:30:68:2b:c1:84:89:
62:20:1b:86:02:ba:9f:75:38:8b:c1:d5:fa:ee:21:
2f:54:29:cb:e7:27:e9:b8:fb:43:86:f0:56:bb:95:
3e:02:c4:e7:f4:51:fe:98:c4:91:e3:7b:81:de:40:
cd:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:13:55:4C:96:8D:FB:5C:65:70:62:32:28:B5:3B:3A:CC:84:6C:DC
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/exNVTJaN-1xlcGIyKLU7OsyEbNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
cc:f2:7c:7c:6f:53:7e:0a:1c:00:64:8d:4f:44:ed:64:48:1f:
60:99:79:5b:4a:3d:61:7c:e2:e5:ee:b4:70:0f:99:89:45:98:
38:71:ec:70:d6:cb:d9:69:63:b1:69:5d:4f:81:13:40:e7:58:
cd:87:2d:a4:3a:7b:06:c5:fe:56:ef:cc:88:a8:45:67:a2:95:
fb:3d:c3:ef:3b:a6:40:32:a6:92:4e:33:0c:73:cc:29:25:6f:
0c:b4:22:d3:9a:ad:cf:47:4c:08:a3:5d:f7:17:60:51:c2:49:
d1:7b:c6:9c:29:fe:8c:56:e6:f3:c0:e9:20:95:a8:8d:73:29:
33:36:04:d1:a1:2a:9f:ec:0f:c5:2d:79:bb:46:c8:a3:ee:f0:
03:d5:ef:86:7b:ac:0d:f7:ba:05:5c:b9:47:94:05:a9:b4:54:
03:b4:23:1c:5a:bf:76:62:2f:d5:08:e0:bc:81:32:b6:7c:9a:
cf:95:e8:d9:67:a0:01:4d:2a:c9:71:2f:e4:d9:d4:16:d4:c9:
ff:4c:46:0b:99:42:07:95:7d:71:e2:8a:6b:3f:b5:4c:f6:1f:
57:02:b8:b1:94:3d:9f:f3:23:7d:af:a9:87:88:c0:34:00:14:
7c:d8:5e:83:11:68:03:d2:74:63:ee:86:e6:bc:da:19:eb:a2:
64:14:a7:59
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyFAGrmd1huS02L9KWZhYN5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjIwMDIxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjEzNTU0Yzk2OGRmYjVjNjU3MDYyMzIyOGI1M2IzYWNjODQ2Y2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmqAvdjLk5UxzdcRdW5TXjImgJGF
pwHefk851GSuvrVP5H+M6MizqHySr8WH5zSa83y3S5UsPs8aJfJQnnLUQEJzaqhb
ALJQxYrbd1cSE8vIeyUpL0cAqEFf3sH4Y/idn8lZPq2paS7JYUVzFaEDzWFAQ3JE
XkhEOWOubTgSopmDeiR31LrhEyxNpTYqALc5aF974tAvnleEGBCMfNhpCOncf7l6
6hyBaPIhmb+n4Yx+ZmFHTHfnCXzdcuKBWOKMrmLDf4U4WwFKtmwwaCvBhIliIBuG
ArqfdTiLwdX67iEvVCnL5yfpuPtDhvBWu5U+AsTn9FH+mMSR43uB3kDNQwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHsTVUyWjftcZXBiMii1OzrMhGzcMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZXhOVlRKYU4tMXhsY0dJeUtMVTdPc3lFYk53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMzyfHxvU34KHABkjU9E
7WRIH2CZeVtKPWF84uXutHAPmYlFmDhx7HDWy9lpY7FpXU+BE0DnWM2HLaQ6ewbF
/lbvzIioRWeilfs9w+87pkAyppJOMwxzzCklbwy0ItOarc9HTAijXfcXYFHCSdF7
xpwp/oxW5vPA6SCVqI1zKTM2BNGhKp/sD8UtebtGyKPu8APV74Z7rA33ugVcuUeU
Bam0VAO0Ixxav3ZiL9UI4LyBMrZ8ms+V6NlnoAFNKslxL+TZ1BbUyf9MRguZQgeV
fXHiims/tUz2H1cCuLGUPZ/zI32vqYeIwDQAFHzYXoMRaAPSdGPuhua82hnromQU
p1k=
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:55:31 2025 by rpki-client