Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/f10nEoE7Q61SeC8AWCPlwG5beAA.roa
File: f10nEoE7Q61SeC8AWCPlwG5beAA.roa (raw, json)
Hash identifier: xvJLRdIAf0bG/t0s84Z7iYF/B5NWJckvFDaoJz5R+/o=
Subject key identifier: 7F:5D:27:12:81:3B:43:AD:52:78:2F:00:58:23:E5:C0:6E:5B:78:00
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B53E284B079182F62E75DFABA161B3285
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/f10nEoE7Q61SeC8AWCPlwG5beAA.roa
Signing time: Sat 21 Oct 2023 20:17:15 +0000
ROA not before: Sat 21 Oct 2023 20:17:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:53:e2:84:b0:79:18:2f:62:e7:5d:fa:ba:16:1b:32:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 21 20:17:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f5d2712813b43ad52782f005823e5c06e5b7800
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:1f:c1:ed:9a:66:ae:7a:1b:bd:fc:8e:11:18:
31:40:48:43:e6:3b:f4:98:e1:07:ca:1e:b9:21:d2:
6b:a6:ef:51:df:61:9a:a5:92:d0:b8:ce:d9:36:cb:
05:66:03:70:4f:16:aa:39:af:ba:56:82:c4:a1:0a:
6b:7e:1b:74:6b:bc:dd:94:aa:7e:0e:0e:27:91:9d:
60:90:08:ff:2a:0f:62:b0:ec:e0:95:c9:4e:eb:d2:
32:ac:5e:8e:30:96:5a:d4:ed:ab:cd:32:85:7d:ae:
f9:b6:37:55:e9:57:65:bf:aa:67:aa:1d:0b:3e:e0:
92:df:c1:75:da:98:9d:46:14:c7:c1:38:73:f5:b8:
f7:a5:44:6e:d2:ec:a4:0b:e9:92:f3:47:55:7d:38:
7b:d1:9e:07:c4:49:a1:10:34:5b:93:34:af:f2:8a:
a5:4b:09:5b:37:3d:6c:8c:66:a3:21:c3:8b:99:1a:
c5:d2:ad:d9:ef:f5:ee:c1:bc:60:84:97:2e:e4:c9:
ca:a7:c9:88:99:9a:48:3b:ce:1e:a3:be:17:49:65:
5e:ff:89:35:09:b1:b2:1b:b9:20:4a:4c:cb:c5:dc:
56:6f:23:0b:3b:97:91:8c:b1:a2:d3:32:0e:82:d1:
0b:d7:de:9a:0f:bf:b7:a9:1c:e3:ff:77:e5:27:ba:
51:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:5D:27:12:81:3B:43:AD:52:78:2F:00:58:23:E5:C0:6E:5B:78:00
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/f10nEoE7Q61SeC8AWCPlwG5beAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2a:4f:68:7a:8a:94:16:cb:6d:b7:96:ab:e7:68:60:ce:4e:22:
e5:a7:bc:d4:49:9d:4e:54:04:23:72:4b:2d:dd:a1:5c:a1:77:
c3:9f:a2:a9:fb:13:81:00:c7:24:dd:04:3c:e9:70:3e:d7:eb:
19:a0:a9:a1:e4:02:62:11:35:57:86:09:fc:b8:27:16:c7:bb:
d0:10:2f:16:6f:3a:62:f2:8b:95:3f:c7:7c:8b:4b:88:93:64:
c8:bc:0c:a8:1a:5b:bf:35:83:12:9e:cd:77:a1:e0:bc:11:fd:
c1:6b:a9:e2:8c:a2:fc:48:db:bc:45:44:ec:46:51:25:8e:78:
bb:95:e1:4d:ee:dc:49:25:21:23:bd:10:35:d0:57:b4:2f:b3:
68:fd:dc:4e:42:58:ee:24:bb:fe:d3:f1:0e:44:49:c1:18:07:
9c:18:39:38:d1:b3:2c:f2:51:f5:21:6a:70:c1:3f:da:fc:e9:
c4:c4:47:05:28:82:60:99:3b:9b:d6:9a:a9:71:df:95:37:3a:
20:cf:bd:2f:5b:ac:de:91:75:eb:92:b3:0e:c6:04:bd:a2:64:
bf:68:4e:ef:42:47:ad:17:5f:1c:3b:e0:17:81:09:9b:79:42:
b4:36:5f:3e:b6:23:c9:03:f3:d0:f4:cb:e4:09:b5:ae:93:b6:
20:5e:85:67
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtT4oSweRgvYudd+roWGzKFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIxMjAxNzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjVkMjcxMjgxM2I0M2FkNTI3ODJmMDA1ODIzZTVjMDZlNWI3ODAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApx/B7ZpmrnobvfyOERgxQEhD5jv0
mOEHyh65IdJrpu9R32GapZLQuM7ZNssFZgNwTxaqOa+6VoLEoQprfht0a7zdlKp+
Dg4nkZ1gkAj/Kg9isOzglclO69IyrF6OMJZa1O2rzTKFfa75tjdV6Vdlv6pnqh0L
PuCS38F12pidRhTHwThz9bj3pURu0uykC+mS80dVfTh70Z4HxEmhEDRbkzSv8oql
SwlbNz1sjGajIcOLmRrF0q3Z7/XuwbxghJcu5MnKp8mImZpIO84eo74XSWVe/4k1
CbGyG7kgSkzLxdxWbyMLO5eRjLGi0zIOgtEL196aD7+3qRzj/3flJ7pR+QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH9dJxKBO0OtUngvAFgj5cBuW3gAMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZjEwbkVvRTdRNjFTZUM4QVdDUGx3RzViZUFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACpPaHqKlBbLbbeWq+do
YM5OIuWnvNRJnU5UBCNySy3doVyhd8Ofoqn7E4EAxyTdBDzpcD7X6xmgqaHkAmIR
NVeGCfy4JxbHu9AQLxZvOmLyi5U/x3yLS4iTZMi8DKgaW781gxKezXeh4LwR/cFr
qeKMovxI27xFROxGUSWOeLuV4U3u3EklISO9EDXQV7Qvs2j93E5CWO4ku/7T8Q5E
ScEYB5wYOTjRsyzyUfUhanDBP9r86cTERwUogmCZO5vWmqlx35U3OiDPvS9brN6R
deuSsw7GBL2iZL9oTu9CR60XXxw74BeBCZt5QrQ2Xz62I8kD89D0y+QJta6TtiBe
hWc=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:26:17 2025 by rpki-client