Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/fG4DJ1IDMmruvZenMmC1K6tdfco.roa
File: fG4DJ1IDMmruvZenMmC1K6tdfco.roa (raw, json)
Hash identifier: qj5wkpN+uLbinMm0rpVAGjLgRsIFwjpniDpE6qAu4TU=
Subject key identifier: 7C:6E:03:27:52:03:32:6A:EE:BD:97:A7:32:60:B5:2B:AB:5D:7D:CA
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C845C8A36ED74D727DFD04FB35807EDA1
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/fG4DJ1IDMmruvZenMmC1K6tdfco.roa
Signing time: Tue 19 Dec 2023 23:15:06 +0000
ROA not before: Tue 19 Dec 2023 23:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:84:5c:8a:36:ed:74:d7:27:df:d0:4f:b3:58:07:ed:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 19 23:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c6e03275203326aeebd97a73260b52bab5d7dca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:8a:e6:95:20:b7:05:21:ab:05:ec:56:24:c5:
65:c4:8d:75:34:78:70:46:88:d2:2f:e7:03:9e:4a:
66:e1:b5:1b:0f:d4:0c:10:fe:58:72:9a:28:f9:08:
03:32:73:06:4e:54:f9:2b:06:a1:31:50:55:18:3a:
55:31:5e:df:04:ff:68:b3:72:bd:28:99:28:3c:22:
89:4d:7d:b2:57:b7:25:f1:7c:fa:04:01:59:ff:72:
ea:45:eb:28:e4:f8:87:17:bb:51:fc:fe:bc:c7:b8:
aa:93:78:63:7b:23:26:09:af:5e:33:45:83:4e:36:
c5:79:59:dc:c0:4b:d6:68:ee:33:dd:ff:fb:7c:00:
52:90:be:4d:ce:3d:d2:4b:3e:8d:dc:d5:e6:10:26:
13:24:00:e8:f2:e8:f9:88:42:e7:d7:20:ef:e8:b6:
d9:96:b0:a8:a4:a8:fb:d0:b7:22:a8:96:50:8b:fe:
f4:b0:a3:ec:0c:57:87:f1:5c:86:67:10:01:4b:b3:
ba:7a:91:66:92:95:8d:2b:84:05:cf:61:fb:c9:1a:
da:3b:61:60:22:c7:3c:03:45:3c:8c:1f:bb:c1:72:
4d:ea:02:a5:0c:54:4c:cb:ed:29:13:28:26:32:c2:
cb:21:76:5f:f6:05:dc:36:30:aa:ff:5d:b6:a8:6c:
69:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:6E:03:27:52:03:32:6A:EE:BD:97:A7:32:60:B5:2B:AB:5D:7D:CA
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/fG4DJ1IDMmruvZenMmC1K6tdfco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
58:9b:d8:47:8c:c9:d6:a3:aa:f9:84:c7:76:dc:73:01:9a:87:
a4:08:d9:f6:9b:61:c7:e7:57:cb:e6:67:5e:0e:4c:48:1e:fa:
b5:c5:6f:f3:7d:db:23:b5:98:a0:32:d0:6e:e9:0e:3e:b8:cd:
bc:8c:29:87:2e:8e:9e:e7:99:20:1a:19:a1:72:88:14:93:14:
83:d0:39:33:a6:f6:43:a6:89:ef:74:2e:87:2e:c3:84:2b:ba:
9e:b6:4e:6c:42:19:55:1f:0e:40:ef:80:fb:79:2c:70:c0:9c:
7d:67:00:74:ca:67:e1:70:03:9f:12:93:08:a7:38:43:36:54:
15:eb:89:e6:f3:01:38:66:24:a1:2f:04:14:7b:3d:27:3f:f8:
59:74:16:64:14:b7:b0:b6:6c:a0:75:6a:0e:95:78:19:b8:c6:
43:c1:e4:6e:a4:1c:22:99:cb:7f:a9:74:57:f8:9a:91:32:c0:
5b:f8:30:05:04:5e:3d:91:76:dd:76:34:0a:a3:cf:67:c1:73:
c7:56:d1:d5:2c:68:ad:ed:f1:e3:8a:e0:dd:12:2c:e6:a9:39:
bd:e4:ac:8c:3a:f6:79:e4:95:2d:0d:6c:22:5a:bf:28:f9:89:
14:51:b5:65:03:ef:3a:b5:7d:3a:f0:fd:17:17:1f:1b:e6:d1:
c5:59:0b:f6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyEXIo27XTXJ9/QT7NYB+2hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE5MjMxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzZlMDMyNzUyMDMzMjZhZWViZDk3YTczMjYwYjUyYmFiNWQ3ZGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArormlSC3BSGrBexWJMVlxI11NHhw
RojSL+cDnkpm4bUbD9QMEP5Ycpoo+QgDMnMGTlT5KwahMVBVGDpVMV7fBP9os3K9
KJkoPCKJTX2yV7cl8Xz6BAFZ/3LqReso5PiHF7tR/P68x7iqk3hjeyMmCa9eM0WD
TjbFeVncwEvWaO4z3f/7fABSkL5Nzj3SSz6N3NXmECYTJADo8uj5iELn1yDv6LbZ
lrCopKj70LciqJZQi/70sKPsDFeH8VyGZxABS7O6epFmkpWNK4QFz2H7yRraO2Fg
Isc8A0U8jB+7wXJN6gKlDFRMy+0pEygmMsLLIXZf9gXcNjCq/122qGxpHwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHxuAydSAzJq7r2XpzJgtSurXX3KMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZkc0REoxSURNbXJ1dlplbk1tQzFLNnRkZmNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFib2EeMydajqvmEx3bc
cwGah6QI2fabYcfnV8vmZ14OTEge+rXFb/N92yO1mKAy0G7pDj64zbyMKYcujp7n
mSAaGaFyiBSTFIPQOTOm9kOmie90Locuw4Qrup62TmxCGVUfDkDvgPt5LHDAnH1n
AHTKZ+FwA58SkwinOEM2VBXriebzAThmJKEvBBR7PSc/+Fl0FmQUt7C2bKB1ag6V
eBm4xkPB5G6kHCKZy3+pdFf4mpEywFv4MAUEXj2Rdt12NAqjz2fBc8dW0dUsaK3t
8eOK4N0SLOapOb3krIw69nnklS0NbCJavyj5iRRRtWUD7zq1fTrw/RcXHxvm0cVZ
C/Y=
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:26:00 2025 by rpki-client