Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/fZeBGmIFJb3psryJsLgCWE40A20.roa
File: fZeBGmIFJb3psryJsLgCWE40A20.roa (raw, json)
Hash identifier: pC9XFyHyMAlc4l1cVX8FiXMsj2xNM5lS038KJechbTk=
Subject key identifier: 7D:97:81:1A:62:05:25:BD:E9:B2:BC:89:B0:B8:02:58:4E:34:03:6D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AE63975A818A83AAE2D9755170F4EA5A7
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/fZeBGmIFJb3psryJsLgCWE40A20.roa
Signing time: Sat 30 Sep 2023 13:13:59 +0000
ROA not before: Sat 30 Sep 2023 13:13:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e6:39:75:a8:18:a8:3a:ae:2d:97:55:17:0f:4e:a5:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 30 13:13:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7d97811a620525bde9b2bc89b0b802584e34036d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:af:99:77:f4:2a:9c:e4:cf:41:e7:96:70:cf:
2c:37:15:7a:85:1c:d0:2a:5d:87:c2:4b:75:61:c5:
63:3f:0d:a2:44:2a:0e:07:22:30:94:3c:a9:6d:37:
86:79:07:db:7d:3f:06:c7:8b:48:d1:8c:8b:98:70:
f0:2c:67:68:67:2a:12:c1:cd:f9:aa:d8:c3:de:54:
f1:52:e6:a2:fc:10:20:50:f8:37:5a:e4:29:6c:50:
5c:74:cd:59:79:b3:10:61:65:d2:ce:23:c1:c1:38:
8e:30:e5:67:f7:7a:fa:e4:e0:2f:99:25:13:44:ef:
c4:d2:aa:01:76:dd:70:54:66:c6:43:54:95:e9:41:
9a:3f:84:97:d3:b3:be:04:d2:77:d9:10:e0:75:53:
c2:d3:ab:d0:f1:cf:69:1d:42:63:a9:f4:a9:cc:2e:
e8:db:a8:57:72:12:53:ff:70:4b:66:78:f6:3f:c7:
c8:bf:bb:12:28:91:a4:19:ee:a1:4f:a8:c5:b2:f4:
ab:c9:d8:54:aa:b5:46:e6:d0:f4:93:eb:73:ad:90:
45:4f:e2:a5:04:af:10:cb:b3:8f:b2:f0:b1:94:03:
e3:c5:a8:09:8a:4f:0d:e3:16:5c:a4:98:1e:a8:5a:
03:eb:4c:40:96:f4:37:14:5f:4f:2e:e1:38:b7:b4:
27:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:97:81:1A:62:05:25:BD:E9:B2:BC:89:B0:B8:02:58:4E:34:03:6D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/fZeBGmIFJb3psryJsLgCWE40A20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3d:5d:5b:76:67:ba:f8:22:db:34:e1:18:a3:bf:73:4b:32:57:
ea:fb:02:c7:44:74:4c:d6:44:34:00:96:a0:c8:46:ee:09:87:
cd:91:ee:a1:55:8b:3a:34:1a:59:52:0b:91:e1:4c:24:2e:c6:
e4:c8:2c:72:5a:ab:0f:e7:2d:e4:14:7a:bf:f9:5b:98:71:ab:
73:25:04:e3:79:e7:9f:52:26:87:7f:32:86:3a:da:c2:d7:c9:
11:4c:af:db:5e:d0:cb:1c:69:c1:92:36:eb:35:39:2f:00:55:
06:5d:de:60:e8:b1:90:1d:c3:a5:f1:6e:f3:42:c3:9d:76:80:
0d:9e:89:eb:3c:fc:d8:02:98:b5:41:49:23:66:77:2a:ad:cd:
05:bd:5e:17:fb:78:1a:9b:2f:af:80:66:a3:c4:0b:3e:59:5a:
04:0d:7c:a2:d7:7e:f7:19:58:d2:63:d3:74:f9:5e:86:43:d1:
a4:e4:30:bd:b6:ec:44:fd:3e:f7:2a:62:41:84:e4:35:db:50:
cf:d9:47:da:91:42:2f:16:1c:74:bc:75:6b:70:98:6d:96:1b:
27:17:21:09:32:aa:7e:f6:6b:a5:b3:fa:09:a0:e9:15:66:b1:
d6:36:98:fa:2f:81:5f:a4:f6:ff:db:26:20:01:19:2e:49:51:
04:b2:ba:29
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrmOXWoGKg6ri2XVRcPTqWnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTMwMTMxMzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDk3ODExYTYyMDUyNWJkZTliMmJjODliMGI4MDI1ODRlMzQwMzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAta+Zd/QqnOTPQeeWcM8sNxV6hRzQ
Kl2Hwkt1YcVjPw2iRCoOByIwlDypbTeGeQfbfT8Gx4tI0YyLmHDwLGdoZyoSwc35
qtjD3lTxUuai/BAgUPg3WuQpbFBcdM1ZebMQYWXSziPBwTiOMOVn93r65OAvmSUT
RO/E0qoBdt1wVGbGQ1SV6UGaP4SX07O+BNJ32RDgdVPC06vQ8c9pHUJjqfSpzC7o
26hXchJT/3BLZnj2P8fIv7sSKJGkGe6hT6jFsvSrydhUqrVG5tD0k+tzrZBFT+Kl
BK8Qy7OPsvCxlAPjxagJik8N4xZcpJgeqFoD60xAlvQ3FF9PLuE4t7QnOwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH2XgRpiBSW96bK8ibC4AlhONANtMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZlplQkdtSUZKYjNwc3J5SnNMZ0NXRTQwQTIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD1dW3Znuvgi2zThGKO/
c0syV+r7AsdEdEzWRDQAlqDIRu4Jh82R7qFVizo0GllSC5HhTCQuxuTILHJaqw/n
LeQUer/5W5hxq3MlBON5559SJod/MoY62sLXyRFMr9te0MscacGSNus1OS8AVQZd
3mDosZAdw6XxbvNCw512gA2eies8/NgCmLVBSSNmdyqtzQW9Xhf7eBqbL6+AZqPE
Cz5ZWgQNfKLXfvcZWNJj03T5XoZD0aTkML227ET9PvcqYkGE5DXbUM/ZR9qRQi8W
HHS8dWtwmG2WGycXIQkyqn72a6Wz+gmg6RVmsdY2mPovgV+k9v/bJiABGS5JUQSy
uik=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:45:45 2025 by rpki-client