Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/fbfXAEKHNI1u0KrkQWp2Ly8JueA.roa
File: fbfXAEKHNI1u0KrkQWp2Ly8JueA.roa (raw, json)
Hash identifier: SGYFFexv+trXXFTJZJui0BOHe3h4Zq+H+b7Z9/aZQnU=
Subject key identifier: 7D:B7:D7:00:42:87:34:8D:6E:D0:AA:E4:41:6A:76:2F:2F:09:B9:E0
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C601916E34B8F08EBADEFA5F4AD37EC49
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/fbfXAEKHNI1u0KrkQWp2Ly8JueA.roa
Signing time: Tue 12 Dec 2023 22:15:06 +0000
ROA not before: Tue 12 Dec 2023 22:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:60:19:16:e3:4b:8f:08:eb:ad:ef:a5:f4:ad:37:ec:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 12 22:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7db7d7004287348d6ed0aae4416a762f2f09b9e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:f7:13:13:8c:45:54:69:af:bf:04:b9:e7:34:
8f:d9:53:5e:5f:a7:f0:26:3d:82:cd:7f:80:35:6a:
2d:f6:01:f4:59:11:d9:e3:78:69:fc:e7:2c:ba:72:
cf:2e:b6:52:64:39:0b:f1:d6:37:90:26:fa:c0:a4:
e0:3b:ca:06:01:ed:fa:3f:54:34:26:76:e1:09:47:
86:e5:c7:e8:f6:5e:b5:e4:00:6d:cb:8f:c2:34:c1:
ba:09:a2:1b:1b:51:8d:cd:7f:04:bd:5e:54:85:2c:
d3:aa:35:d5:50:ee:e3:7b:5e:2a:b8:b7:0f:37:76:
c6:11:d8:12:38:92:93:ab:c3:c4:94:5e:79:84:73:
07:34:67:20:84:16:ce:e5:c9:9a:fe:e8:7a:03:41:
51:57:1d:14:d1:2b:0f:e1:0a:cb:7d:5e:2d:cb:7e:
27:86:53:58:de:9a:8c:f2:ae:6a:16:de:84:64:13:
95:25:44:4f:d8:06:50:0e:14:6c:85:42:0f:4b:97:
27:b4:a9:b1:b9:27:2c:8c:ff:a0:8c:39:6b:4f:bc:
4b:c1:73:21:e7:33:9c:e1:cd:f8:79:74:1d:f2:c4:
3e:2f:7f:61:1b:74:f1:0a:04:a5:e8:29:4d:99:c8:
22:a7:98:a0:aa:b4:e5:4f:f4:6b:81:89:40:12:5b:
c0:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:B7:D7:00:42:87:34:8D:6E:D0:AA:E4:41:6A:76:2F:2F:09:B9:E0
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/fbfXAEKHNI1u0KrkQWp2Ly8JueA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b7:a0:7c:0a:c2:e4:fe:b5:26:02:c2:66:b8:9e:d2:8c:dc:ed:
38:01:ed:47:44:8e:4c:ab:65:17:37:de:a7:2f:00:88:75:b3:
26:85:eb:27:4c:66:ad:28:18:0a:52:cb:30:d5:e1:ae:bc:e0:
58:71:32:8e:a7:ba:36:e8:95:bf:15:89:cc:b9:97:e4:8d:bd:
f6:86:20:db:92:c7:d7:f0:ad:75:92:b1:22:b3:ae:1c:48:f4:
21:3d:5e:4a:18:a8:5a:13:c0:fb:c0:21:c7:f5:95:e5:62:fd:
dc:fb:53:16:6d:83:61:98:8f:34:40:fc:00:86:4b:05:cd:14:
b0:e9:dc:b3:8b:ad:3f:c4:d6:15:ce:e4:ec:d8:ad:6e:f4:93:
15:9e:97:84:70:21:59:52:0c:b2:a5:2d:d9:47:28:b4:8c:b6:
9f:01:8d:25:1d:56:aa:88:1d:8c:fd:e1:d0:18:f6:cc:ac:c9:
98:c3:5e:54:20:5e:74:59:e3:9a:2c:52:23:87:02:f5:44:2c:
b1:3e:67:ca:95:3f:e1:d3:36:50:82:5c:7f:ee:24:2c:82:68:
3c:2a:b5:f6:72:83:13:5e:6c:ff:57:39:de:ee:47:4d:c3:0c:
22:7f:42:09:22:ac:d8:c5:58:0d:4f:d4:92:ef:80:c7:0d:1c:
18:c2:1c:dc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxgGRbjS48I663vpfStN+xJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjEyMjIxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGI3ZDcwMDQyODczNDhkNmVkMGFhZTQ0MTZhNzYyZjJmMDliOWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPcTE4xFVGmvvwS55zSP2VNeX6fw
Jj2CzX+ANWot9gH0WRHZ43hp/OcsunLPLrZSZDkL8dY3kCb6wKTgO8oGAe36P1Q0
JnbhCUeG5cfo9l615ABty4/CNMG6CaIbG1GNzX8EvV5UhSzTqjXVUO7je14quLcP
N3bGEdgSOJKTq8PElF55hHMHNGcghBbO5cma/uh6A0FRVx0U0SsP4QrLfV4ty34n
hlNY3pqM8q5qFt6EZBOVJURP2AZQDhRshUIPS5cntKmxuScsjP+gjDlrT7xLwXMh
5zOc4c34eXQd8sQ+L39hG3TxCgSl6ClNmcgip5igqrTlT/RrgYlAElvABwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH231wBChzSNbtCq5EFqdi8vCbngMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZmJmWEFFS0hOSTF1MEtya1FXcDJMeThKdWVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALegfArC5P61JgLCZrie
0ozc7TgB7UdEjkyrZRc33qcvAIh1syaF6ydMZq0oGApSyzDV4a684FhxMo6nujbo
lb8Vicy5l+SNvfaGINuSx9fwrXWSsSKzrhxI9CE9XkoYqFoTwPvAIcf1leVi/dz7
UxZtg2GYjzRA/ACGSwXNFLDp3LOLrT/E1hXO5OzYrW70kxWel4RwIVlSDLKlLdlH
KLSMtp8BjSUdVqqIHYz94dAY9sysyZjDXlQgXnRZ45osUiOHAvVELLE+Z8qVP+HT
NlCCXH/uJCyCaDwqtfZygxNebP9XOd7uR03DDCJ/QgkirNjFWA1P1JLvgMcNHBjC
HNw=
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:49:06 2025 by rpki-client