Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/fdradtuLHf-TqT9B3vNnx2OpWQ8.roa
File: fdradtuLHf-TqT9B3vNnx2OpWQ8.roa (raw, json)
Hash identifier: Dsr5+rbXZ5FaiLZhTB82zD/lXT8kJZU3BNuzgOUyDAs=
Subject key identifier: 7D:DA:DA:76:DB:8B:1D:FF:93:A9:3F:41:DE:F3:67:C7:63:A9:59:0F
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AF9190F3A38648C7ECA33CD96BE146352
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/fdradtuLHf-TqT9B3vNnx2OpWQ8.roa
Signing time: Wed 04 Oct 2023 05:11:23 +0000
ROA not before: Wed 04 Oct 2023 05:11:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f9:19:0f:3a:38:64:8c:7e:ca:33:cd:96:be:14:63:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 4 05:11:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7ddada76db8b1dff93a93f41def367c763a9590f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:cb:e2:3e:9c:70:ed:0f:31:ab:19:e8:20:2f:
ad:d6:65:f6:08:dc:21:b5:76:42:9a:c9:fd:2f:bd:
63:f2:28:db:d2:8f:cc:e4:84:2f:2e:e6:50:34:43:
13:e7:32:9a:42:b4:71:21:2f:1c:73:2f:51:cd:6c:
25:cf:2a:86:20:21:7f:ec:26:a8:83:6e:ef:8c:cb:
9e:36:4e:bb:75:26:82:f4:07:1d:d8:f9:a8:28:c5:
37:17:e6:ff:84:60:46:58:c2:ca:23:6a:32:c3:58:
a9:23:68:2a:f7:12:04:01:f9:8b:8e:0b:ef:cf:9e:
66:d9:e2:fc:0d:1f:2b:aa:37:62:9a:f5:ec:17:b1:
1c:16:5a:c7:bd:3f:eb:cb:7e:ec:72:f7:6b:0b:31:
6d:cf:29:fc:0f:88:b7:36:eb:c0:5a:1c:25:d4:57:
71:40:d0:4f:0e:5c:1b:f5:86:b3:a2:6e:be:12:f5:
86:dc:00:b3:89:75:f8:da:18:55:ad:81:06:c3:b2:
09:86:89:27:1a:9c:ed:0a:bf:f0:fa:4b:63:8b:2f:
5e:a8:3c:57:13:38:98:3c:0b:5c:8c:36:45:e1:1c:
b3:a7:c1:ba:c5:ab:6e:3b:0b:78:5a:9a:75:51:46:
3a:d4:8c:98:ac:0f:af:3a:17:3b:96:24:01:ab:de:
18:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:DA:DA:76:DB:8B:1D:FF:93:A9:3F:41:DE:F3:67:C7:63:A9:59:0F
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/fdradtuLHf-TqT9B3vNnx2OpWQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2a:6c:d6:d4:b6:12:31:e2:3b:2d:0e:9e:d3:02:d0:3e:22:42:
67:57:09:75:92:ab:01:01:bc:75:d2:d3:20:bf:fd:4c:8d:a1:
b9:85:ff:8f:77:9c:77:60:60:76:13:54:20:6e:5b:07:cc:54:
26:45:d5:0c:89:38:ce:ed:9a:fc:3a:7b:d7:a3:1b:5c:f7:89:
7b:50:24:9e:a0:f5:3e:89:89:78:f6:d5:61:4a:2a:3b:a2:80:
7d:6c:01:97:e6:10:1c:9b:8d:b2:d0:14:b8:8a:f8:7f:70:ac:
36:fb:eb:61:d9:c2:57:3a:e3:0e:80:a4:1a:7c:d3:26:fd:89:
ef:9a:b9:2b:7e:51:6c:aa:5e:8d:84:87:30:6b:be:5c:23:41:
7f:4b:99:72:b7:b5:75:8f:b2:5e:7c:f7:5a:73:12:bc:bc:40:
bd:8c:d3:39:f6:c2:d4:dc:b5:20:39:49:af:67:69:45:2b:08:
f3:0f:93:b1:e0:23:0b:ac:d8:9d:07:92:90:32:7e:a2:f4:ab:
ae:62:ab:37:ec:38:eb:75:55:74:09:d3:9f:bb:5a:6c:d3:9b:
62:d5:00:4c:79:9d:ce:57:d9:c3:f9:41:ce:e0:51:c9:37:ab:
04:55:47:a1:46:dd:75:79:6e:17:ac:49:af:d2:75:93:d3:71:
15:dd:2e:0e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYr5GQ86OGSMfsozzZa+FGNSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA0MDUxMTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGRhZGE3NmRiOGIxZGZmOTNhOTNmNDFkZWYzNjdjNzYzYTk1OTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsviPpxw7Q8xqxnoIC+t1mX2CNwh
tXZCmsn9L71j8ijb0o/M5IQvLuZQNEMT5zKaQrRxIS8ccy9RzWwlzyqGICF/7Cao
g27vjMueNk67dSaC9Acd2PmoKMU3F+b/hGBGWMLKI2oyw1ipI2gq9xIEAfmLjgvv
z55m2eL8DR8rqjdimvXsF7EcFlrHvT/ry37scvdrCzFtzyn8D4i3NuvAWhwl1Fdx
QNBPDlwb9Yazom6+EvWG3ACziXX42hhVrYEGw7IJhoknGpztCr/w+ktjiy9eqDxX
EziYPAtcjDZF4Ryzp8G6xatuOwt4Wpp1UUY61IyYrA+vOhc7liQBq94YowIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH3a2nbbix3/k6k/Qd7zZ8djqVkPMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZmRyYWR0dUxIZi1UcVQ5QjN2Tm54Mk9wV1E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACps1tS2EjHiOy0OntMC
0D4iQmdXCXWSqwEBvHXS0yC//UyNobmF/493nHdgYHYTVCBuWwfMVCZF1QyJOM7t
mvw6e9ejG1z3iXtQJJ6g9T6JiXj21WFKKjuigH1sAZfmEBybjbLQFLiK+H9wrDb7
62HZwlc64w6ApBp80yb9ie+auSt+UWyqXo2EhzBrvlwjQX9LmXK3tXWPsl5891pz
Ery8QL2M0zn2wtTctSA5Sa9naUUrCPMPk7HgIwus2J0HkpAyfqL0q65iqzfsOOt1
VXQJ05+7WmzTm2LVAEx5nc5X2cP5Qc7gUck3qwRVR6FG3XV5bhesSa/SdZPTcRXd
Lg4=
-----END CERTIFICATE-----
Generated at Tue Apr 22 00:54:33 2025 by rpki-client