Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/i_z74XNA6B_wUPmhdrK5QzqycpA.roa
File: i_z74XNA6B_wUPmhdrK5QzqycpA.roa (raw, json)
Hash identifier: NTZuIHWsUcTOTnXwwjnbOpIJYrvtwM+o32mPRclzGE8=
Subject key identifier: 8B:FC:FB:E1:73:40:E8:1F:F0:50:F9:A1:76:B2:B9:43:3A:B2:72:90
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AE4EFDEB99BE38100A04850DD1E2506A6
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/i_z74XNA6B_wUPmhdrK5QzqycpA.roa
Signing time: Sat 30 Sep 2023 07:13:59 +0000
ROA not before: Sat 30 Sep 2023 07:13:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e4:ef:de:b9:9b:e3:81:00:a0:48:50:dd:1e:25:06:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 30 07:13:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8bfcfbe17340e81ff050f9a176b2b9433ab27290
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:65:4e:45:b1:ac:6f:1e:50:9e:57:70:ea:c6:
69:5b:2d:5b:8d:25:dc:a8:a6:be:f2:1a:2b:d8:01:
f3:5b:de:dc:7c:f7:4d:6e:83:38:32:72:b2:88:92:
f7:f8:10:4a:2f:63:5e:7b:a0:39:b9:40:fe:18:c6:
ea:13:50:75:9d:9c:00:21:54:a7:da:17:6c:4e:b1:
28:86:f3:34:27:ac:f8:cf:ff:8d:7b:e3:66:93:f5:
5e:93:42:e2:c5:7a:b0:52:d1:35:7d:b9:90:9a:dd:
b1:d5:11:7a:df:96:bd:12:8d:5d:28:32:71:85:65:
c7:e0:4a:ff:3c:7a:32:8f:62:fb:a2:ba:36:b2:06:
61:c3:6b:c2:bd:39:db:a3:fa:b0:24:a4:0b:44:3d:
25:81:0a:34:04:01:85:54:73:7f:b8:0b:09:c0:4f:
d7:7d:40:15:f0:a0:9b:2c:b8:31:0a:b6:45:b2:4a:
dd:e1:aa:50:d0:eb:67:66:85:c2:83:41:65:f7:44:
58:db:94:a3:ae:19:66:8b:e5:c9:b2:5e:89:01:04:
ea:86:92:40:32:d1:cd:af:d9:37:2a:79:9e:57:b2:
20:67:cc:d8:95:16:51:58:73:3c:74:02:f8:4a:72:
4c:e4:79:b9:a3:15:fa:00:d4:e3:e6:c6:00:f9:13:
d9:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:FC:FB:E1:73:40:E8:1F:F0:50:F9:A1:76:B2:B9:43:3A:B2:72:90
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/i_z74XNA6B_wUPmhdrK5QzqycpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1b:38:dc:9e:1a:f0:a6:b3:ce:8d:8a:0c:b5:24:24:37:38:7c:
64:41:ff:be:e7:64:17:36:97:d7:d4:e0:ee:c9:ef:21:90:32:
93:ac:61:56:05:60:c0:8e:47:3b:83:f0:2d:7a:a5:b3:6c:80:
31:1a:60:a1:cb:fa:c9:d9:73:dc:c9:b0:0b:b5:9d:c6:80:02:
59:bd:9c:6b:3d:1e:b6:e7:ff:31:33:19:ee:5f:23:b3:de:8d:
36:84:55:69:f5:37:6c:55:73:cd:45:cd:f3:e6:b6:e8:1e:97:
f9:25:6a:22:d0:df:9a:35:16:c2:9d:2f:12:72:f1:d3:a2:f9:
5f:f3:67:6f:ce:c4:45:e9:dc:da:b9:e6:69:0d:67:e4:9b:61:
e9:49:2c:91:da:c8:e0:49:ac:90:f0:96:54:70:54:48:05:64:
e9:0f:bd:52:78:5f:5b:84:44:dd:81:a1:65:c3:af:67:e6:f7:
48:9b:31:e0:66:5f:fb:2c:27:87:bc:7c:8a:d9:f9:3b:f8:09:
dd:6d:81:4e:4d:93:f4:d4:d7:47:79:ac:39:6e:9d:dd:24:3b:
34:f0:c9:d2:fc:1c:d7:c0:c7:2f:dd:e1:d2:15:7d:b9:13:3c:
25:f2:8b:fa:20:91:58:ec:55:9f:19:e7:cd:07:1d:82:6d:7e:
c5:ed:c2:07
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrk7965m+OBAKBIUN0eJQamMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTMwMDcxMzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmZjZmJlMTczNDBlODFmZjA1MGY5YTE3NmIyYjk0MzNhYjI3MjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGVORbGsbx5Qnldw6sZpWy1bjSXc
qKa+8hor2AHzW97cfPdNboM4MnKyiJL3+BBKL2Nee6A5uUD+GMbqE1B1nZwAIVSn
2hdsTrEohvM0J6z4z/+Ne+Nmk/Vek0LixXqwUtE1fbmQmt2x1RF635a9Eo1dKDJx
hWXH4Er/PHoyj2L7oro2sgZhw2vCvTnbo/qwJKQLRD0lgQo0BAGFVHN/uAsJwE/X
fUAV8KCbLLgxCrZFskrd4apQ0OtnZoXCg0Fl90RY25Sjrhlmi+XJsl6JAQTqhpJA
MtHNr9k3KnmeV7IgZ8zYlRZRWHM8dAL4SnJM5Hm5oxX6ANTj5sYA+RPZ2wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIv8++FzQOgf8FD5oXayuUM6snKQMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvaV96NzRYTkE2Ql93VVBtaGRySzVRenF5Y3BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABs43J4a8Kazzo2KDLUk
JDc4fGRB/77nZBc2l9fU4O7J7yGQMpOsYVYFYMCORzuD8C16pbNsgDEaYKHL+snZ
c9zJsAu1ncaAAlm9nGs9Hrbn/zEzGe5fI7PejTaEVWn1N2xVc81FzfPmtugel/kl
aiLQ35o1FsKdLxJy8dOi+V/zZ2/OxEXp3Nq55mkNZ+SbYelJLJHayOBJrJDwllRw
VEgFZOkPvVJ4X1uERN2BoWXDr2fm90ibMeBmX/ssJ4e8fIrZ+Tv4Cd1tgU5Nk/TU
10d5rDlund0kOzTwydL8HNfAxy/d4dIVfbkTPCXyi/ogkVjsVZ8Z580HHYJtfsXt
wgc=
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:25:54 2025 by rpki-client