Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/lDAJlo5DaLnewunj3pgUOLr8CgM.roa
File: lDAJlo5DaLnewunj3pgUOLr8CgM.roa (raw, json)
Hash identifier: +rbfQcox8Oe2qiniu4e+p+jjFpRSpLSUtN4t9RcOlLc=
Subject key identifier: 94:30:09:96:8E:43:68:B9:DE:C2:E9:E3:DE:98:14:38:BA:FC:0A:03
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B94E0EC6D698C90654CCEB8A3777E39EF
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/lDAJlo5DaLnewunj3pgUOLr8CgM.roa
Signing time: Fri 03 Nov 2023 11:10:50 +0000
ROA not before: Fri 03 Nov 2023 11:10:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18b:94db:249a/128 maxlen: 128
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:94:e0:ec:6d:69:8c:90:65:4c:ce:b8:a3:77:7e:39:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 3 11:10:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=943009968e4368b9dec2e9e3de981438bafc0a03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d4:32:86:67:01:95:db:2f:41:d5:ea:84:39:
25:90:7d:6c:cb:95:4f:99:39:47:54:7d:78:98:4f:
50:39:84:b2:ab:cc:b3:56:63:a3:ea:79:70:65:37:
1d:89:cc:43:f2:9b:cf:94:c3:ad:b8:1c:76:69:2e:
76:84:a4:00:fe:1e:cb:58:04:aa:75:d8:7d:46:94:
10:93:8a:b8:1f:62:6e:a8:e4:17:1e:e5:99:12:d0:
5f:71:44:f9:ea:09:65:99:e7:ca:9f:53:cb:0a:57:
18:5e:8a:38:cb:87:80:03:58:3a:ec:4c:7c:6d:72:
07:cf:fa:a4:92:d9:06:f9:2a:8d:b2:9b:e7:fa:e7:
9f:80:14:71:c4:cd:01:64:29:d2:ef:45:34:0c:9f:
d1:db:88:55:b0:83:4e:37:4c:b3:a1:53:36:cd:70:
07:46:fb:ed:94:31:99:28:14:03:2e:99:a1:c9:4f:
39:42:f6:d6:5a:10:bb:85:d3:6e:60:46:db:62:8e:
c5:c4:e7:13:53:cf:40:06:fd:86:c8:2d:41:ce:9b:
25:9b:a9:88:22:7e:fe:18:98:8c:1b:6b:0b:ca:71:
39:49:d3:3c:53:9a:2e:f1:48:74:3c:96:45:68:1e:
97:d6:4e:39:72:c1:0a:4e:33:b8:06:a1:03:97:7b:
db:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:30:09:96:8E:43:68:B9:DE:C2:E9:E3:DE:98:14:38:BA:FC:0A:03
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/lDAJlo5DaLnewunj3pgUOLr8CgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
96:f4:f7:6a:e7:b5:c3:f8:f7:03:2c:dd:d3:14:69:c8:8b:ca:
e1:21:f4:90:9a:86:2a:96:ab:d6:65:e8:f4:87:23:14:16:df:
74:3d:e6:81:80:e5:67:a9:f3:b7:72:22:70:b5:32:74:37:52:
00:d9:42:8a:d1:6b:a2:57:67:99:25:e1:4a:a2:d5:03:69:d3:
ae:3e:bc:a0:3d:01:13:3b:08:5a:59:20:7a:91:54:9b:fe:f8:
85:bb:86:4f:f4:f9:74:cc:31:bc:6f:ff:85:7a:a3:dc:87:89:
70:43:0e:11:74:ea:d8:54:6f:80:b1:af:b7:2f:fe:aa:65:ab:
ed:5e:33:da:e9:10:bd:cd:eb:fd:db:aa:6b:a7:17:e4:41:09:
08:71:74:7b:34:a2:85:95:65:4c:89:ec:cb:2d:31:87:47:a9:
18:09:1f:00:c7:e6:96:ab:85:7a:86:cc:ec:11:10:5f:78:5d:
c7:7d:c9:ff:7c:9a:f9:0e:a4:6d:92:0c:7b:aa:62:8b:8f:7e:
47:dc:79:c3:78:e4:60:a5:9a:39:0a:17:ad:f5:8b:de:fe:92:
67:2e:5e:e7:f0:19:63:2e:57:4e:5d:2a:f1:0c:c3:d9:71:23:
c7:fe:41:b7:81:f1:4d:59:f1:ca:ef:1f:67:ac:89:dc:c6:db:
24:33:4e:44
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuU4OxtaYyQZUzOuKN3fjnvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTAzMTExMDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDMwMDk5NjhlNDM2OGI5ZGVjMmU5ZTNkZTk4MTQzOGJhZmMwYTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNQyhmcBldsvQdXqhDklkH1sy5VP
mTlHVH14mE9QOYSyq8yzVmOj6nlwZTcdicxD8pvPlMOtuBx2aS52hKQA/h7LWASq
ddh9RpQQk4q4H2JuqOQXHuWZEtBfcUT56gllmefKn1PLClcYXoo4y4eAA1g67Ex8
bXIHz/qkktkG+SqNspvn+uefgBRxxM0BZCnS70U0DJ/R24hVsINON0yzoVM2zXAH
RvvtlDGZKBQDLpmhyU85QvbWWhC7hdNuYEbbYo7FxOcTU89ABv2GyC1Bzpslm6mI
In7+GJiMG2sLynE5SdM8U5ou8Uh0PJZFaB6X1k45csEKTjO4BqEDl3vbuQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJQwCZaOQ2i53sLp496YFDi6/AoDMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbERBSmxvNURhTG5ld3VuajNwZ1VPTHI4Q2dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJb092rntcP49wMs3dMU
aciLyuEh9JCahiqWq9Zl6PSHIxQW33Q95oGA5Wep87dyInC1MnQ3UgDZQorRa6JX
Z5kl4Uqi1QNp064+vKA9ARM7CFpZIHqRVJv++IW7hk/0+XTMMbxv/4V6o9yHiXBD
DhF06thUb4Cxr7cv/qplq+1eM9rpEL3N6/3bqmunF+RBCQhxdHs0ooWVZUyJ7Mst
MYdHqRgJHwDH5parhXqGzOwREF94Xcd9yf98mvkOpG2SDHuqYouPfkfcecN45GCl
mjkKF631i97+kmcuXufwGWMuV05dKvEMw9lxI8f+QbeB8U1Z8crvH2esidzG2yQz
TkQ=
-----END CERTIFICATE-----
Generated at Sun Apr 20 19:32:34 2025 by rpki-client