Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/lpeXNvpJXSbBYjoPjUludQKp_qg.roa
File: lpeXNvpJXSbBYjoPjUludQKp_qg.roa (raw, json)
Hash identifier: 3ATUJ5GBFKwnuFxUwyPFoiARWK23i9VNtn6GdXWne94=
Subject key identifier: 96:97:97:36:FA:49:5D:26:C1:62:3A:0F:8D:49:6E:75:02:A9:FE:A8
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C769FFF63EDA68A8F2DCB749EB0166328
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/lpeXNvpJXSbBYjoPjUludQKp_qg.roa
Signing time: Sun 17 Dec 2023 07:14:06 +0000
ROA not before: Sun 17 Dec 2023 07:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:76:9f:ff:63:ed:a6:8a:8f:2d:cb:74:9e:b0:16:63:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 17 07:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96979736fa495d26c1623a0f8d496e7502a9fea8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a6:25:c1:29:df:08:8a:62:72:58:3e:50:d0:
c2:fc:56:2b:d3:d7:77:1a:b6:e4:e5:94:2a:a2:d5:
84:09:b1:47:3b:35:bf:92:f9:17:dc:4d:25:af:72:
71:48:13:78:29:4d:c2:78:d3:b0:9f:5b:0d:33:10:
65:7b:5a:10:86:d5:0d:55:d7:9b:82:7a:38:48:a0:
d4:e7:4f:03:da:e8:a0:43:4c:51:a5:78:81:a9:b6:
b4:3e:f4:8e:12:ef:e0:41:a6:41:45:c6:70:25:a9:
c1:94:60:9a:c3:7a:ef:0b:c8:e3:46:5e:ae:f8:b1:
ef:17:d2:3c:3f:bf:3a:44:32:18:97:cb:ef:b1:5f:
c8:e7:aa:a3:fd:21:c2:10:bc:15:4a:ec:db:4f:b8:
e3:fb:cc:d6:74:1e:1b:a8:82:cb:90:01:ea:ee:d6:
4d:b7:a6:20:ae:95:bb:a1:f4:7f:2a:98:bc:03:95:
16:24:76:66:e7:0f:66:11:68:14:47:53:f5:27:87:
96:1d:f3:ae:ab:f0:1a:70:f8:d1:36:8e:05:51:3e:
8b:94:f6:90:d2:db:e4:23:e2:93:ea:51:e6:04:e6:
71:a4:b2:8f:c8:53:2e:54:a6:95:f4:c2:df:d1:57:
2e:86:de:da:1d:c9:56:16:ed:9d:3f:f7:5a:fd:67:
84:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:97:97:36:FA:49:5D:26:C1:62:3A:0F:8D:49:6E:75:02:A9:FE:A8
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/lpeXNvpJXSbBYjoPjUludQKp_qg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
22:c6:65:19:85:02:ca:d7:3a:2d:a4:ec:2e:93:c1:77:0f:3b:
16:a3:a4:4c:e2:59:21:b2:2b:8a:de:0d:bb:a9:25:d9:bf:5e:
48:65:d8:72:9e:3c:3a:09:0e:94:35:f1:6b:5c:b0:ea:4d:40:
28:57:6f:3c:db:6b:1e:1a:82:70:ca:e3:96:aa:ce:2a:f7:b4:
12:18:b3:01:b4:15:f3:1a:73:17:f5:e4:b9:d0:35:8e:b5:0e:
f9:50:f8:d7:bb:9d:48:30:54:37:39:ef:fe:37:d8:48:26:10:
83:e7:c4:f6:d4:a1:a6:26:7d:40:af:24:6b:04:60:27:13:e5:
da:7b:31:b7:b1:6b:71:03:0a:78:01:db:dd:be:b1:5c:30:4a:
0a:93:79:17:8a:90:31:27:ee:29:5e:11:5e:2c:2f:6e:cb:14:
09:ac:3e:bb:3a:5d:67:2b:73:28:3f:33:b8:f5:8a:81:58:6d:
4a:3f:54:ad:e5:c0:aa:1e:29:65:cb:4f:eb:1d:56:32:93:d0:
c6:01:c5:1b:4c:aa:1e:fc:52:22:db:82:e6:dd:77:6a:a3:ad:
d2:fe:cf:3e:0a:da:97:0c:fa:26:dd:fc:4e:1a:aa:a7:10:b8:
2d:9c:9c:05:47:53:f3:b4:eb:a3:32:a3:cf:37:d9:78:47:1e:
6b:1e:af:2c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYx2n/9j7aaKjy3LdJ6wFmMoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE3MDcxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Njk3OTczNmZhNDk1ZDI2YzE2MjNhMGY4ZDQ5NmU3NTAyYTlmZWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6YlwSnfCIpiclg+UNDC/FYr09d3
Grbk5ZQqotWECbFHOzW/kvkX3E0lr3JxSBN4KU3CeNOwn1sNMxBle1oQhtUNVdeb
gno4SKDU508D2uigQ0xRpXiBqba0PvSOEu/gQaZBRcZwJanBlGCaw3rvC8jjRl6u
+LHvF9I8P786RDIYl8vvsV/I56qj/SHCELwVSuzbT7jj+8zWdB4bqILLkAHq7tZN
t6YgrpW7ofR/Kpi8A5UWJHZm5w9mEWgUR1P1J4eWHfOuq/AacPjRNo4FUT6LlPaQ
0tvkI+KT6lHmBOZxpLKPyFMuVKaV9MLf0Vcuht7aHclWFu2dP/da/WeEJQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJaXlzb6SV0mwWI6D41JbnUCqf6oMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbHBlWE52cEpYU2JCWWpvUGpVbHVkUUtwX3FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACLGZRmFAsrXOi2k7C6T
wXcPOxajpEziWSGyK4reDbupJdm/Xkhl2HKePDoJDpQ18WtcsOpNQChXbzzbax4a
gnDK45aqzir3tBIYswG0FfMacxf15LnQNY61DvlQ+Ne7nUgwVDc57/432EgmEIPn
xPbUoaYmfUCvJGsEYCcT5dp7Mbexa3EDCngB292+sVwwSgqTeReKkDEn7ileEV4s
L27LFAmsPrs6XWcrcyg/M7j1ioFYbUo/VK3lwKoeKWXLT+sdVjKT0MYBxRtMqh78
UiLbgubdd2qjrdL+zz4K2pcM+ibd/E4aqqcQuC2cnAVHU/O066Myo8832XhHHmse
ryw=
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:12:06 2025 by rpki-client