Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/mr1Y2ju5Bhl550pov9EDGWdnCg4.roa
File: mr1Y2ju5Bhl550pov9EDGWdnCg4.roa (raw, json)
Hash identifier: eUgSkV2q54kl5lRCGlgzpBUSRniFWPqfzz45WkG95Q4=
Subject key identifier: 9A:BD:58:DA:3B:B9:06:19:79:E7:4A:68:BF:D1:03:19:67:67:0A:0E
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AC64236629FB715475A0F2440BD1B9F91
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/mr1Y2ju5Bhl550pov9EDGWdnCg4.roa
Signing time: Sun 24 Sep 2023 08:15:42 +0000
ROA not before: Sun 24 Sep 2023 08:15:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c6:42:36:62:9f:b7:15:47:5a:0f:24:40:bd:1b:9f:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 24 08:15:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9abd58da3bb9061979e74a68bfd1031967670a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:1d:f6:da:73:d4:2e:22:1b:d1:d1:8a:76:23:
61:e3:d1:37:c3:a8:ad:0c:73:fd:ec:b2:b0:2b:6d:
8c:71:70:cf:7b:7a:95:7a:0e:e7:1e:08:31:22:84:
0c:f5:86:bd:e4:3a:be:a4:5e:f0:77:47:df:96:b3:
4f:e7:60:dd:dc:f5:5a:bd:2e:ad:21:e6:93:0e:ce:
e4:db:f5:9a:2b:0a:35:57:c9:40:c4:85:24:31:59:
90:3a:94:8f:4f:82:17:32:cd:de:d9:cc:3f:38:56:
eb:a7:ca:4b:9b:9b:06:0e:4b:19:53:86:68:13:ba:
d4:3b:a9:e7:89:d2:15:70:96:16:be:33:48:d8:3d:
40:d4:80:f9:60:56:a7:28:80:f7:69:27:0f:52:92:
ce:96:6e:52:cf:5a:1b:d7:b0:e1:72:6c:d6:e8:9e:
e6:48:79:dd:e5:10:7d:35:5d:fc:64:66:20:85:4a:
80:26:28:0b:0a:99:d9:ef:1d:18:b4:ea:11:fb:a6:
f6:ef:f1:10:22:7c:80:58:eb:a1:64:1b:76:fe:a3:
23:fc:51:28:22:75:20:0f:50:62:c6:4e:5c:ed:f2:
85:df:23:05:e1:94:ef:09:8f:9e:13:61:d5:aa:a0:
24:6d:aa:4d:64:a4:af:f1:fb:25:5b:48:9f:47:a4:
80:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:BD:58:DA:3B:B9:06:19:79:E7:4A:68:BF:D1:03:19:67:67:0A:0E
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/mr1Y2ju5Bhl550pov9EDGWdnCg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0d:bd:0d:e6:d3:ec:8a:2b:1c:76:f1:a5:fc:fb:1b:91:70:82:
32:51:88:99:08:16:18:76:b7:78:3c:e8:10:62:fb:0b:d9:eb:
f5:40:5f:cd:5a:49:a2:79:f2:72:70:70:6c:41:14:88:da:a4:
28:2e:69:1b:d0:85:75:7d:ee:9c:37:07:6d:59:40:26:36:33:
e9:a2:eb:a5:8d:78:28:28:af:0c:db:31:51:06:91:43:3b:e9:
27:05:81:1a:71:9c:b2:73:2c:6e:4a:12:84:ee:fb:ce:d6:81:
95:62:2b:57:39:3d:90:41:09:54:82:67:30:ee:81:b3:1f:92:
cf:29:ec:b4:01:4b:48:22:2d:65:b3:17:a3:9f:8d:f6:32:a8:
c8:a3:b4:ca:91:ac:54:82:4a:95:1b:f0:a3:17:8a:e8:6f:10:
c1:06:ec:6b:03:b4:85:df:4f:9f:a3:72:24:29:4d:05:ca:19:
e4:e5:d6:9b:63:fd:74:e9:62:24:15:aa:73:1b:c3:37:b1:17:
4c:35:1c:ee:15:26:49:b8:c3:69:fe:19:7e:30:40:2d:bf:90:
5f:d7:fc:42:53:76:81:c9:2f:0b:29:32:eb:c9:55:9a:2d:9e:
42:f8:d3:d3:9c:19:6b:24:97:98:fd:63:13:d6:b4:e4:25:84:
0e:05:cf:4a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrGQjZin7cVR1oPJEC9G5+RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI0MDgxNTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWJkNThkYTNiYjkwNjE5NzllNzRhNjhiZmQxMDMxOTY3NjcwYTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoh322nPULiIb0dGKdiNh49E3w6it
DHP97LKwK22McXDPe3qVeg7nHggxIoQM9Ya95Dq+pF7wd0fflrNP52Dd3PVavS6t
IeaTDs7k2/WaKwo1V8lAxIUkMVmQOpSPT4IXMs3e2cw/OFbrp8pLm5sGDksZU4Zo
E7rUO6nnidIVcJYWvjNI2D1A1ID5YFanKID3aScPUpLOlm5Sz1ob17DhcmzW6J7m
SHnd5RB9NV38ZGYghUqAJigLCpnZ7x0YtOoR+6b27/EQInyAWOuhZBt2/qMj/FEo
InUgD1Bixk5c7fKF3yMF4ZTvCY+eE2HVqqAkbapNZKSv8fslW0ifR6SAJwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJq9WNo7uQYZeedKaL/RAxlnZwoOMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbXIxWTJqdTVCaGw1NTBwb3Y5RURHV2RuQ2c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA29DebT7IorHHbxpfz7
G5FwgjJRiJkIFhh2t3g86BBi+wvZ6/VAX81aSaJ58nJwcGxBFIjapCguaRvQhXV9
7pw3B21ZQCY2M+mi66WNeCgorwzbMVEGkUM76ScFgRpxnLJzLG5KEoTu+87WgZVi
K1c5PZBBCVSCZzDugbMfks8p7LQBS0giLWWzF6OfjfYyqMijtMqRrFSCSpUb8KMX
iuhvEMEG7GsDtIXfT5+jciQpTQXKGeTl1ptj/XTpYiQVqnMbwzexF0w1HO4VJkm4
w2n+GX4wQC2/kF/X/EJTdoHJLwspMuvJVZotnkL409OcGWskl5j9YxPWtOQlhA4F
z0o=
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:46:57 2025 by rpki-client