Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pFOp3n_Ty-pW-RWYweRcRxLOblo.roa
File: pFOp3n_Ty-pW-RWYweRcRxLOblo.roa (raw, json)
Hash identifier: 8ggfLTajT4DhaNHrWMbX9CAbjMRdZ9yXOXzVATX0c7M=
Subject key identifier: A4:53:A9:DE:7F:D3:CB:EA:56:F9:15:98:C1:E4:5C:47:12:CE:6E:5A
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B39B10D590A3E0D4D9902AE3CDD6D228E
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pFOp3n_Ty-pW-RWYweRcRxLOblo.roa
Signing time: Mon 16 Oct 2023 18:13:06 +0000
ROA not before: Mon 16 Oct 2023 18:13:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:39:b1:0d:59:0a:3e:0d:4d:99:02:ae:3c:dd:6d:22:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 16 18:13:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a453a9de7fd3cbea56f91598c1e45c4712ce6e5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b7:21:bd:9b:a9:29:04:5d:db:2d:44:df:47:
0f:bb:cb:b8:82:25:6f:f3:67:06:c1:ab:07:9b:79:
8b:6d:c2:fb:60:79:5f:49:83:27:d4:02:64:a2:ac:
11:e6:a9:07:35:88:5b:d9:7e:7d:8d:f5:23:2c:8a:
be:ba:23:f3:4b:49:78:d7:5a:8c:42:a7:7a:e6:c6:
31:9a:62:fb:2b:b2:87:ca:82:a7:5d:30:f4:15:9a:
58:d9:e8:e2:cf:44:d1:e1:a6:3c:e3:48:50:a3:81:
7d:b6:4f:e1:04:ca:31:f0:48:5c:4e:4e:93:4f:35:
36:39:9a:20:43:d0:05:c5:3f:3f:32:f3:05:94:d2:
e2:c2:55:df:37:21:fb:f5:6c:33:86:ec:06:68:9c:
c5:d9:15:ff:98:80:63:2a:b3:f7:22:fb:38:e7:aa:
58:f9:1d:df:87:92:87:84:fc:74:f9:8c:18:ee:78:
87:67:23:5c:b9:71:71:a4:15:a7:70:e9:b4:bd:1d:
86:8c:5f:93:40:53:f3:ba:67:cb:ca:6a:82:23:aa:
d1:d5:d2:3b:a9:9d:84:e6:f2:e2:5e:f0:43:0b:3e:
6e:b0:a7:80:b5:e9:d4:df:77:e2:9a:2b:4d:92:f8:
f2:75:84:63:50:e8:cf:84:83:f7:71:01:0c:32:46:
d5:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:53:A9:DE:7F:D3:CB:EA:56:F9:15:98:C1:E4:5C:47:12:CE:6E:5A
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pFOp3n_Ty-pW-RWYweRcRxLOblo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b4:52:ad:c7:9f:95:03:9e:68:af:2b:3a:0a:c4:9e:ce:f5:f1:
97:09:fe:b7:c8:d2:be:56:f8:84:f8:ac:74:f7:4b:f6:5b:30:
30:e2:da:53:82:75:0d:00:9f:41:fe:6c:e5:da:6c:90:12:dc:
3c:d4:46:63:00:6a:af:63:dc:65:70:b5:fa:aa:50:5e:69:1f:
da:ec:0e:e9:bc:f3:24:a3:97:0f:3e:81:60:e2:8c:1f:b6:4f:
03:8e:f7:cd:ca:77:1d:b6:ba:33:4b:fc:c3:4e:69:9a:11:b9:
90:a3:e2:f2:d5:5e:fb:f1:f2:af:74:ad:ea:4b:91:8b:2f:0f:
b6:67:4c:ba:32:47:c1:ea:eb:70:42:5d:02:36:2c:3d:80:ac:
1b:23:3c:86:3f:90:97:3d:7e:74:22:7c:6f:2a:c0:11:46:81:
f5:8c:21:31:16:63:34:96:af:0b:5d:45:e9:30:28:fc:d0:8e:
4d:15:8a:f0:8d:68:60:24:62:d3:4d:e9:b0:2c:2d:d5:d9:ac:
8d:34:68:7c:93:c0:5b:40:76:05:a3:63:41:1f:ae:dc:44:f4:
c5:a0:61:dc:24:a4:19:6f:cb:77:33:f8:da:9b:9f:9a:b0:1b:
e0:71:82:dc:29:29:d3:ff:ac:f7:2d:17:50:b6:2e:46:58:09:
01:11:83:bc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYs5sQ1ZCj4NTZkCrjzdbSKOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE2MTgxMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDUzYTlkZTdmZDNjYmVhNTZmOTE1OThjMWU0NWM0NzEyY2U2ZTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0LchvZupKQRd2y1E30cPu8u4giVv
82cGwasHm3mLbcL7YHlfSYMn1AJkoqwR5qkHNYhb2X59jfUjLIq+uiPzS0l411qM
Qqd65sYxmmL7K7KHyoKnXTD0FZpY2ejiz0TR4aY840hQo4F9tk/hBMox8EhcTk6T
TzU2OZogQ9AFxT8/MvMFlNLiwlXfNyH79WwzhuwGaJzF2RX/mIBjKrP3Ivs456pY
+R3fh5KHhPx0+YwY7niHZyNcuXFxpBWncOm0vR2GjF+TQFPzumfLymqCI6rR1dI7
qZ2E5vLiXvBDCz5usKeAtenU33fimitNkvjydYRjUOjPhIP3cQEMMkbV8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKRTqd5/08vqVvkVmMHkXEcSzm5aMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvcEZPcDNuX1R5LXBXLVJXWXdlUmNSeExPYmxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALRSrceflQOeaK8rOgrE
ns718ZcJ/rfI0r5W+IT4rHT3S/ZbMDDi2lOCdQ0An0H+bOXabJAS3DzURmMAaq9j
3GVwtfqqUF5pH9rsDum88ySjlw8+gWDijB+2TwOO983Kdx22ujNL/MNOaZoRuZCj
4vLVXvvx8q90repLkYsvD7ZnTLoyR8Hq63BCXQI2LD2ArBsjPIY/kJc9fnQifG8q
wBFGgfWMITEWYzSWrwtdRekwKPzQjk0VivCNaGAkYtNN6bAsLdXZrI00aHyTwFtA
dgWjY0EfrtxE9MWgYdwkpBlvy3cz+Nqbn5qwG+BxgtwpKdP/rPctF1C2LkZYCQER
g7w=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:55:57 2025 by rpki-client