Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pODRwfsbrEgD9Of9KvnXkDEPgc8.roa
File: pODRwfsbrEgD9Of9KvnXkDEPgc8.roa (raw, json)
Hash identifier: 9ZExLLxn6wP+l+Gneiy0Yo7x1BHr1Rlkk5tXzm5cne0=
Subject key identifier: A4:E0:D1:C1:FB:1B:AC:48:03:F4:E7:FD:2A:F9:D7:90:31:0F:81:CF
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B54BA96717897746C9E87CB9E7A466D1C
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pODRwfsbrEgD9Of9KvnXkDEPgc8.roa
Signing time: Sun 22 Oct 2023 00:13:16 +0000
ROA not before: Sun 22 Oct 2023 00:13:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:54:ba:96:71:78:97:74:6c:9e:87:cb:9e:7a:46:6d:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 22 00:13:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4e0d1c1fb1bac4803f4e7fd2af9d790310f81cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:84:48:72:51:7a:34:55:ba:49:9e:57:b6:85:
56:0c:0f:c3:46:d2:02:89:51:3c:11:7a:07:0a:d5:
f8:6f:c3:13:f5:77:4b:e8:59:7f:4a:22:58:0e:2b:
95:b9:8d:1d:dc:38:4b:37:fb:e0:46:a7:49:eb:3e:
0a:ac:4b:81:9e:ed:2d:c7:4e:e5:a0:1c:bd:fd:24:
b5:8f:fd:f6:c4:24:c1:c6:3f:15:1a:f2:0f:08:18:
1e:62:f7:a7:77:28:f7:4c:14:35:6c:9a:0c:e5:c8:
e1:69:7c:11:bc:3a:2c:3c:10:20:44:ef:aa:3d:b1:
a1:b8:e6:df:fe:10:de:ff:11:4f:2b:26:24:ef:2f:
81:3d:2d:03:96:a2:15:57:d6:0e:7e:06:f7:8c:ec:
7a:69:b5:0e:1a:22:b2:1f:0a:29:b0:88:fa:9a:08:
35:d8:15:d4:e4:56:21:ce:59:d3:f6:8e:ab:40:10:
d0:d7:2e:83:03:a9:4c:cd:12:9e:be:9a:bf:6d:ca:
97:f6:f3:9b:56:ea:cf:e5:cf:6c:4f:76:1c:5d:36:
ab:6b:15:97:83:e8:3d:54:f4:65:06:87:dc:0a:36:
a3:a3:ad:94:ae:c4:1a:32:67:52:eb:d1:4d:ab:fd:
a4:16:43:03:32:ff:a9:3d:d0:50:9f:d2:27:cf:d6:
fb:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:E0:D1:C1:FB:1B:AC:48:03:F4:E7:FD:2A:F9:D7:90:31:0F:81:CF
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pODRwfsbrEgD9Of9KvnXkDEPgc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
58:d8:68:98:6b:6d:8a:6c:89:7e:02:1e:4e:97:a5:7c:de:dd:
f0:aa:ee:cc:fd:1f:8d:c0:c8:41:a2:ac:2c:2c:8c:a5:23:44:
4f:25:eb:1f:b3:c3:6d:3d:a7:40:be:7b:bd:b1:82:13:c7:6a:
74:75:8a:cc:36:15:02:9c:d3:7f:d9:c2:a2:fd:0d:c0:02:29:
50:95:ad:1d:d0:17:3d:59:72:6b:23:ff:ff:9d:52:ea:fe:e5:
0f:f3:b9:43:dd:9d:58:b6:ef:40:02:b2:93:6c:b1:a8:f3:2b:
7e:02:36:5a:8b:63:9a:7f:44:84:d0:15:0d:70:53:00:5d:5e:
59:b8:15:ab:c6:94:9d:90:01:f5:ff:1e:bd:45:61:8c:0a:93:
a6:1a:d3:1c:fd:4d:ec:bb:98:26:4a:c0:c2:9b:3e:66:9e:73:
57:24:3a:52:b1:f5:3a:ca:55:b7:61:ea:dd:ff:6d:40:bb:eb:
70:cb:42:87:34:3b:85:b9:b4:31:42:b5:ec:79:c3:59:e6:ba:
26:ea:38:96:0c:55:3c:0c:6a:ba:e1:38:b7:bc:94:1e:18:f8:
52:ee:aa:1c:52:ce:6c:c6:a7:b9:16:c6:52:94:f2:2d:d7:fc:
01:c4:4c:2e:ee:fc:52:22:10:c8:34:42:43:b1:0d:80:29:28:
71:3c:c7:f3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtUupZxeJd0bJ6Hy556Rm0cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIyMDAxMzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGUwZDFjMWZiMWJhYzQ4MDNmNGU3ZmQyYWY5ZDc5MDMxMGY4MWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4IRIclF6NFW6SZ5XtoVWDA/DRtIC
iVE8EXoHCtX4b8MT9XdL6Fl/SiJYDiuVuY0d3DhLN/vgRqdJ6z4KrEuBnu0tx07l
oBy9/SS1j/32xCTBxj8VGvIPCBgeYvendyj3TBQ1bJoM5cjhaXwRvDosPBAgRO+q
PbGhuObf/hDe/xFPKyYk7y+BPS0DlqIVV9YOfgb3jOx6abUOGiKyHwopsIj6mgg1
2BXU5FYhzlnT9o6rQBDQ1y6DA6lMzRKevpq/bcqX9vObVurP5c9sT3YcXTaraxWX
g+g9VPRlBofcCjajo62UrsQaMmdS69FNq/2kFkMDMv+pPdBQn9Inz9b72wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKTg0cH7G6xIA/Tn/Sr515AxD4HPMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvcE9EUndmc2JyRWdEOU9mOUt2blhrREVQZ2M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFjYaJhrbYpsiX4CHk6X
pXze3fCq7sz9H43AyEGirCwsjKUjRE8l6x+zw209p0C+e72xghPHanR1isw2FQKc
03/ZwqL9DcACKVCVrR3QFz1Zcmsj//+dUur+5Q/zuUPdnVi270ACspNssajzK34C
NlqLY5p/RITQFQ1wUwBdXlm4FavGlJ2QAfX/Hr1FYYwKk6Ya0xz9Tey7mCZKwMKb
Pmaec1ckOlKx9TrKVbdh6t3/bUC763DLQoc0O4W5tDFCtex5w1nmuibqOJYMVTwM
arrhOLe8lB4Y+FLuqhxSzmzGp7kWxlKU8i3X/AHETC7u/FIiEMg0QkOxDYApKHE8
x/M=
-----END CERTIFICATE-----
Generated at Mon Apr 21 17:19:08 2025 by rpki-client