Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/s34HAg57xi021I1A-DlYAoAFfuw.roa
File: s34HAg57xi021I1A-DlYAoAFfuw.roa (raw, json)
Hash identifier: 7QQSHTHWCJnDU98ZssaPCfWr1m/k8NE7L0iVZZVW/ks=
Subject key identifier: B3:7E:07:02:0E:7B:C6:2D:36:D4:8D:40:F8:39:58:02:80:05:7E:EC
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B421222CCEDCC35EF16221B22A56431AA
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/s34HAg57xi021I1A-DlYAoAFfuw.roa
Signing time: Wed 18 Oct 2023 09:16:06 +0000
ROA not before: Wed 18 Oct 2023 09:16:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:42:12:22:cc:ed:cc:35:ef:16:22:1b:22:a5:64:31:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 18 09:16:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b37e07020e7bc62d36d48d40f839580280057eec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:1b:7c:0c:e0:48:58:dd:33:3e:aa:ac:0c:ab:
79:e6:c9:f2:26:49:94:10:e5:10:8b:ae:2e:98:bc:
e6:84:78:f5:9c:b8:5e:92:a5:ec:f7:8d:8c:83:05:
d8:4e:54:2f:f9:d3:58:7e:66:ae:b5:01:20:e9:5a:
ca:8b:13:e9:04:c8:9f:83:75:d6:a4:17:25:9f:f1:
75:4a:3c:6b:db:2b:d2:02:54:af:fa:79:d1:d7:3e:
3b:39:f1:9a:d9:2d:01:29:1b:71:f9:11:dc:5e:db:
82:f7:91:d1:ea:fd:96:8e:59:84:60:57:bd:ff:41:
5d:f3:20:bb:44:1c:87:76:13:97:67:82:aa:fe:aa:
b4:78:80:6c:0a:0d:f2:26:dc:43:d4:22:6d:77:0d:
cb:be:3f:f2:8b:e4:95:8c:85:50:f5:a3:f3:06:0c:
92:15:3f:f3:d4:40:43:75:ee:75:97:16:d3:9d:73:
f3:7f:02:36:28:d2:8b:13:75:bc:95:48:3b:d8:7d:
57:71:71:a9:9c:1b:72:2a:0c:98:5c:f2:08:79:e8:
9f:e4:b9:8d:b7:de:fe:10:43:54:09:5c:44:fc:35:
34:43:5b:dd:92:6b:b7:af:5a:8c:1a:eb:dd:bb:d2:
8d:c9:62:4c:58:20:a8:6e:26:ee:73:66:34:84:67:
88:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:7E:07:02:0E:7B:C6:2D:36:D4:8D:40:F8:39:58:02:80:05:7E:EC
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/s34HAg57xi021I1A-DlYAoAFfuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
91:a1:9e:7d:01:e6:11:b4:91:28:56:51:71:f5:df:60:20:42:
dc:df:32:27:f3:31:a4:e2:77:fd:1b:f6:17:aa:8c:70:da:b9:
fa:8b:1a:5a:16:8c:61:4a:4c:ac:ec:3d:2a:bb:95:1b:eb:36:
06:8d:f6:77:62:80:34:0c:c0:4d:a4:c7:4b:52:34:fe:2e:8f:
d2:0d:5a:58:8b:fb:c2:dd:80:43:07:79:d1:a9:25:d4:16:a2:
b9:4a:74:b3:83:e5:44:13:d7:84:28:1e:61:a1:85:cc:a0:f9:
94:8b:8c:d5:de:e5:f2:cb:59:2a:ae:9c:ed:55:f7:d6:ec:eb:
72:e8:07:87:5e:07:5a:fd:e1:c9:3f:db:75:28:b6:ff:7d:2c:
51:50:23:98:bc:1c:cc:6b:1e:96:37:7c:11:38:7c:12:9e:07:
22:b3:8c:6a:38:c8:23:7c:30:8b:63:05:d2:26:84:37:d5:43:
f5:d1:de:94:fa:f9:95:f5:7a:83:dc:52:5e:1a:d3:21:84:b5:
29:5a:5f:cf:84:68:fe:32:d9:7f:b2:a0:83:f0:b6:10:a5:67:
7e:49:e9:75:c3:f2:66:3d:3c:e2:a5:98:c8:3e:6e:e2:09:70:
7e:b6:b1:69:e5:5e:a6:e8:cb:fa:88:d8:4b:b6:db:01:b1:3c:
c8:3e:98:22
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtCEiLM7cw17xYiGyKlZDGqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE4MDkxNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzdlMDcwMjBlN2JjNjJkMzZkNDhkNDBmODM5NTgwMjgwMDU3ZWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBt8DOBIWN0zPqqsDKt55snyJkmU
EOUQi64umLzmhHj1nLhekqXs942MgwXYTlQv+dNYfmautQEg6VrKixPpBMifg3XW
pBcln/F1Sjxr2yvSAlSv+nnR1z47OfGa2S0BKRtx+RHcXtuC95HR6v2WjlmEYFe9
/0Fd8yC7RByHdhOXZ4Kq/qq0eIBsCg3yJtxD1CJtdw3Lvj/yi+SVjIVQ9aPzBgyS
FT/z1EBDde51lxbTnXPzfwI2KNKLE3W8lUg72H1XcXGpnBtyKgyYXPIIeeif5LmN
t97+EENUCVxE/DU0Q1vdkmu3r1qMGuvdu9KNyWJMWCCobibuc2Y0hGeIGwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLN+BwIOe8YtNtSNQPg5WAKABX7sMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvczM0SEFnNTd4aTAyMUkxQS1EbFlBb0FGZnV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJGhnn0B5hG0kShWUXH1
32AgQtzfMifzMaTid/0b9heqjHDaufqLGloWjGFKTKzsPSq7lRvrNgaN9ndigDQM
wE2kx0tSNP4uj9INWliL+8LdgEMHedGpJdQWorlKdLOD5UQT14QoHmGhhcyg+ZSL
jNXe5fLLWSqunO1V99bs63LoB4deB1r94ck/23Uotv99LFFQI5i8HMxrHpY3fBE4
fBKeByKzjGo4yCN8MItjBdImhDfVQ/XR3pT6+ZX1eoPcUl4a0yGEtSlaX8+EaP4y
2X+yoIPwthClZ35J6XXD8mY9POKlmMg+buIJcH62sWnlXqboy/qI2Eu22wGxPMg+
mCI=
-----END CERTIFICATE-----
Generated at Tue May 6 03:41:07 2025 by rpki-client