Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/sF67qFfUJeH6a11eaesREHYtNQ0.roa
File: sF67qFfUJeH6a11eaesREHYtNQ0.roa (raw, json)
Hash identifier: 24f6sw2rF9t6Q/ds4RMifx/274fC2Bgyb7eefKSeDGg=
Subject key identifier: B0:5E:BB:A8:57:D4:25:E1:FA:6B:5D:5E:69:EB:11:10:76:2D:35:0D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B227CF22038E29C423F4965443CF29D67
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/sF67qFfUJeH6a11eaesREHYtNQ0.roa
Signing time: Thu 12 Oct 2023 06:04:55 +0000
ROA not before: Thu 12 Oct 2023 06:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18b:227c:4d0a/128 maxlen: 128
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:22:7c:f2:20:38:e2:9c:42:3f:49:65:44:3c:f2:9d:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 12 06:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b05ebba857d425e1fa6b5d5e69eb1110762d350d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ca:2d:66:e1:2f:10:7d:d3:e6:82:2a:da:e0:
ba:9f:0c:e7:2c:44:9c:7c:cc:bd:d3:a9:0e:f1:d1:
04:ec:69:1b:42:e1:8b:e4:fe:d8:af:52:73:33:c6:
2e:c6:7e:93:a5:b6:bf:f1:73:e0:85:78:95:13:4a:
ea:09:43:eb:2b:d3:c4:4d:28:ee:fd:7e:d8:21:d2:
a1:84:d3:e2:a6:97:0b:a6:7c:d8:83:ec:83:ab:64:
f0:7e:0c:22:71:00:b9:c7:f3:5e:ab:e7:5a:89:aa:
e6:10:f7:70:10:9b:e9:35:dc:04:de:14:cd:b4:c0:
de:8f:d6:eb:b6:e6:ee:6f:12:17:8f:ca:5b:21:b3:
53:85:1a:19:28:36:b5:58:89:d9:d4:56:c5:37:ce:
3b:c8:f5:a9:14:73:ce:55:f6:0b:a7:33:c5:5e:33:
a4:61:c8:47:64:eb:98:59:20:b9:87:0e:8a:c1:55:
79:a5:46:9c:8d:8f:91:b4:7c:60:bd:8f:f7:cd:cb:
dc:27:70:53:b6:f5:27:f3:28:f5:d8:1c:ab:ae:85:
e9:28:b1:54:c8:3e:a1:d8:5e:d5:df:e3:d4:17:25:
a2:16:94:0c:15:1a:78:cb:17:35:27:17:25:39:65:
82:5b:39:fb:b5:b2:cc:0d:8d:07:36:e6:7e:27:c3:
5b:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:5E:BB:A8:57:D4:25:E1:FA:6B:5D:5E:69:EB:11:10:76:2D:35:0D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/sF67qFfUJeH6a11eaesREHYtNQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7b:bd:08:2d:c7:3d:47:87:e8:5e:61:7d:84:9c:f2:50:26:e0:
58:8f:e3:97:1a:d1:73:20:f2:a8:6d:a5:3c:d8:ef:cd:72:27:
a1:94:1e:6c:35:1c:89:05:a3:58:0f:d9:79:fa:2c:93:83:2f:
1b:8e:25:c7:47:b4:d0:e9:02:8f:aa:5f:01:f3:eb:3e:62:08:
98:8b:ff:73:61:a0:19:bf:d0:b6:31:9d:c6:5e:9e:e9:bb:a0:
80:15:2e:0f:74:16:c5:46:f9:02:6f:34:52:be:59:fa:1d:88:
2c:4d:97:79:ac:2d:2c:5b:c2:ae:c7:05:8f:25:ba:59:37:c3:
11:8a:98:2b:ea:7f:8a:15:9d:15:f1:97:cd:0c:8b:a6:98:cb:
82:87:07:43:70:cc:c3:14:2a:9c:8f:bd:81:3b:9a:fb:d8:ac:
ca:94:9b:85:a0:91:da:bc:20:8a:3a:03:49:54:ca:db:0f:88:
32:21:b5:75:bf:c0:2a:39:9b:26:58:b8:b0:bf:76:fe:52:e6:
61:b8:92:08:3a:86:5d:be:46:1f:42:a1:6f:df:40:87:1e:fe:
25:8b:0e:45:83:24:95:85:be:67:95:79:d3:13:1d:2c:3f:4f:
9a:de:2c:f7:0e:70:73:b1:ee:49:b9:86:16:89:fe:0b:59:33:
cf:68:1b:4f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsifPIgOOKcQj9JZUQ88p1nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDEyMDYwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDVlYmJhODU3ZDQyNWUxZmE2YjVkNWU2OWViMTExMDc2MmQzNTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsotZuEvEH3T5oIq2uC6nwznLESc
fMy906kO8dEE7GkbQuGL5P7Yr1JzM8Yuxn6Tpba/8XPghXiVE0rqCUPrK9PETSju
/X7YIdKhhNPippcLpnzYg+yDq2TwfgwicQC5x/Neq+daiarmEPdwEJvpNdwE3hTN
tMDej9brtububxIXj8pbIbNThRoZKDa1WInZ1FbFN847yPWpFHPOVfYLpzPFXjOk
YchHZOuYWSC5hw6KwVV5pUacjY+RtHxgvY/3zcvcJ3BTtvUn8yj12ByrroXpKLFU
yD6h2F7V3+PUFyWiFpQMFRp4yxc1JxclOWWCWzn7tbLMDY0HNuZ+J8NbHQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLBeu6hX1CXh+mtdXmnrERB2LTUNMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvc0Y2N3FGZlVKZUg2YTExZWFlc1JFSFl0TlEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHu9CC3HPUeH6F5hfYSc
8lAm4FiP45ca0XMg8qhtpTzY781yJ6GUHmw1HIkFo1gP2Xn6LJODLxuOJcdHtNDp
Ao+qXwHz6z5iCJiL/3NhoBm/0LYxncZenum7oIAVLg90FsVG+QJvNFK+WfodiCxN
l3msLSxbwq7HBY8lulk3wxGKmCvqf4oVnRXxl80Mi6aYy4KHB0NwzMMUKpyPvYE7
mvvYrMqUm4Wgkdq8IIo6A0lUytsPiDIhtXW/wCo5myZYuLC/dv5S5mG4kgg6hl2+
Rh9CoW/fQIce/iWLDkWDJJWFvmeVedMTHSw/T5reLPcOcHOx7km5hhaJ/gtZM89o
G08=
-----END CERTIFICATE-----
Generated at Sat Apr 19 05:53:42 2025 by rpki-client