Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/tKP9_4swAQy17HtVcrKdMiwhcaM.roa
File: tKP9_4swAQy17HtVcrKdMiwhcaM.roa (raw, json)
Hash identifier: ny3v1CkR7S//lFA12hliL+uFeak9tR0SE1GwrqLuhns=
Subject key identifier: B4:A3:FD:FF:8B:30:01:0C:B5:EC:7B:55:72:B2:9D:32:2C:21:71:A3
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BA2651784C164173B6219A5D3523F361A
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/tKP9_4swAQy17HtVcrKdMiwhcaM.roa
Signing time: Mon 06 Nov 2023 02:10:16 +0000
ROA not before: Mon 06 Nov 2023 02:10:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a2:65:17:84:c1:64:17:3b:62:19:a5:d3:52:3f:36:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 6 02:10:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4a3fdff8b30010cb5ec7b5572b29d322c2171a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:83:52:20:94:d3:f0:cf:38:e8:5b:8d:69:56:
5b:7f:20:e8:2a:40:5c:a1:2d:05:b9:4e:e2:fc:61:
7c:d3:b6:8b:c8:1c:25:cb:de:e6:28:00:43:d8:e6:
b3:d2:1a:d5:80:92:30:5d:e1:7f:f5:85:db:32:1f:
9f:71:8a:eb:60:66:ca:b4:df:67:51:49:ee:da:71:
2e:cb:ea:80:09:22:63:28:c7:81:e1:e1:d1:b5:91:
d2:17:16:32:c1:0a:c9:7f:34:d5:86:bb:7b:86:a1:
cc:4b:72:0f:9c:5b:89:ec:17:88:c8:d1:26:87:be:
24:d3:c7:6a:e6:0e:33:54:0b:9b:b4:91:9d:c3:cc:
4f:d9:a5:2e:bb:71:d1:6b:6b:58:6c:6f:c3:d9:19:
4e:ae:4a:bf:6e:ef:3f:d3:78:66:6d:c5:f3:2d:40:
9d:5c:ea:a2:1a:dd:03:f2:3c:ad:c0:4e:99:ff:9f:
61:43:71:cf:8c:30:e2:7b:c1:36:a8:44:5b:40:64:
0d:c8:5a:4a:69:4a:97:38:3a:19:ad:0c:87:f2:98:
20:de:52:82:68:94:02:8d:4a:77:df:e7:9f:c6:b6:
b9:8a:9b:91:93:d7:4c:bb:6c:5f:2a:80:23:c0:6a:
7a:ea:73:7a:25:51:92:14:d5:59:a2:62:d4:13:82:
16:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:A3:FD:FF:8B:30:01:0C:B5:EC:7B:55:72:B2:9D:32:2C:21:71:A3
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/tKP9_4swAQy17HtVcrKdMiwhcaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4e:3e:70:a2:c7:59:68:6e:7d:62:a3:3f:b1:b0:74:72:fd:9c:
aa:12:d5:6a:36:2b:7a:f8:1e:d9:5b:a8:0c:c7:14:b5:e1:c2:
23:01:7b:8e:39:43:91:fe:08:3e:6f:d4:42:15:c7:69:62:d6:
ef:08:94:99:fb:40:d3:b0:44:75:5e:9c:00:e4:eb:42:77:79:
32:28:0d:af:d5:ae:d3:64:1d:b5:95:1c:9b:b8:85:da:23:14:
f4:8f:aa:5e:e8:53:21:12:6d:52:81:7b:48:1b:f6:2a:a2:5d:
d9:1a:36:05:ec:49:61:35:f2:07:cc:30:d8:d3:e0:ee:06:ec:
8b:40:5c:f9:6e:5c:a3:9b:46:a2:b7:49:1d:1f:55:d3:63:55:
ca:e9:13:97:bf:51:01:d7:51:64:be:78:c4:5e:37:02:12:9b:
74:e5:a7:2d:cc:d1:da:eb:80:17:e4:dc:a6:34:1d:82:51:e2:
75:85:e9:6b:85:7b:26:74:29:90:89:0c:27:9f:b3:47:a3:0c:
89:e8:a0:02:c5:3b:24:a6:0b:7d:9d:eb:80:0b:de:36:0a:d7:
98:5a:14:dc:d1:9a:09:b5:bf:39:2e:41:89:ab:e8:59:a4:bf:
39:6f:e6:5f:32:e6:59:78:3b:b1:10:15:55:c4:3b:d4:05:3e:
96:c1:28:c6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuiZReEwWQXO2IZpdNSPzYaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA2MDIxMDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGEzZmRmZjhiMzAwMTBjYjVlYzdiNTU3MmIyOWQzMjJjMjE3MWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYNSIJTT8M846FuNaVZbfyDoKkBc
oS0FuU7i/GF807aLyBwly97mKABD2Oaz0hrVgJIwXeF/9YXbMh+fcYrrYGbKtN9n
UUnu2nEuy+qACSJjKMeB4eHRtZHSFxYywQrJfzTVhrt7hqHMS3IPnFuJ7BeIyNEm
h74k08dq5g4zVAubtJGdw8xP2aUuu3HRa2tYbG/D2RlOrkq/bu8/03hmbcXzLUCd
XOqiGt0D8jytwE6Z/59hQ3HPjDDie8E2qERbQGQNyFpKaUqXODoZrQyH8pgg3lKC
aJQCjUp33+efxra5ipuRk9dMu2xfKoAjwGp66nN6JVGSFNVZomLUE4IWGwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLSj/f+LMAEMtex7VXKynTIsIXGjMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdEtQOV80c3dBUXkxN0h0VmNyS2RNaXdoY2FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE4+cKLHWWhufWKjP7Gw
dHL9nKoS1Wo2K3r4HtlbqAzHFLXhwiMBe445Q5H+CD5v1EIVx2li1u8IlJn7QNOw
RHVenADk60J3eTIoDa/VrtNkHbWVHJu4hdojFPSPql7oUyESbVKBe0gb9iqiXdka
NgXsSWE18gfMMNjT4O4G7ItAXPluXKObRqK3SR0fVdNjVcrpE5e/UQHXUWS+eMRe
NwISm3Tlpy3M0drrgBfk3KY0HYJR4nWF6WuFeyZ0KZCJDCefs0ejDInooALFOySm
C32d64AL3jYK15haFNzRmgm1vzkuQYmr6Fmkvzlv5l8y5ll4O7EQFVXEO9QFPpbB
KMY=
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:32:22 2025 by rpki-client