Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/tR9dJvXiwnj7B8-QUTG1uC-i2NI.roa
File: tR9dJvXiwnj7B8-QUTG1uC-i2NI.roa (raw, json)
Hash identifier: tVqYiYL/iiysVvYWRWLvnxxDnCqrR3gajfa3fY5agH8=
Subject key identifier: B5:1F:5D:26:F5:E2:C2:78:FB:07:CF:90:51:31:B5:B8:2F:A2:D8:D2
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BA5D4EB3F897F4F90A8FEE252E5D57448
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/tR9dJvXiwnj7B8-QUTG1uC-i2NI.roa
Signing time: Mon 06 Nov 2023 18:11:16 +0000
ROA not before: Mon 06 Nov 2023 18:11:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a5:d4:eb:3f:89:7f:4f:90:a8:fe:e2:52:e5:d5:74:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 6 18:11:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b51f5d26f5e2c278fb07cf905131b5b82fa2d8d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:71:55:a7:e4:2b:41:e9:73:d6:61:f7:9c:d7:
ab:63:64:83:55:7b:cc:57:b1:54:c4:ee:fa:79:d5:
c3:5c:26:57:ff:a3:f6:52:28:b6:99:d6:49:c5:e1:
0e:b5:ae:c9:13:dd:6e:1a:04:5f:cc:58:64:40:bc:
cc:89:a7:cd:9a:b7:4f:f0:9a:63:f4:57:6d:9c:6a:
6c:17:b1:f6:36:ee:42:00:2a:ef:f9:3b:38:15:20:
51:80:bd:87:0c:2b:a6:d1:17:c2:e7:d4:76:c2:a7:
67:87:78:f6:95:7f:76:4f:da:e8:14:09:9a:93:81:
6e:b5:7c:c0:60:15:9a:4b:81:42:9f:1f:3b:d8:8a:
df:97:3d:64:1a:df:05:b9:75:af:b3:33:88:0b:d6:
bb:4f:c8:71:e7:25:4a:ae:93:d0:83:fe:82:13:e9:
97:74:d5:e3:8d:44:e4:1b:af:65:ea:eb:f9:ad:d8:
30:69:69:b3:4c:ac:0e:14:7f:cd:b5:f5:db:66:24:
72:54:b5:23:9d:0d:6e:7b:9f:e5:4e:bb:cb:d9:b7:
f5:02:9c:3b:9c:5d:a6:77:97:76:f0:00:99:54:cd:
64:4a:0d:0a:03:2a:22:45:33:7a:f0:b5:1b:35:e9:
54:61:33:4f:1b:12:c4:c1:cb:aa:8c:03:a8:25:7c:
bc:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:1F:5D:26:F5:E2:C2:78:FB:07:CF:90:51:31:B5:B8:2F:A2:D8:D2
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/tR9dJvXiwnj7B8-QUTG1uC-i2NI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0e:8a:b4:66:90:5f:57:5c:c7:00:1d:06:fe:e0:ba:ec:3a:5b:
2b:de:af:7d:17:9b:6d:88:79:96:27:02:ab:02:a7:a8:47:ed:
72:16:b2:63:15:c2:bc:3f:7e:33:6f:45:3c:5f:2b:1f:19:b3:
24:5a:02:ea:da:15:f8:40:60:61:0d:a8:87:20:1b:6f:1f:96:
db:01:53:7d:60:60:16:a0:ce:93:df:7b:64:ee:c3:a4:ee:06:
e2:9b:f5:bc:ea:8c:13:00:03:5f:86:10:43:07:9a:56:eb:a1:
88:55:e9:e3:74:b1:f8:65:b2:94:e1:9f:b2:da:e3:9b:00:02:
f8:b4:7c:ea:bf:ff:c8:e6:6e:2f:cb:7f:7d:9f:ce:32:2c:ae:
7d:92:3e:f3:c2:a9:b5:04:e8:d6:81:e1:40:74:00:c3:db:1d:
a4:ae:d5:50:8c:5d:b9:46:17:07:51:ad:f8:fe:b8:55:66:c9:
a7:c1:06:f9:f4:ad:2a:17:0f:01:df:1e:d0:22:6a:a3:89:79:
a8:cb:40:77:dd:01:0c:7d:17:2a:da:cc:f7:85:76:d3:1c:2b:
7e:be:09:33:21:f7:54:a5:d0:a5:3f:05:f9:f8:70:ea:0c:98:
57:e2:8f:bb:2f:f4:5b:87:9e:bc:56:74:92:2c:e8:1a:e3:b0:
90:d4:69:b5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYul1Os/iX9PkKj+4lLl1XRIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA2MTgxMTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTFmNWQyNmY1ZTJjMjc4ZmIwN2NmOTA1MTMxYjViODJmYTJkOGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjnFVp+QrQelz1mH3nNerY2SDVXvM
V7FUxO76edXDXCZX/6P2Uii2mdZJxeEOta7JE91uGgRfzFhkQLzMiafNmrdP8Jpj
9FdtnGpsF7H2Nu5CACrv+Ts4FSBRgL2HDCum0RfC59R2wqdnh3j2lX92T9roFAma
k4FutXzAYBWaS4FCnx872Irflz1kGt8FuXWvszOIC9a7T8hx5yVKrpPQg/6CE+mX
dNXjjUTkG69l6uv5rdgwaWmzTKwOFH/NtfXbZiRyVLUjnQ1ue5/lTrvL2bf1Apw7
nF2md5d28ACZVM1kSg0KAyoiRTN68LUbNelUYTNPGxLEwcuqjAOoJXy8uwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLUfXSb14sJ4+wfPkFExtbgvotjSMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdFI5ZEp2WGl3bmo3QjgtUVVURzF1Qy1pMk5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA6KtGaQX1dcxwAdBv7g
uuw6Wyver30Xm22IeZYnAqsCp6hH7XIWsmMVwrw/fjNvRTxfKx8ZsyRaAuraFfhA
YGENqIcgG28fltsBU31gYBagzpPfe2Tuw6TuBuKb9bzqjBMAA1+GEEMHmlbroYhV
6eN0sfhlspThn7La45sAAvi0fOq//8jmbi/Lf32fzjIsrn2SPvPCqbUE6NaB4UB0
AMPbHaSu1VCMXblGFwdRrfj+uFVmyafBBvn0rSoXDwHfHtAiaqOJeajLQHfdAQx9
FyrazPeFdtMcK36+CTMh91Sl0KU/Bfn4cOoMmFfij7sv9FuHnrxWdJIs6BrjsJDU
abU=
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:27:49 2025 by rpki-client