Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/v5zR87aVKLmekKCcZkkyzIxjXKw.roa
File: v5zR87aVKLmekKCcZkkyzIxjXKw.roa (raw, json)
Hash identifier: xr+nG3zU9onIgUSDqPtVnZo+1Eh3Ur8eRW9iC7P28us=
Subject key identifier: BF:9C:D1:F3:B6:95:28:B9:9E:90:A0:9C:66:49:32:CC:8C:63:5C:AC
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C2397CDFAFB8CB43F41A59A9DABB6592A
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/v5zR87aVKLmekKCcZkkyzIxjXKw.roa
Signing time: Fri 01 Dec 2023 04:16:40 +0000
ROA not before: Fri 01 Dec 2023 04:16:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:23:97:cd:fa:fb:8c:b4:3f:41:a5:9a:9d:ab:b6:59:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 1 04:16:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf9cd1f3b69528b99e90a09c664932cc8c635cac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:62:42:27:e3:c0:5f:3e:6e:c1:10:0a:ea:79:
74:89:f7:96:3b:19:18:3a:b7:2c:5f:03:fc:67:b1:
55:45:c2:75:cf:c9:9e:bf:9b:06:ab:de:59:d1:66:
7d:47:e0:59:ef:92:f2:f8:e0:de:a8:67:b5:22:79:
95:27:fe:47:a0:f7:64:f9:ce:7b:0a:9c:57:dc:25:
61:de:de:c5:51:07:59:f1:b2:88:0e:d3:94:8d:b0:
d1:1b:92:57:fd:9f:e7:9b:a8:92:61:4e:4f:a1:ab:
ff:a2:2b:62:8b:97:3c:38:82:1b:82:2b:25:bd:04:
ce:07:68:ce:89:ed:1b:d1:33:6f:01:e2:aa:4e:73:
71:8d:8b:0a:82:77:b3:e5:f6:8b:2f:b5:15:bb:aa:
d0:0e:75:92:cd:6a:13:46:2a:14:5e:2d:8f:69:f3:
4a:e5:4c:7b:a6:52:a6:64:0c:b5:e5:fc:e1:82:58:
6c:db:ff:7e:98:52:e5:00:22:b7:3a:c1:56:cc:ba:
4a:51:b8:c4:3c:a1:97:cb:23:3d:90:c6:06:9a:82:
ca:d5:9f:72:2e:a1:e1:5e:8f:c5:3e:68:20:99:a5:
70:4a:1d:0e:09:a3:7d:77:8c:42:df:8c:3b:ba:09:
d3:82:8c:08:ec:dd:0a:57:b3:1f:d4:ea:38:71:eb:
3f:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:9C:D1:F3:B6:95:28:B9:9E:90:A0:9C:66:49:32:CC:8C:63:5C:AC
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/v5zR87aVKLmekKCcZkkyzIxjXKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6f:fb:5a:18:18:c7:05:40:96:13:7e:70:27:47:a1:81:ad:8b:
b9:77:d7:ac:dd:a5:92:cf:e8:02:0b:6d:ca:8e:73:7b:74:e2:
87:20:e1:7c:dc:c9:84:f3:80:5e:01:9f:25:2c:3c:61:d5:74:
f5:0c:49:45:b7:79:9a:42:ea:4d:88:e0:4e:9e:00:0b:3d:6d:
51:5b:36:15:b4:42:7e:1d:51:eb:1b:31:df:25:12:1d:b3:88:
9a:0e:af:ad:b4:6b:27:9e:0c:2e:ae:1a:87:72:b2:df:a3:de:
ec:a9:42:bf:69:32:80:ab:f0:51:72:7b:f8:03:f8:0f:44:46:
4f:00:9d:50:be:01:21:37:3f:72:74:1f:b6:ce:ae:6f:2f:2c:
17:76:72:94:92:19:5f:58:d0:62:3e:2a:36:ef:6a:80:1d:b5:
d1:39:d2:b7:9f:60:6c:68:16:86:91:e2:2a:bb:1e:a8:c7:19:
04:cf:eb:26:a5:a7:0d:59:46:38:00:50:3b:87:af:9a:eb:b5:
42:b4:77:8a:6a:ff:cd:84:2d:02:d7:1e:58:bd:ba:4c:74:81:
0a:63:84:0b:3f:12:cf:d4:81:58:9c:0c:eb:63:86:e6:79:11:
76:ef:79:79:67:b9:76:1f:a7:f1:65:19:7e:4a:40:7a:b0:38:
c5:7a:91:90
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwjl836+4y0P0Glmp2rtlkqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjAxMDQxNjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjljZDFmM2I2OTUyOGI5OWU5MGEwOWM2NjQ5MzJjYzhjNjM1Y2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGJCJ+PAXz5uwRAK6nl0ifeWOxkY
OrcsXwP8Z7FVRcJ1z8mev5sGq95Z0WZ9R+BZ75Ly+ODeqGe1InmVJ/5HoPdk+c57
CpxX3CVh3t7FUQdZ8bKIDtOUjbDRG5JX/Z/nm6iSYU5Poav/oitii5c8OIIbgisl
vQTOB2jOie0b0TNvAeKqTnNxjYsKgnez5faLL7UVu6rQDnWSzWoTRioUXi2PafNK
5Ux7plKmZAy15fzhglhs2/9+mFLlACK3OsFWzLpKUbjEPKGXyyM9kMYGmoLK1Z9y
LqHhXo/FPmggmaVwSh0OCaN9d4xC34w7ugnTgowI7N0KV7Mf1Oo4ces/EwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL+c0fO2lSi5npCgnGZJMsyMY1ysMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdjV6Ujg3YVZLTG1la0tDY1pra3l6SXhqWEt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG/7WhgYxwVAlhN+cCdH
oYGti7l316zdpZLP6AILbcqOc3t04ocg4XzcyYTzgF4BnyUsPGHVdPUMSUW3eZpC
6k2I4E6eAAs9bVFbNhW0Qn4dUesbMd8lEh2ziJoOr620ayeeDC6uGodyst+j3uyp
Qr9pMoCr8FFye/gD+A9ERk8AnVC+ASE3P3J0H7bOrm8vLBd2cpSSGV9Y0GI+Kjbv
aoAdtdE50refYGxoFoaR4iq7HqjHGQTP6yalpw1ZRjgAUDuHr5rrtUK0d4pq/82E
LQLXHli9ukx0gQpjhAs/Es/UgVicDOtjhuZ5EXbveXlnuXYfp/FlGX5KQHqwOMV6
kZA=
-----END CERTIFICATE-----
Generated at Tue Apr 22 19:37:12 2025 by rpki-client