Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/vLJv99pZES8Xy7-Kicb1jDG_tvQ.roa
File: vLJv99pZES8Xy7-Kicb1jDG_tvQ.roa (raw, json)
Hash identifier: lClmh8gR90xRWH6whUT8RkrHqvf9o8TwA8e6B7vCnUs=
Subject key identifier: BC:B2:6F:F7:DA:59:11:2F:17:CB:BF:8A:89:C6:F5:8C:31:BF:B6:F4
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C2E5253A563B7BBB6CE2BD18EEDA60CE7
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/vLJv99pZES8Xy7-Kicb1jDG_tvQ.roa
Signing time: Sun 03 Dec 2023 06:16:36 +0000
ROA not before: Sun 03 Dec 2023 06:16:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2e:52:53:a5:63:b7:bb:b6:ce:2b:d1:8e:ed:a6:0c:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 3 06:16:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bcb26ff7da59112f17cbbf8a89c6f58c31bfb6f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e4:52:9a:f1:54:92:30:8b:65:fa:1e:2e:77:
74:e2:a1:66:8c:f0:11:53:4a:68:57:53:02:d3:3c:
43:8f:f6:71:f4:92:90:e7:37:1d:8c:f2:4b:27:06:
94:ca:28:81:4b:a3:b6:41:99:2d:0f:9d:f5:20:83:
e0:e7:bb:e8:97:c2:73:1b:31:3a:bb:fb:3c:2c:46:
c5:9a:f8:d8:07:0f:e0:6f:b4:74:e2:68:d4:4b:bc:
86:d2:cc:b0:7b:3b:bf:b0:c6:f3:59:42:c5:ff:ba:
75:67:ad:64:ce:4f:55:a7:b1:64:6c:2d:9a:3b:13:
12:4b:ba:21:b2:64:ad:c9:04:6c:0d:8a:ab:00:38:
5b:4a:07:e7:e0:09:47:bb:6d:32:0a:02:5a:a9:1c:
cd:d0:39:6b:ed:32:37:b4:92:c1:f3:32:4e:c3:32:
af:4b:92:37:17:fb:d3:67:a6:8c:2f:2d:1a:54:59:
08:78:0c:97:63:a0:6b:33:4b:65:d0:99:74:5e:8f:
a6:d6:10:db:be:f3:5f:0f:ad:7c:d2:dc:99:e3:c3:
12:b1:9b:43:f4:18:4f:ca:e4:f9:7e:fe:ee:b6:96:
53:8a:f4:07:0b:ca:71:a2:c4:4d:11:97:fe:fd:fb:
cb:65:7f:df:5c:c5:75:5f:1a:87:24:c9:43:f4:5a:
c2:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:B2:6F:F7:DA:59:11:2F:17:CB:BF:8A:89:C6:F5:8C:31:BF:B6:F4
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/vLJv99pZES8Xy7-Kicb1jDG_tvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c3:2d:82:d8:ef:d5:66:05:ff:43:66:42:64:e5:70:cb:a2:7f:
0a:43:0b:a0:91:b6:f1:cf:38:09:33:37:25:38:fa:dc:bb:4d:
4e:63:71:60:12:4a:14:b6:98:60:a0:81:4a:18:ab:b4:59:62:
5c:07:ff:4f:8d:20:de:59:1a:b9:34:07:5c:60:6b:55:2b:78:
89:a5:6f:46:f5:99:d6:8a:dc:e0:01:c7:c0:db:23:32:4e:66:
f1:63:52:e2:e8:ed:f5:0e:ca:05:45:7a:fb:94:c7:02:2f:b5:
1d:95:4a:ad:b8:04:23:53:89:c5:ad:67:92:f7:16:37:4d:e1:
df:e9:6a:e3:40:f8:54:64:33:76:89:9d:0a:bf:d1:72:75:f0:
6d:92:f3:cd:d6:42:98:f2:fe:16:02:0e:41:05:26:8a:40:16:
9b:f4:8c:65:de:67:78:01:c8:4a:58:3b:22:cd:39:36:af:ed:
f1:10:07:a0:70:3a:4a:01:6a:c3:38:bf:39:0f:04:33:ba:b5:
e1:4c:4e:1f:62:15:ee:b3:38:c8:1b:1d:57:01:e4:7d:0b:ba:
0b:73:14:ac:ab:a0:31:70:b5:8a:f9:76:de:19:77:14:58:0a:
26:39:37:b9:88:3e:ec:89:d1:59:52:d2:05:0c:f5:2b:4b:98:
bd:15:a6:35
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwuUlOlY7e7ts4r0Y7tpgznMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjAzMDYxNjM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2IyNmZmN2RhNTkxMTJmMTdjYmJmOGE4OWM2ZjU4YzMxYmZiNmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuRSmvFUkjCLZfoeLnd04qFmjPAR
U0poV1MC0zxDj/Zx9JKQ5zcdjPJLJwaUyiiBS6O2QZktD531IIPg57vol8JzGzE6
u/s8LEbFmvjYBw/gb7R04mjUS7yG0sywezu/sMbzWULF/7p1Z61kzk9Vp7FkbC2a
OxMSS7ohsmStyQRsDYqrADhbSgfn4AlHu20yCgJaqRzN0Dlr7TI3tJLB8zJOwzKv
S5I3F/vTZ6aMLy0aVFkIeAyXY6BrM0tl0Jl0Xo+m1hDbvvNfD6180tyZ48MSsZtD
9BhPyuT5fv7utpZTivQHC8pxosRNEZf+/fvLZX/fXMV1XxqHJMlD9FrCpwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLyyb/faWREvF8u/ionG9Ywxv7b0MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdkxKdjk5cFpFUzhYeTctS2ljYjFqREdfdHZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMMtgtjv1WYF/0NmQmTl
cMuifwpDC6CRtvHPOAkzNyU4+ty7TU5jcWASShS2mGCggUoYq7RZYlwH/0+NIN5Z
Grk0B1xga1UreImlb0b1mdaK3OABx8DbIzJOZvFjUuLo7fUOygVFevuUxwIvtR2V
Sq24BCNTicWtZ5L3FjdN4d/pauNA+FRkM3aJnQq/0XJ18G2S883WQpjy/hYCDkEF
JopAFpv0jGXeZ3gByEpYOyLNOTav7fEQB6BwOkoBasM4vzkPBDO6teFMTh9iFe6z
OMgbHVcB5H0LugtzFKyroDFwtYr5dt4ZdxRYCiY5N7mIPuyJ0VlS0gUM9StLmL0V
pjU=
-----END CERTIFICATE-----
Generated at Sat Apr 19 05:51:33 2025 by rpki-client