Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/vXns9hlIebtBkNbUkxJXyl6cMZA.roa
File: vXns9hlIebtBkNbUkxJXyl6cMZA.roa (raw, json)
Hash identifier: ZSyKQXG9rntAmqF60VNf6Oxv/gCOuiWUm0sCf27E5Xk=
Subject key identifier: BD:79:EC:F6:19:48:79:BB:41:90:D6:D4:93:12:57:CA:5E:9C:31:90
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AF3B5CA172AAED33C7A3F3CEE3EDBC999
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/vXns9hlIebtBkNbUkxJXyl6cMZA.roa
Signing time: Tue 03 Oct 2023 04:04:51 +0000
ROA not before: Tue 03 Oct 2023 04:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:f3b5:59df/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f3:b5:ca:17:2a:ae:d3:3c:7a:3f:3c:ee:3e:db:c9:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 3 04:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd79ecf6194879bb4190d6d4931257ca5e9c3190
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:dd:62:91:d8:22:ff:05:65:a6:0d:72:b6:e5:
16:bf:5c:ef:1b:73:d6:80:58:fc:7c:f3:75:a0:f7:
00:83:5c:3d:4a:f4:49:d9:de:8f:4b:6f:1f:c3:06:
7d:7f:56:19:20:a6:16:a3:30:6a:75:b2:0c:e9:4c:
fb:a1:ec:a8:51:75:20:ef:ba:56:46:2a:68:9b:61:
a3:fa:08:8c:f8:30:a1:eb:d2:b7:cc:38:81:73:54:
7b:3a:1b:96:b0:25:75:61:d3:71:99:f0:68:1f:9e:
09:ca:55:3d:e3:51:36:3a:e2:70:f0:58:ac:fb:8d:
a6:0b:86:db:b1:9b:25:4c:b6:24:0e:95:2c:f0:c8:
5d:bc:f0:f2:c0:ff:bb:fa:7d:87:0f:4a:20:75:a3:
37:59:87:61:ef:3f:34:20:7f:e7:22:d2:15:25:26:
14:90:55:66:dc:34:2b:18:46:9e:bc:4c:12:52:91:
eb:9b:92:2b:87:93:c9:e1:6f:51:a3:a5:c7:91:de:
56:1a:04:3a:11:7e:79:46:bf:2f:e1:e1:26:bb:98:
8a:63:53:57:f4:9d:37:a2:f5:13:05:48:e2:b8:3f:
5e:a2:d2:04:75:24:d5:a8:aa:a4:3b:cf:a9:e9:2d:
c5:f5:44:9f:7d:d3:8f:65:49:99:91:a0:b5:f0:3c:
73:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:79:EC:F6:19:48:79:BB:41:90:D6:D4:93:12:57:CA:5E:9C:31:90
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/vXns9hlIebtBkNbUkxJXyl6cMZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
64:44:17:b8:b2:0f:c3:16:95:3f:74:82:2b:82:ed:ae:c3:d8:
e8:f8:0c:f9:7f:e1:1d:86:ee:9e:63:03:b4:05:a1:e4:be:45:
7d:bc:97:83:90:18:b1:af:e8:48:6d:34:75:10:ee:cd:d1:97:
c4:d8:4a:04:3f:b4:fa:f5:b7:37:19:be:41:d5:2b:0e:3a:1e:
be:a9:89:82:60:75:a3:19:7e:50:a5:34:fb:54:fa:c3:8b:ca:
1d:f8:fb:a7:7d:5c:6a:8a:22:59:7f:8a:6d:ac:da:6a:63:b1:
14:68:ee:56:e5:f3:ce:49:95:6c:fa:95:79:c3:9c:10:dc:ab:
5b:ab:9e:76:e9:c1:ab:02:9d:81:dc:2f:5e:95:e9:13:d9:9d:
29:e2:da:99:94:00:ac:8d:fc:73:5a:2b:1c:4b:1a:7c:6c:d7:
f2:da:b1:89:e9:b4:5a:dc:10:22:f2:bf:73:5a:8d:b1:73:74:
c5:21:0a:ce:a2:1d:c5:79:e9:a9:c9:85:94:b7:3b:49:62:99:
e3:66:c4:ef:22:83:85:21:28:84:97:8f:3c:8c:37:58:7b:ce:
9b:45:e6:2f:ff:e9:01:ff:fc:b6:8d:54:d2:f9:de:03:8a:22:
ea:42:90:e6:03:92:30:a2:23:c7:51:3a:1e:4d:4c:3e:74:1c:
1e:66:8f:2a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrztcoXKq7TPHo/PO4+28mZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDAzMDQwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDc5ZWNmNjE5NDg3OWJiNDE5MGQ2ZDQ5MzEyNTdjYTVlOWMzMTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh91ikdgi/wVlpg1ytuUWv1zvG3PW
gFj8fPN1oPcAg1w9SvRJ2d6PS28fwwZ9f1YZIKYWozBqdbIM6Uz7oeyoUXUg77pW
Ripom2Gj+giM+DCh69K3zDiBc1R7OhuWsCV1YdNxmfBoH54JylU941E2OuJw8Fis
+42mC4bbsZslTLYkDpUs8MhdvPDywP+7+n2HD0ogdaM3WYdh7z80IH/nItIVJSYU
kFVm3DQrGEaevEwSUpHrm5Irh5PJ4W9Ro6XHkd5WGgQ6EX55Rr8v4eEmu5iKY1NX
9J03ovUTBUjiuD9eotIEdSTVqKqkO8+p6S3F9USffdOPZUmZkaC18Dxz2wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL157PYZSHm7QZDW1JMSV8penDGQMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdlhuczlobEllYnRCa05iVWt4Slh5bDZjTVpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGREF7iyD8MWlT90giuC
7a7D2Oj4DPl/4R2G7p5jA7QFoeS+RX28l4OQGLGv6EhtNHUQ7s3Rl8TYSgQ/tPr1
tzcZvkHVKw46Hr6piYJgdaMZflClNPtU+sOLyh34+6d9XGqKIll/im2s2mpjsRRo
7lbl885JlWz6lXnDnBDcq1urnnbpwasCnYHcL16V6RPZnSni2pmUAKyN/HNaKxxL
Gnxs1/LasYnptFrcECLyv3NajbFzdMUhCs6iHcV56anJhZS3O0limeNmxO8ig4Uh
KISXjzyMN1h7zptF5i//6QH//LaNVNL53gOKIupCkOYDkjCiI8dROh5NTD50HB5m
jyo=
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:27:24 2025 by rpki-client