Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/vnDkM4MmUhO-7smZosKL_-TDUQs.roa
File: vnDkM4MmUhO-7smZosKL_-TDUQs.roa (raw, json)
Hash identifier: 9BGTvVou8GIhF5V6bvG87mZp05zWehlZmlOE68x7Zh0=
Subject key identifier: BE:70:E4:33:83:26:52:13:BE:EE:C9:99:A2:C2:8B:FF:E4:C3:51:0B
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BD0F6CDA7A5BA1914605CFBDCBEF57181
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/vnDkM4MmUhO-7smZosKL_-TDUQs.roa
Signing time: Wed 15 Nov 2023 03:11:57 +0000
ROA not before: Wed 15 Nov 2023 03:11:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d0:f6:cd:a7:a5:ba:19:14:60:5c:fb:dc:be:f5:71:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 15 03:11:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be70e43383265213beeec999a2c28bffe4c3510b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:dd:56:f0:ff:fd:7f:dd:52:1d:06:f5:d3:8b:
0a:c5:03:64:80:25:5f:43:c0:ac:9f:36:06:b3:1b:
94:d9:a7:bf:a4:e7:26:68:34:f9:f4:6d:75:35:7d:
f1:85:74:32:f5:7c:05:fc:05:5d:fd:c7:e5:a9:08:
38:ad:3f:e1:65:fd:37:a6:25:0a:06:a3:84:83:f3:
2e:2d:04:87:b0:e0:ac:b8:e5:5d:9e:ef:5d:d0:f9:
2b:85:53:89:0a:81:0c:8e:3e:b8:d8:cd:1b:1c:04:
99:c5:43:72:bb:d1:58:96:fb:a3:e8:05:d6:5e:cb:
73:b4:ad:5f:0e:fb:c7:fa:04:c5:0b:73:44:67:98:
de:38:24:cc:dc:e4:1e:73:7d:89:b7:ec:17:b0:12:
af:d4:85:b2:9f:b0:f6:33:a7:3e:70:8e:14:1d:7f:
b6:46:89:ea:bc:07:99:3e:3a:07:46:d9:71:31:d5:
e3:dd:d5:16:2f:e5:2c:b7:1d:c4:4e:41:8e:c9:5c:
76:46:31:18:29:e5:86:27:6a:58:33:84:67:f8:55:
f0:e2:34:2c:2b:eb:08:6b:79:4f:07:5b:94:1d:c1:
55:79:bd:1f:e8:74:f6:53:4c:0e:be:9e:1f:18:ac:
08:ab:c4:ac:67:49:52:ad:c4:e7:50:f9:98:88:9f:
23:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:70:E4:33:83:26:52:13:BE:EE:C9:99:A2:C2:8B:FF:E4:C3:51:0B
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/vnDkM4MmUhO-7smZosKL_-TDUQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
51:2f:84:3d:c9:d5:94:de:61:80:90:69:a1:5b:cb:ef:f6:fd:
9b:06:9e:3a:56:9b:2f:f0:0e:33:d7:67:31:66:f3:fd:bb:d1:
93:ca:c4:ee:b1:19:7d:79:11:4b:eb:3d:0d:77:2a:bd:a0:6c:
b4:e9:c7:ac:83:ff:d6:3b:1e:52:97:b0:02:4d:26:76:28:d8:
ba:d5:da:13:67:d5:20:75:6e:4a:64:77:20:a8:5f:16:58:42:
d7:0d:d3:1d:30:a9:74:aa:be:05:05:30:b1:0b:ca:b6:9b:7b:
e9:12:6d:29:da:46:f2:bb:aa:0d:0f:84:0c:a5:80:f1:37:93:
f5:da:7b:2c:a9:ab:b5:17:fb:b0:9e:5d:57:67:b2:0e:cd:1e:
b9:6d:59:02:0d:cd:f7:63:e0:ab:46:12:0e:0e:b8:7f:c8:b2:
bd:c0:db:55:c5:e7:27:4a:41:7d:8b:a0:8a:74:3a:29:57:13:
13:e4:bc:81:5b:19:7a:41:eb:a3:ba:b4:95:52:b8:6b:bc:ae:
ee:b3:9c:9f:37:cd:79:22:c4:fe:d8:1f:55:68:2d:79:be:a3:
fa:e1:01:73:5d:7a:21:aa:b0:ff:74:b5:61:41:90:35:ae:38:
4e:9a:25:e3:fc:cd:6f:46:0b:84:56:b9:bc:68:6e:f6:5c:52:
02:cf:bb:0f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvQ9s2npboZFGBc+9y+9XGBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTE1MDMxMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTcwZTQzMzgzMjY1MjEzYmVlZWM5OTlhMmMyOGJmZmU0YzM1MTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2d1W8P/9f91SHQb104sKxQNkgCVf
Q8CsnzYGsxuU2ae/pOcmaDT59G11NX3xhXQy9XwF/AVd/cflqQg4rT/hZf03piUK
BqOEg/MuLQSHsOCsuOVdnu9d0PkrhVOJCoEMjj642M0bHASZxUNyu9FYlvuj6AXW
XstztK1fDvvH+gTFC3NEZ5jeOCTM3OQec32Jt+wXsBKv1IWyn7D2M6c+cI4UHX+2
RonqvAeZPjoHRtlxMdXj3dUWL+Ustx3ETkGOyVx2RjEYKeWGJ2pYM4Rn+FXw4jQs
K+sIa3lPB1uUHcFVeb0f6HT2U0wOvp4fGKwIq8SsZ0lSrcTnUPmYiJ8jrwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL5w5DODJlITvu7JmaLCi//kw1ELMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdm5Ea000TW1VaE8tN3NtWm9zS0xfLVREVVFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFEvhD3J1ZTeYYCQaaFb
y+/2/ZsGnjpWmy/wDjPXZzFm8/270ZPKxO6xGX15EUvrPQ13Kr2gbLTpx6yD/9Y7
HlKXsAJNJnYo2LrV2hNn1SB1bkpkdyCoXxZYQtcN0x0wqXSqvgUFMLELyrabe+kS
bSnaRvK7qg0PhAylgPE3k/Xaeyypq7UX+7CeXVdnsg7NHrltWQINzfdj4KtGEg4O
uH/Isr3A21XF5ydKQX2LoIp0OilXExPkvIFbGXpB66O6tJVSuGu8ru6znJ83zXki
xP7YH1VoLXm+o/rhAXNdeiGqsP90tWFBkDWuOE6aJeP8zW9GC4RWubxobvZcUgLP
uw8=
-----END CERTIFICATE-----
Generated at Tue Apr 22 10:48:33 2025 by rpki-client