Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/wj9TnZZ3xl5k0HuSRnwavI_vff0.roa
File: wj9TnZZ3xl5k0HuSRnwavI_vff0.roa (raw, json)
Hash identifier: iv2oqKq6KpMVzIR7Bo7Ik9L5serzehU5m2Q4wpgGkuo=
Subject key identifier: C2:3F:53:9D:96:77:C6:5E:64:D0:7B:92:46:7C:1A:BC:8F:EF:7D:FD
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B503E82E29AED89A6E843F6D6260BB88C
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/wj9TnZZ3xl5k0HuSRnwavI_vff0.roa
Signing time: Sat 21 Oct 2023 03:19:15 +0000
ROA not before: Sat 21 Oct 2023 03:19:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:50:3e:82:e2:9a:ed:89:a6:e8:43:f6:d6:26:0b:b8:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 21 03:19:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c23f539d9677c65e64d07b92467c1abc8fef7dfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:37:98:eb:7e:4b:27:69:eb:d2:52:13:8a:7e:
91:38:3c:c0:7e:c0:df:d5:6f:ba:25:3b:ed:b2:ed:
d5:6b:35:13:e4:e9:ee:59:24:a9:d0:23:4f:4b:8f:
54:42:22:50:85:0c:93:d2:de:6b:bc:07:68:b0:68:
60:db:29:1e:08:3e:e9:6f:38:18:e0:bd:21:0f:f7:
21:3a:9d:88:e5:55:c6:2c:dc:69:fc:6d:77:27:24:
ea:84:bc:7d:dd:51:72:8c:ed:f8:f5:44:76:40:0f:
47:33:a1:5d:d5:e8:95:b4:3e:f4:bc:ad:0c:c3:87:
74:19:06:32:cc:fe:98:e7:08:c2:c6:c3:2c:d0:6d:
f1:2d:df:89:ad:c5:4f:66:42:c7:7e:86:38:c9:2b:
7c:cc:cf:3a:98:d7:bd:4d:54:c1:95:66:3b:d4:9f:
f5:30:ba:73:5b:b6:d4:da:7d:1f:c8:28:cd:94:f2:
56:16:50:1b:b2:1d:59:71:7a:d9:bb:35:28:06:e2:
ba:e7:c7:4d:64:0b:cd:64:65:2b:6e:b6:42:40:1e:
4d:92:6c:a9:4a:94:11:fe:a9:50:40:61:f9:56:9c:
c3:b1:f4:79:2e:f9:b7:1f:af:9a:82:e9:61:e6:1f:
20:b0:89:7e:4f:83:2a:02:2e:12:e6:b3:7c:dd:c8:
aa:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:3F:53:9D:96:77:C6:5E:64:D0:7B:92:46:7C:1A:BC:8F:EF:7D:FD
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/wj9TnZZ3xl5k0HuSRnwavI_vff0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7b:8a:f8:92:60:f5:d3:78:28:90:9c:eb:04:ca:53:a8:e0:c1:
e9:5f:43:d4:c0:9f:31:65:f9:d2:df:db:fc:89:55:11:fa:ff:
37:7b:4e:7f:09:da:77:74:17:dd:47:6c:58:3e:1e:89:29:0e:
95:7c:4e:78:8f:65:c8:f6:6e:b5:4c:b5:90:97:9e:a4:63:ed:
3f:d8:3a:fe:f7:65:1d:c6:d6:23:fc:80:9f:17:f9:76:49:e9:
e9:f1:2b:bd:08:8f:7f:2b:9d:47:5f:2e:82:96:a3:bb:64:9b:
e8:8d:a3:6d:ee:59:cb:19:29:ad:6d:c7:a2:ef:51:4f:7a:21:
09:7a:ba:46:cd:de:aa:37:4c:c9:01:13:0a:14:c2:ab:b9:4a:
ae:cd:04:89:c6:e7:49:ce:9c:9b:03:ad:8d:d4:34:85:bb:ff:
3f:9c:71:d3:fd:7e:f6:96:af:5c:29:0e:04:1f:04:e5:ec:c0:
97:16:6c:86:99:0a:06:81:c4:59:50:a9:6a:15:c9:cc:80:53:
17:9c:c5:41:9e:4a:ed:70:0e:8e:9f:72:84:68:a1:30:70:8e:
50:d6:16:e7:47:6f:b7:26:21:90:ac:b2:cf:b6:92:82:b4:7a:
df:f0:6c:b5:c4:b9:b4:76:c3:2e:75:f5:ec:71:18:c1:f1:1e:
72:c9:47:ab
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtQPoLimu2JpuhD9tYmC7iMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIxMDMxOTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjNmNTM5ZDk2NzdjNjVlNjRkMDdiOTI0NjdjMWFiYzhmZWY3ZGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijeY635LJ2nr0lITin6RODzAfsDf
1W+6JTvtsu3VazUT5OnuWSSp0CNPS49UQiJQhQyT0t5rvAdosGhg2ykeCD7pbzgY
4L0hD/chOp2I5VXGLNxp/G13JyTqhLx93VFyjO349UR2QA9HM6Fd1eiVtD70vK0M
w4d0GQYyzP6Y5wjCxsMs0G3xLd+JrcVPZkLHfoY4ySt8zM86mNe9TVTBlWY71J/1
MLpzW7bU2n0fyCjNlPJWFlAbsh1ZcXrZuzUoBuK658dNZAvNZGUrbrZCQB5Nkmyp
SpQR/qlQQGH5VpzDsfR5Lvm3H6+agulh5h8gsIl+T4MqAi4S5rN83ciq/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMI/U52Wd8ZeZNB7kkZ8GryP7339MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvd2o5VG5aWjN4bDVrMEh1U1Jud2F2SV92ZmYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHuK+JJg9dN4KJCc6wTK
U6jgwelfQ9TAnzFl+dLf2/yJVRH6/zd7Tn8J2nd0F91HbFg+HokpDpV8TniPZcj2
brVMtZCXnqRj7T/YOv73ZR3G1iP8gJ8X+XZJ6enxK70Ij38rnUdfLoKWo7tkm+iN
o23uWcsZKa1tx6LvUU96IQl6ukbN3qo3TMkBEwoUwqu5Sq7NBInG50nOnJsDrY3U
NIW7/z+ccdP9fvaWr1wpDgQfBOXswJcWbIaZCgaBxFlQqWoVycyAUxecxUGeSu1w
Do6fcoRooTBwjlDWFudHb7cmIZCsss+2koK0et/wbLXEubR2wy519exxGMHxHnLJ
R6s=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:54:24 2025 by rpki-client