Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-4oVlokJPQFMWAjJUmpK4liMLDE.roa
File: 1-4oVlokJPQFMWAjJUmpK4liMLDE.roa (raw, json)
Hash identifier: NAPz8hWcbbQGVUfuLjV2TPmwsWhw86ZJdYH+LdnYACQ=
Subject key identifier: FB:8A:15:96:89:09:3D:01:4C:58:08:C9:52:6A:4A:E2:58:8C:2C:31
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AC30015B0DDF725F3F4A4AC583508F138
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-4oVlokJPQFMWAjJUmpK4liMLDE.roa
Signing time: Sat 23 Sep 2023 17:04:37 +0000
ROA not before: Sat 23 Sep 2023 17:04:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:c2ff:d0c4/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c3:00:15:b0:dd:f7:25:f3:f4:a4:ac:58:35:08:f1:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 23 17:04:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb8a159689093d014c5808c9526a4ae2588c2c31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:93:6c:90:12:7c:69:3b:a8:05:a1:73:37:6a:
74:9e:74:d4:fc:ba:e3:01:32:e8:81:c9:8e:e3:89:
fc:41:e9:bb:1e:67:99:d0:9e:97:24:52:2a:01:7a:
84:fe:90:1e:f8:5b:ad:f4:04:a8:f4:33:b4:0e:e1:
2b:c4:b5:fd:c6:79:1d:90:4f:46:5d:bd:76:98:66:
c7:23:20:9c:27:b6:14:8f:e3:7b:f1:6b:59:ac:0a:
65:35:81:44:bc:0b:31:2f:0a:c2:a3:ac:40:55:7e:
16:05:4b:89:06:6c:ce:75:7a:a6:2b:78:89:ea:5c:
7b:af:65:15:07:de:1c:f4:47:0a:2a:1a:df:97:cb:
dc:67:79:1b:5e:b0:d4:29:56:b5:e7:d5:dd:27:80:
50:c1:22:5e:db:92:04:46:89:de:0e:bb:8a:a3:24:
5f:21:da:a3:d8:fa:ca:5c:70:f6:1e:cc:ae:85:d8:
98:a0:7f:ce:8a:f0:5d:61:c8:b1:d3:b6:88:c6:06:
48:99:16:b7:cd:a3:52:a6:16:1b:32:08:4f:39:54:
4b:50:9b:cb:9b:9e:35:74:ce:b9:8a:49:13:c3:6a:
5b:76:1f:81:2c:e2:70:f6:80:a6:e9:84:c7:5f:88:
fc:4f:2f:41:4a:90:f5:a4:6d:ab:a0:9b:32:f2:f3:
52:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:8A:15:96:89:09:3D:01:4C:58:08:C9:52:6A:4A:E2:58:8C:2C:31
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-4oVlokJPQFMWAjJUmpK4liMLDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
d2:04:2b:0a:5f:9b:8b:29:34:1d:43:2c:00:4a:75:10:cc:05:
39:5a:6a:53:ee:4e:3f:25:86:c3:8c:0c:49:08:e3:da:ec:69:
6e:89:f3:a9:00:19:81:55:b4:a6:3c:17:8b:70:46:5a:35:5a:
e0:6a:55:4a:e5:1b:34:a3:b5:2f:ab:99:3b:5c:c6:e1:f8:88:
5d:3b:d8:b0:c6:77:e5:ec:24:87:8f:0f:1d:99:5b:e6:86:fa:
71:0f:d7:9b:e4:1f:00:45:70:23:cc:79:0d:85:70:52:93:ae:
80:7e:17:7f:14:2a:5a:cd:f0:b9:a8:c1:24:4c:f8:76:75:b4:
5b:b2:df:d7:dc:a6:60:11:9c:54:77:0d:57:e3:3f:26:d5:33:
80:7c:7d:3e:33:dd:4a:ca:e2:d1:00:1c:ed:22:7a:fc:b9:40:
f4:e6:30:bf:0a:5e:88:6f:bd:f1:65:d5:64:e8:96:2d:b7:47:
77:01:48:e9:19:60:c0:10:71:36:cb:73:a8:c7:21:bf:54:80:
bb:86:e8:82:c4:03:1c:a2:12:96:5b:9e:1a:33:63:9f:93:6b:
87:fb:76:71:34:eb:1d:48:9d:73:a7:ab:09:7b:fa:f8:9d:dd:
7a:59:79:34:ff:fe:a6:5b:f2:70:ce:5b:8e:58:8b:02:0d:34:
50:8c:35:18
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYrDABWw3fcl8/SkrFg1CPE4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIzMTcwNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjhhMTU5Njg5MDkzZDAxNGM1ODA4Yzk1MjZhNGFlMjU4OGMyYzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJNskBJ8aTuoBaFzN2p0nnTU/Lrj
ATLogcmO44n8Qem7HmeZ0J6XJFIqAXqE/pAe+Fut9ASo9DO0DuErxLX9xnkdkE9G
Xb12mGbHIyCcJ7YUj+N78WtZrAplNYFEvAsxLwrCo6xAVX4WBUuJBmzOdXqmK3iJ
6lx7r2UVB94c9EcKKhrfl8vcZ3kbXrDUKVa159XdJ4BQwSJe25IERoneDruKoyRf
Idqj2PrKXHD2HsyuhdiYoH/OivBdYcix07aIxgZImRa3zaNSphYbMghPOVRLUJvL
m541dM65ikkTw2pbdh+BLOJw9oCm6YTHX4j8Ty9BSpD1pG2roJsy8vNSWQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPuKFZaJCT0BTFgIyVJqSuJYjCwxMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMS00b1Zsb2tKUFFGTVdBakpVbXBLNGxpTUxERS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzgvZjYwMTc4LTk5MWEtNDI2MS05NmEwLWRkNWMzMDBiZTU0
ZS8xL1F3T2FhQk1QR1dNZUZTZVViaDRTZmJIby1kay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQDSBCsKX5uLKTQdQywA
SnUQzAU5WmpT7k4/JYbDjAxJCOPa7GluifOpABmBVbSmPBeLcEZaNVrgalVK5Rs0
o7Uvq5k7XMbh+IhdO9iwxnfl7CSHjw8dmVvmhvpxD9eb5B8ARXAjzHkNhXBSk66A
fhd/FCpazfC5qMEkTPh2dbRbst/X3KZgEZxUdw1X4z8m1TOAfH0+M91KyuLRABzt
Inr8uUD05jC/Cl6Ib73xZdVk6JYtt0d3AUjpGWDAEHE2y3OoxyG/VIC7huiCxAMc
ohKWW54aM2Ofk2uH+3ZxNOsdSJ1zp6sJe/r4nd16WXk0//6mW/JwzluOWIsCDTRQ
jDUY
-----END CERTIFICATE-----
Generated at Sun May 11 01:39:04 2025 by rpki-client