Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-pQ_ixCIyuHy4jEXpJy2gfK6eeQ.roa
File: 1-pQ_ixCIyuHy4jEXpJy2gfK6eeQ.roa (raw, json)
Hash identifier: KluM4CqdfBHPtdYKy8PiRVD298SZuXStmgAdFm7DWDM=
Subject key identifier: FA:94:3F:8B:10:88:CA:E1:F2:E2:31:17:A4:9C:B6:81:F2:BA:79:E4
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B3566421E1E852F2C937D4FF3256031B6
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-pQ_ixCIyuHy4jEXpJy2gfK6eeQ.roa
Signing time: Sun 15 Oct 2023 22:12:55 +0000
ROA not before: Sun 15 Oct 2023 22:12:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:35:66:42:1e:1e:85:2f:2c:93:7d:4f:f3:25:60:31:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 15 22:12:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa943f8b1088cae1f2e23117a49cb681f2ba79e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f9:29:74:3b:5a:d9:b1:dc:a1:d0:66:d7:2f:
b5:e1:b9:e2:cf:58:f5:59:27:be:32:e4:99:95:7c:
70:26:c0:0d:f2:b9:7b:8d:83:b0:0b:3e:81:5f:c3:
24:07:4c:64:d3:05:35:67:84:b9:47:d9:be:45:39:
fd:9f:fa:93:58:9f:a8:7f:29:74:ac:0a:8f:b4:ac:
a4:7d:5d:3b:e2:a7:13:d9:27:21:e8:f5:17:09:52:
30:a0:36:4c:ea:47:0c:9f:52:77:53:f1:c2:67:b4:
bc:23:98:87:08:05:8c:5d:d7:5a:8d:ad:91:32:52:
fe:13:d7:48:e2:70:66:c0:39:63:a4:01:9c:e5:f2:
09:b1:04:b8:8e:90:1a:77:1a:12:2b:f3:f3:14:02:
94:6c:0b:cb:d8:c7:85:d9:77:bb:7d:dc:c8:32:f8:
b8:be:c3:f1:34:66:24:67:9d:b2:2a:9a:52:21:fb:
41:10:75:a6:40:5d:ea:ef:cd:0d:d4:0d:bd:64:99:
e9:84:05:d7:a4:e8:c3:0f:ae:f0:f8:23:12:00:ee:
0f:a1:85:7a:7f:87:f3:dd:8d:5a:e9:3f:92:a6:b8:
bf:28:74:6b:16:79:0d:2e:14:b7:74:d1:65:98:63:
bb:60:e9:88:82:21:15:cd:85:7f:d1:e1:5e:8a:2e:
c0:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:94:3F:8B:10:88:CA:E1:F2:E2:31:17:A4:9C:B6:81:F2:BA:79:E4
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-pQ_ixCIyuHy4jEXpJy2gfK6eeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b8:d0:75:ae:01:57:61:64:52:67:e6:3d:2e:4c:6e:0a:87:a5:
45:4b:50:6b:69:d0:f5:3a:6e:6d:c8:bb:7c:e3:73:2a:33:a6:
5b:b3:42:fc:cb:84:a4:a6:0e:c7:c0:e8:e4:12:51:28:38:a1:
57:b7:ac:b1:ad:b9:b5:f7:66:9a:97:da:ba:05:33:03:b8:da:
c2:3a:1a:62:73:eb:19:08:c4:11:19:4f:27:db:6d:a8:9d:04:
28:ae:4d:86:91:9f:de:26:69:82:89:3f:6c:d8:42:e8:ee:a5:
7e:9b:22:20:cc:e2:c8:53:79:35:81:ce:c3:d1:05:1c:f0:fd:
9b:3d:8a:8f:6c:7b:7e:0a:9b:07:cd:9d:b8:67:ce:b8:e8:37:
d7:ec:e7:1d:cb:2a:52:cd:11:1e:fa:82:4e:1f:55:d5:c3:67:
6c:3f:ce:23:ab:89:3c:f3:50:6d:1f:22:d7:11:ca:02:a1:90:
71:e6:35:b7:c1:ed:ea:39:f8:85:d7:74:be:e4:48:83:f9:6c:
3b:e6:43:02:79:f2:a3:a1:1d:dd:4f:25:86:9c:5a:c2:0b:74:
55:6f:62:10:e6:d2:a5:43:40:6a:68:83:92:e1:92:21:48:15:
a1:79:06:be:90:cc:1b:82:ea:92:fb:4e:44:59:8c:fa:32:88:
c8:11:55:c7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYs1ZkIeHoUvLJN9T/MlYDG2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE1MjIxMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTk0M2Y4YjEwODhjYWUxZjJlMjMxMTdhNDljYjY4MWYyYmE3OWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/kpdDta2bHcodBm1y+14bniz1j1
WSe+MuSZlXxwJsAN8rl7jYOwCz6BX8MkB0xk0wU1Z4S5R9m+RTn9n/qTWJ+ofyl0
rAqPtKykfV074qcT2Sch6PUXCVIwoDZM6kcMn1J3U/HCZ7S8I5iHCAWMXddaja2R
MlL+E9dI4nBmwDljpAGc5fIJsQS4jpAadxoSK/PzFAKUbAvL2MeF2Xe7fdzIMvi4
vsPxNGYkZ52yKppSIftBEHWmQF3q780N1A29ZJnphAXXpOjDD67w+CMSAO4PoYV6
f4fz3Y1a6T+Spri/KHRrFnkNLhS3dNFlmGO7YOmIgiEVzYV/0eFeii7A0QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPqUP4sQiMrh8uIxF6SctoHyunnkMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMS1wUV9peENJeXVIeTRqRVhwSnkyZ2ZLNmVlUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzgvZjYwMTc4LTk5MWEtNDI2MS05NmEwLWRkNWMzMDBiZTU0
ZS8xL1F3T2FhQk1QR1dNZUZTZVViaDRTZmJIby1kay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQC40HWuAVdhZFJn5j0u
TG4Kh6VFS1BradD1Om5tyLt843MqM6Zbs0L8y4Skpg7HwOjkElEoOKFXt6yxrbm1
92aal9q6BTMDuNrCOhpic+sZCMQRGU8n222onQQork2GkZ/eJmmCiT9s2ELo7qV+
myIgzOLIU3k1gc7D0QUc8P2bPYqPbHt+CpsHzZ24Z8646DfX7OcdyypSzREe+oJO
H1XVw2dsP84jq4k881BtHyLXEcoCoZBx5jW3we3qOfiF13S+5EiD+Ww75kMCefKj
oR3dTyWGnFrCC3RVb2IQ5tKlQ0BqaIOS4ZIhSBWheQa+kMwbguqS+05EWYz6MojI
EVXH
-----END CERTIFICATE-----
Generated at Sat May 10 22:28:10 2025 by rpki-client