Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/8iVn7KN7-kyuY9Q4D2jhDQgaqQE.roa
File: 8iVn7KN7-kyuY9Q4D2jhDQgaqQE.roa (raw, json)
Hash identifier: N2Hqqyxkm0FvRHD2KyDPOBBmGRrJBAxTq2ISAO+hag4=
Subject key identifier: F2:25:67:EC:A3:7B:FA:4C:AE:63:D4:38:0F:68:E1:0D:08:1A:A9:01
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AC2D2FD2F63B13DFC71387FDFF033B005
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/8iVn7KN7-kyuY9Q4D2jhDQgaqQE.roa
Signing time: Sat 23 Sep 2023 16:15:21 +0000
ROA not before: Sat 23 Sep 2023 16:15:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c2:d2:fd:2f:63:b1:3d:fc:71:38:7f:df:f0:33:b0:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 23 16:15:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f22567eca37bfa4cae63d4380f68e10d081aa901
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:6f:ca:e3:4b:dc:3f:7d:1b:78:72:ab:93:0e:
ca:45:bb:ea:80:7d:78:5c:fc:2b:55:01:15:b3:98:
eb:d3:7f:51:52:a7:25:9d:81:bc:7d:fa:78:7a:73:
00:db:bf:06:63:f2:4e:8d:f5:71:0c:19:fe:b9:fc:
2d:07:e7:31:a5:0d:f4:d4:a0:60:95:cf:d1:7d:e5:
41:f2:14:2c:4f:5b:b4:0f:b1:dc:58:c4:c2:72:e2:
74:ab:f8:1e:66:9a:37:5b:26:37:94:ed:d1:8e:d7:
36:fb:9b:da:c6:9b:52:ff:6a:5d:64:ad:d3:f4:07:
9c:ad:87:a5:64:b0:3f:d7:ea:13:ae:5a:af:55:9c:
71:dd:33:b0:5f:34:c8:74:94:77:b5:8f:3f:df:37:
c5:32:9c:c4:ea:14:19:f9:c8:c5:2e:41:58:9c:81:
76:c3:2f:77:95:b3:91:aa:93:8b:0e:80:9f:da:db:
2f:de:0a:35:4c:51:5f:a5:2d:30:2f:31:43:40:8d:
cd:a5:fa:3f:cd:88:eb:14:b4:23:e6:d7:de:7a:73:
a3:5c:5c:24:2a:94:18:c4:8e:79:29:29:43:59:15:
41:08:c6:a6:a8:ac:54:bc:51:18:6a:fc:49:7d:e1:
5a:0c:3b:bc:dd:04:c8:b5:f8:a1:93:18:09:7d:96:
71:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:25:67:EC:A3:7B:FA:4C:AE:63:D4:38:0F:68:E1:0D:08:1A:A9:01
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/8iVn7KN7-kyuY9Q4D2jhDQgaqQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
05:4b:ca:c9:4f:d1:e0:21:d6:1e:05:49:10:3a:95:9a:80:e0:
4b:3b:75:38:d1:ea:b9:8c:b3:b2:43:62:19:c8:05:5c:f1:b0:
93:bc:09:80:ba:e3:d6:ad:26:28:7d:e2:19:5c:35:1f:0d:1e:
93:df:2d:a7:cc:28:2d:e3:f3:43:80:71:09:07:03:e4:81:79:
e5:a0:0f:44:1c:70:9a:89:a4:57:6f:8d:d0:5e:74:57:75:97:
e4:52:15:77:e7:89:0e:b1:d3:2e:3d:3f:0c:86:95:94:93:9e:
51:93:76:4d:96:5e:8b:ed:3f:fe:c6:2d:0f:be:25:2f:bb:4b:
9b:21:3e:44:d8:6f:65:6f:65:cd:6c:8c:57:9a:a8:d9:1e:69:
58:bd:32:27:29:9f:45:02:72:e3:8a:d2:52:74:de:88:af:41:
0b:92:be:0b:2f:16:95:39:76:78:45:d0:c0:16:e4:57:41:ee:
dd:58:b9:ff:f0:25:6d:ac:9a:8c:ca:10:3e:df:6b:34:8b:a1:
6e:c1:2b:1c:ca:22:2d:8f:22:6f:9d:cd:90:cf:88:1b:c5:2a:
0c:c6:47:6d:6e:07:8c:6d:07:e2:ad:57:32:f3:6a:36:df:67:
d6:29:65:6e:43:88:bf:09:63:29:09:02:4e:65:ce:a5:47:88:
72:1a:33:32
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrC0v0vY7E9/HE4f9/wM7AFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIzMTYxNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjI1NjdlY2EzN2JmYTRjYWU2M2Q0MzgwZjY4ZTEwZDA4MWFhOTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwG/K40vcP30beHKrkw7KRbvqgH14
XPwrVQEVs5jr039RUqclnYG8ffp4enMA278GY/JOjfVxDBn+ufwtB+cxpQ301KBg
lc/RfeVB8hQsT1u0D7HcWMTCcuJ0q/geZpo3WyY3lO3Rjtc2+5vaxptS/2pdZK3T
9AecrYelZLA/1+oTrlqvVZxx3TOwXzTIdJR3tY8/3zfFMpzE6hQZ+cjFLkFYnIF2
wy93lbORqpOLDoCf2tsv3go1TFFfpS0wLzFDQI3Npfo/zYjrFLQj5tfeenOjXFwk
KpQYxI55KSlDWRVBCMamqKxUvFEYavxJfeFaDDu83QTItfihkxgJfZZxNwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPIlZ+yje/pMrmPUOA9o4Q0IGqkBMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvOGlWbjdLTjcta3l1WTlRNEQyamhEUWdhcVFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAVLyslP0eAh1h4FSRA6
lZqA4Es7dTjR6rmMs7JDYhnIBVzxsJO8CYC649atJih94hlcNR8NHpPfLafMKC3j
80OAcQkHA+SBeeWgD0QccJqJpFdvjdBedFd1l+RSFXfniQ6x0y49PwyGlZSTnlGT
dk2WXovtP/7GLQ++JS+7S5shPkTYb2VvZc1sjFeaqNkeaVi9Micpn0UCcuOK0lJ0
3oivQQuSvgsvFpU5dnhF0MAW5FdB7t1Yuf/wJW2smozKED7fazSLoW7BKxzKIi2P
Im+dzZDPiBvFKgzGR21uB4xtB+KtVzLzajbfZ9YpZW5DiL8JYykJAk5lzqVHiHIa
MzI=
-----END CERTIFICATE-----
Generated at Sat May 10 13:37:49 2025 by rpki-client