Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/8lrR4R1WTuL2VFcSrrwOA_nphBw.roa
File: 8lrR4R1WTuL2VFcSrrwOA_nphBw.roa (raw, json)
Hash identifier: dE8Pcq1MG+Z8vq91t42zBq9SabKiAl8tHPa02DLTir8=
Subject key identifier: F2:5A:D1:E1:1D:56:4E:E2:F6:54:57:12:AE:BC:0E:03:F9:E9:84:1C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B8B3A4EF2BD33EED5E8A17F34B988BE73
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/8lrR4R1WTuL2VFcSrrwOA_nphBw.roa
Signing time: Wed 01 Nov 2023 14:12:16 +0000
ROA not before: Wed 01 Nov 2023 14:12:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8b:3a:4e:f2:bd:33:ee:d5:e8:a1:7f:34:b9:88:be:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 1 14:12:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f25ad1e11d564ee2f6545712aebc0e03f9e9841c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b8:0b:16:28:cc:bd:13:74:dc:3d:dd:97:d6:
8d:57:7c:fb:79:41:d1:c3:c6:86:35:eb:2e:4c:b9:
33:7b:1d:98:b4:53:fd:1d:6d:c0:cd:a4:9e:f3:25:
46:bc:87:06:8b:76:13:ca:0f:23:5e:aa:8c:53:f3:
62:7b:55:f7:de:a4:38:67:bf:26:ef:80:d1:c2:9f:
67:0e:2f:bb:c7:04:02:59:cb:83:86:23:6a:c2:5d:
bb:f2:67:0a:d5:09:74:a9:7f:4f:b4:9c:2e:21:81:
bf:d3:cc:42:02:28:04:63:e7:38:12:cd:d6:f8:7c:
9b:de:57:cd:4f:11:26:95:b0:af:96:77:a4:60:c3:
b4:d9:59:6d:d2:97:29:24:0a:73:fd:5b:54:4b:ae:
e6:3d:0c:2a:dd:10:a3:56:cb:60:06:a1:15:5b:11:
9c:1b:b7:ba:89:60:96:a5:80:1d:7f:8d:da:79:78:
c0:19:20:01:4b:a5:11:32:32:cd:9a:13:06:f2:4b:
de:19:55:33:0b:d3:6b:78:4c:e1:de:40:4c:f6:e5:
50:cd:00:59:18:24:1e:74:de:fd:5c:53:6c:88:1c:
33:e4:70:9d:d1:af:a3:10:e3:65:f4:78:ce:6f:ae:
db:19:44:db:1f:a1:8b:67:0f:9b:fe:e0:f8:b5:a6:
4a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:5A:D1:E1:1D:56:4E:E2:F6:54:57:12:AE:BC:0E:03:F9:E9:84:1C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/8lrR4R1WTuL2VFcSrrwOA_nphBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
70:ec:6a:cd:b5:70:24:80:69:07:a6:84:a2:5b:23:18:14:d4:
c8:c9:2b:21:94:ce:ab:a7:7f:0f:cc:fa:e9:0e:41:ea:f4:f0:
41:39:23:66:d9:94:ff:53:45:14:42:7f:a3:14:1e:5a:d3:e9:
45:e6:42:35:12:0d:7c:87:3b:8e:a3:e9:42:4d:25:66:3a:12:
17:6b:59:83:21:77:61:69:bd:2f:07:7d:b8:13:17:26:1e:3a:
a9:f1:4f:80:db:c0:db:3e:7d:46:04:46:dc:2a:15:0e:18:2c:
56:97:fe:8b:02:76:53:81:49:24:7e:fa:3b:46:1b:dc:04:09:
e8:ca:29:f9:1b:cf:7a:c3:70:88:0d:49:6b:39:ec:e5:4a:32:
36:28:d6:4b:bf:25:ff:04:b9:6c:81:e5:39:e5:0d:8d:e3:41:
e0:ea:ca:f1:5a:33:f9:4a:cc:88:a4:8c:82:6c:93:77:cd:34:
f4:c7:b1:19:e1:3f:36:f6:7e:87:8f:aa:e7:98:d0:8e:29:d7:
f6:9b:47:98:a9:c1:23:9c:39:4e:3a:89:ef:92:e6:40:17:58:
c0:99:a8:0e:88:e2:a4:7d:ef:b7:22:f6:e2:1e:e0:3e:5e:f4:
2f:14:df:a0:72:9d:ce:70:c7:25:18:2f:b4:f1:a1:1c:13:8c:
c9:57:b6:4c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuLOk7yvTPu1eihfzS5iL5zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTAxMTQxMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjVhZDFlMTFkNTY0ZWUyZjY1NDU3MTJhZWJjMGUwM2Y5ZTk4NDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7gLFijMvRN03D3dl9aNV3z7eUHR
w8aGNesuTLkzex2YtFP9HW3AzaSe8yVGvIcGi3YTyg8jXqqMU/Nie1X33qQ4Z78m
74DRwp9nDi+7xwQCWcuDhiNqwl278mcK1Ql0qX9PtJwuIYG/08xCAigEY+c4Es3W
+Hyb3lfNTxEmlbCvlnekYMO02Vlt0pcpJApz/VtUS67mPQwq3RCjVstgBqEVWxGc
G7e6iWCWpYAdf43aeXjAGSABS6URMjLNmhMG8kveGVUzC9NreEzh3kBM9uVQzQBZ
GCQedN79XFNsiBwz5HCd0a+jEONl9HjOb67bGUTbH6GLZw+b/uD4taZKzQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPJa0eEdVk7i9lRXEq68DgP56YQcMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvOGxyUjRSMVdUdUwyVkZjU3Jyd09BX25waEJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHDsas21cCSAaQemhKJb
IxgU1MjJKyGUzqunfw/M+ukOQer08EE5I2bZlP9TRRRCf6MUHlrT6UXmQjUSDXyH
O46j6UJNJWY6EhdrWYMhd2FpvS8HfbgTFyYeOqnxT4DbwNs+fUYERtwqFQ4YLFaX
/osCdlOBSSR++jtGG9wECejKKfkbz3rDcIgNSWs57OVKMjYo1ku/Jf8EuWyB5Tnl
DY3jQeDqyvFaM/lKzIikjIJsk3fNNPTHsRnhPzb2foePqueY0I4p1/abR5ipwSOc
OU46ie+S5kAXWMCZqA6I4qR977ci9uIe4D5e9C8U36Bync5wxyUYL7TxoRwTjMlX
tkw=
-----END CERTIFICATE-----
Generated at Sat May 10 14:44:56 2025 by rpki-client