Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/8vaJzeU8QBrowoWA-wpXDtP4nmY.roa
File: 8vaJzeU8QBrowoWA-wpXDtP4nmY.roa (raw, json)
Hash identifier: Y77FwoYPQQ6KCvb20ty1Bv77BLXyItTwe6XaH4SnaOM=
Subject key identifier: F2:F6:89:CD:E5:3C:40:1A:E8:C2:85:80:FB:0A:57:0E:D3:F8:9E:66
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AC9B0C71E46B780D7A3B4A28C7BA1F0B6
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/8vaJzeU8QBrowoWA-wpXDtP4nmY.roa
Signing time: Mon 25 Sep 2023 00:15:20 +0000
ROA not before: Mon 25 Sep 2023 00:15:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c9:b0:c7:1e:46:b7:80:d7:a3:b4:a2:8c:7b:a1:f0:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 25 00:15:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2f689cde53c401ae8c28580fb0a570ed3f89e66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:67:b7:51:e0:4a:1e:df:45:35:ed:32:5d:32:
30:e4:72:c3:fd:71:17:5e:13:f0:48:fc:94:30:14:
e7:a2:c6:ed:0a:93:ed:0c:8b:bf:97:a8:c9:d5:99:
7c:11:ed:1e:db:43:0e:e0:98:1e:7a:80:2c:8b:a3:
11:84:30:0a:bb:4c:2e:35:3f:9e:d5:90:bf:b1:a3:
b8:49:7c:f4:a1:b2:1a:bc:2c:3b:48:5e:10:49:4a:
56:26:e0:a7:a1:e6:53:6f:3d:81:3e:1a:4f:ab:85:
d3:06:f7:12:91:c4:32:ba:d8:26:30:50:fa:92:38:
bb:e4:7d:f8:10:61:1e:ef:aa:96:37:38:80:53:2f:
b7:97:25:34:a9:ca:8e:6c:74:15:bf:f2:80:f5:05:
6c:b4:67:d3:81:99:5b:d3:7a:17:9e:79:19:64:ce:
04:64:ab:36:8e:e9:fb:29:b6:c9:60:4d:3c:74:b5:
b1:6d:8b:64:83:86:7e:43:f3:5a:b2:ca:f6:c8:cf:
70:ad:7e:3e:70:6d:a2:99:42:64:87:7a:ae:5f:8f:
fe:44:e9:70:ea:06:20:d4:ed:4d:79:ab:c6:3e:7e:
72:12:8d:47:74:9b:be:00:9b:05:0c:9f:d5:bb:cd:
f8:c4:84:06:9b:23:ed:c1:6a:6f:28:98:91:fa:07:
f0:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:F6:89:CD:E5:3C:40:1A:E8:C2:85:80:FB:0A:57:0E:D3:F8:9E:66
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/8vaJzeU8QBrowoWA-wpXDtP4nmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5b:bd:68:7e:c8:eb:59:3e:0e:02:86:9a:89:43:fa:ca:7d:d6:
a6:01:e3:a3:94:f0:60:71:f6:ac:d3:fa:72:5c:1b:be:52:8a:
fe:98:89:7d:f7:03:d2:c4:78:d4:75:f9:85:6d:72:63:b4:81:
a6:6d:de:24:64:68:c2:a8:75:8b:9e:86:73:8c:37:8f:c2:e7:
a3:32:68:b8:00:5c:7c:60:e2:de:01:65:82:d9:22:c0:ea:49:
4f:f0:6e:bf:89:92:40:69:3c:7f:7f:86:81:44:ad:7e:73:7c:
9a:07:f7:5c:2d:50:a3:9f:04:ff:dd:e1:d6:43:bf:bf:70:1b:
ee:80:79:b5:8c:be:51:3e:32:8e:5f:58:5a:f5:d0:5b:07:dc:
22:c1:b7:ca:f9:58:df:d6:6c:6e:a1:ae:20:9c:3d:0d:d7:c3:
6d:bd:9e:75:36:c1:2c:11:d9:3c:b5:f2:e1:46:9a:45:09:b6:
08:3b:fd:18:2d:66:14:db:60:ce:58:c3:b0:d6:d7:00:67:3d:
a4:84:4a:35:be:3d:de:9c:81:12:79:34:d1:ee:bf:ac:f5:cf:
71:91:bf:54:f8:29:9b:54:1a:d9:9c:2e:7b:98:33:59:bf:3c:
ba:2d:5a:42:72:6a:d5:fe:7f:c1:80:9d:36:0f:f2:34:b0:8e:
25:c1:d4:4b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrJsMceRreA16O0oox7ofC2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI1MDAxNTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmY2ODljZGU1M2M0MDFhZThjMjg1ODBmYjBhNTcwZWQzZjg5ZTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3We3UeBKHt9FNe0yXTIw5HLD/XEX
XhPwSPyUMBTnosbtCpPtDIu/l6jJ1Zl8Ee0e20MO4JgeeoAsi6MRhDAKu0wuNT+e
1ZC/saO4SXz0obIavCw7SF4QSUpWJuCnoeZTbz2BPhpPq4XTBvcSkcQyutgmMFD6
kji75H34EGEe76qWNziAUy+3lyU0qcqObHQVv/KA9QVstGfTgZlb03oXnnkZZM4E
ZKs2jun7KbbJYE08dLWxbYtkg4Z+Q/Nassr2yM9wrX4+cG2imUJkh3quX4/+ROlw
6gYg1O1NeavGPn5yEo1HdJu+AJsFDJ/Vu834xIQGmyPtwWpvKJiR+gfwmwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPL2ic3lPEAa6MKFgPsKVw7T+J5mMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvOHZhSnplVThRQnJvd29XQS13cFhEdFA0bm1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFu9aH7I61k+DgKGmolD
+sp91qYB46OU8GBx9qzT+nJcG75Siv6YiX33A9LEeNR1+YVtcmO0gaZt3iRkaMKo
dYuehnOMN4/C56MyaLgAXHxg4t4BZYLZIsDqSU/wbr+JkkBpPH9/hoFErX5zfJoH
91wtUKOfBP/d4dZDv79wG+6AebWMvlE+Mo5fWFr10FsH3CLBt8r5WN/WbG6hriCc
PQ3Xw229nnU2wSwR2Ty18uFGmkUJtgg7/RgtZhTbYM5Yw7DW1wBnPaSESjW+Pd6c
gRJ5NNHuv6z1z3GRv1T4KZtUGtmcLnuYM1m/PLotWkJyatX+f8GAnTYP8jSwjiXB
1Es=
-----END CERTIFICATE-----
Generated at Tue May 13 05:53:29 2025 by rpki-client