Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/C9Z55WDhW-Pl7iOkcA8_erOPjLs.roa
File: C9Z55WDhW-Pl7iOkcA8_erOPjLs.roa (raw, json)
Hash identifier: 1Sqn1dEgEVEx4/gKNDapwy8WWbssw+lWjhUclntjsjA=
Subject key identifier: 0B:D6:79:E5:60:E1:5B:E3:E5:EE:23:A4:70:0F:3F:7A:B3:8F:8C:BB
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B08566D9BD24A278307FACA825FD0F0C5
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/C9Z55WDhW-Pl7iOkcA8_erOPjLs.roa
Signing time: Sat 07 Oct 2023 04:12:43 +0000
ROA not before: Sat 07 Oct 2023 04:12:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:08:56:6d:9b:d2:4a:27:83:07:fa:ca:82:5f:d0:f0:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 7 04:12:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0bd679e560e15be3e5ee23a4700f3f7ab38f8cbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:0a:3c:e3:f5:5a:dd:e4:da:0f:83:c6:df:f8:
3a:f3:d3:f0:d2:08:f5:1c:8e:18:fe:69:40:f5:5e:
a5:49:38:14:2d:3e:6e:5d:32:d2:d9:71:16:e8:ab:
4a:89:91:05:f5:b4:dd:a9:08:38:2d:5f:81:8f:79:
89:a8:17:70:9e:d4:7c:67:cb:e1:78:e9:63:1a:be:
eb:cd:a1:06:ed:af:9a:06:bb:2b:ae:6e:82:23:0d:
f4:ac:b0:af:04:b6:a1:d8:66:40:39:62:2d:19:31:
83:38:1c:d0:3a:64:36:59:5b:92:ce:e3:a5:b9:29:
39:d9:68:8b:3c:dd:8a:66:2e:57:f8:9d:d2:3a:08:
cd:64:60:65:11:05:44:70:14:b1:3b:c2:cc:57:a2:
00:5e:86:67:1e:7a:90:78:83:4a:cf:00:58:ca:38:
0e:bd:5b:d9:c3:63:b6:a2:aa:6c:3b:83:22:c6:a1:
e0:5e:9e:2a:ca:6a:8b:5e:bc:cf:46:18:13:0b:0e:
85:47:91:46:1e:42:05:f1:86:8c:5b:58:ec:c9:f5:
9f:a1:5e:58:ff:bc:65:fe:e4:fe:66:fd:15:10:e8:
96:36:80:e2:c6:3f:99:a2:e3:ea:8b:b9:8c:34:e1:
ff:5d:4e:a6:c0:0d:91:f5:b9:95:11:f4:36:7e:47:
77:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:D6:79:E5:60:E1:5B:E3:E5:EE:23:A4:70:0F:3F:7A:B3:8F:8C:BB
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/C9Z55WDhW-Pl7iOkcA8_erOPjLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4b:c7:14:5d:d6:5a:36:13:ae:d7:52:51:25:53:88:06:af:8f:
ee:7a:ad:bc:c7:74:b7:09:f2:bb:bc:00:76:ad:09:8e:87:07:
40:b1:4c:0e:df:fb:f6:d1:ca:3d:85:80:2f:07:2f:6f:61:b8:
9c:ae:af:22:f5:d8:0f:50:31:53:aa:a8:2f:ef:39:a0:c6:01:
ff:5b:a8:7b:b0:8c:5b:13:92:c4:51:0e:5a:e9:78:2e:f8:02:
71:10:e4:82:f5:96:d8:dd:b3:26:33:aa:8b:1d:a8:a1:a8:c6:
87:d6:c6:4e:7d:99:3e:df:c8:e5:f6:85:40:fb:f1:3e:39:12:
06:ac:dc:d4:39:fb:6a:2b:3f:20:a8:a0:6e:75:2e:24:4d:d8:
58:c8:39:95:4d:b0:39:9c:9f:39:e2:a4:a4:ee:14:5a:5a:66:
d7:85:5f:f7:7c:ac:dc:92:a4:ff:b8:d1:ab:6e:98:e7:9a:cc:
d5:b8:5d:96:ac:ed:ea:8f:62:67:dc:4e:40:4a:7a:0e:9e:57:
14:00:47:cc:72:02:9a:b9:8e:29:76:83:ce:f1:c8:c0:f5:29:
4a:08:6c:bc:db:62:9e:ba:a6:dc:7f:41:6c:d3:5b:99:b5:a0:
28:ea:0a:a6:bb:f0:0c:9d:13:b1:36:26:ad:8e:6e:11:4a:01:
5a:9c:38:7f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsIVm2b0kongwf6yoJf0PDFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA3MDQxMjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmQ2NzllNTYwZTE1YmUzZTVlZTIzYTQ3MDBmM2Y3YWIzOGY4Y2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAo84/Va3eTaD4PG3/g689Pw0gj1
HI4Y/mlA9V6lSTgULT5uXTLS2XEW6KtKiZEF9bTdqQg4LV+Bj3mJqBdwntR8Z8vh
eOljGr7rzaEG7a+aBrsrrm6CIw30rLCvBLah2GZAOWItGTGDOBzQOmQ2WVuSzuOl
uSk52WiLPN2KZi5X+J3SOgjNZGBlEQVEcBSxO8LMV6IAXoZnHnqQeINKzwBYyjgO
vVvZw2O2oqpsO4MixqHgXp4qymqLXrzPRhgTCw6FR5FGHkIF8YaMW1jsyfWfoV5Y
/7xl/uT+Zv0VEOiWNoDixj+ZouPqi7mMNOH/XU6mwA2R9bmVEfQ2fkd3qQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAvWeeVg4Vvj5e4jpHAPP3qzj4y7MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQzlaNTVXRGhXLVBsN2lPa2NBOF9lck9QakxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEvHFF3WWjYTrtdSUSVT
iAavj+56rbzHdLcJ8ru8AHatCY6HB0CxTA7f+/bRyj2FgC8HL29huJyuryL12A9Q
MVOqqC/vOaDGAf9bqHuwjFsTksRRDlrpeC74AnEQ5IL1ltjdsyYzqosdqKGoxofW
xk59mT7fyOX2hUD78T45Egas3NQ5+2orPyCooG51LiRN2FjIOZVNsDmcnznipKTu
FFpaZteFX/d8rNySpP+40atumOeazNW4XZas7eqPYmfcTkBKeg6eVxQAR8xyApq5
jil2g87xyMD1KUoIbLzbYp66ptx/QWzTW5m1oCjqCqa78AydE7E2Jq2ObhFKAVqc
OH8=
-----END CERTIFICATE-----
Generated at Sat May 10 14:57:46 2025 by rpki-client