Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/D4f2qbLVYMLxxGsAYij8o8TMLsE.roa
File: D4f2qbLVYMLxxGsAYij8o8TMLsE.roa (raw, json)
Hash identifier: bU5nhWOC0d4zf9Bk9/a7Xugrj7m0hAtxT66d6QvfufQ=
Subject key identifier: 0F:87:F6:A9:B2:D5:60:C2:F1:C4:6B:00:62:28:FC:A3:C4:CC:2E:C1
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B7591DEF2E5A438F3706B8AA09729E4A8
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/D4f2qbLVYMLxxGsAYij8o8TMLsE.roa
Signing time: Sat 28 Oct 2023 09:16:15 +0000
ROA not before: Sat 28 Oct 2023 09:16:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:75:91:de:f2:e5:a4:38:f3:70:6b:8a:a0:97:29:e4:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 28 09:16:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f87f6a9b2d560c2f1c46b006228fca3c4cc2ec1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:9b:55:be:cd:20:ac:e2:3f:21:77:93:9b:f8:
7d:5c:f3:8b:76:07:4f:a9:66:e8:73:51:1e:9d:ae:
a1:b2:1a:58:59:d5:30:ee:0f:47:17:cb:62:b6:80:
bd:94:7a:ed:05:9f:94:31:8f:15:2a:cb:08:24:20:
bc:24:2a:0b:eb:85:73:93:bc:ad:87:f5:18:54:68:
4a:96:7c:36:cf:d9:a3:1a:16:2d:d3:85:be:55:1e:
1d:73:2c:6f:bb:e6:bf:ad:02:da:7c:de:59:b3:12:
61:64:06:43:7a:8b:30:b8:5b:38:4e:19:99:fb:3a:
1d:14:c7:d9:1b:1b:a8:17:c5:38:8c:c3:53:f1:10:
7a:3d:fe:73:5f:a6:fd:a4:c1:ba:fe:a1:55:5f:29:
cf:d8:03:98:b6:6c:26:68:f7:f9:09:a2:92:a4:be:
28:d3:ff:c9:c6:ff:bc:7f:05:f7:5c:0b:29:dc:1e:
ed:ea:31:57:1e:0c:0e:5b:e7:32:cf:0b:dc:41:a9:
e1:22:4d:95:2a:b6:14:37:60:f7:cd:f8:bd:f7:05:
59:68:56:21:1c:bf:03:4e:91:f4:d5:32:dc:6f:20:
ab:64:9c:80:17:3b:1d:2c:4d:5e:83:73:7b:6a:d9:
c5:e4:b6:bd:a6:4c:a9:6c:ea:08:f7:80:5a:0e:a0:
43:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:87:F6:A9:B2:D5:60:C2:F1:C4:6B:00:62:28:FC:A3:C4:CC:2E:C1
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/D4f2qbLVYMLxxGsAYij8o8TMLsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
63:81:08:79:e5:bd:b2:18:6c:54:0d:ac:e1:c0:ba:25:c3:0d:
6f:01:23:be:85:ab:7b:ce:32:c6:64:8b:9e:f4:cf:36:1f:bb:
f7:6b:8f:72:e2:c1:91:88:40:a3:36:bf:c9:19:06:0e:4e:7e:
89:ba:22:99:a5:55:5b:04:8a:5d:26:f8:fc:ce:a8:08:03:a7:
59:59:05:b9:f7:ee:a4:64:a9:6c:b8:a1:0c:f3:09:42:81:b0:
b3:17:36:b6:7e:56:37:6e:b5:97:59:1b:df:79:76:79:7d:15:
68:c4:7b:c2:29:b3:39:f7:3d:32:4b:54:e7:8b:a6:35:fb:74:
19:44:00:13:c8:e0:53:c3:ba:1c:46:ef:0a:00:b1:c9:60:91:
4e:7f:16:21:62:ff:1b:d7:4c:05:00:eb:cd:38:ac:11:e2:2b:
f9:37:6e:a0:5d:f8:43:b2:d2:10:91:4c:9e:b6:ec:1a:bf:b2:
6c:79:d7:b0:25:cb:49:2c:95:bc:cc:11:ff:0a:75:27:9a:c6:
f2:ec:7a:41:5a:0f:03:2a:d0:2c:e6:60:ef:0e:79:bd:2d:13:
d5:d6:c5:83:cb:51:67:d3:5c:8d:59:33:1c:42:91:2b:48:93:
66:1c:f2:54:10:b4:f2:c7:86:5d:cc:aa:ba:5e:43:dc:10:87:
ce:e1:77:34
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYt1kd7y5aQ483BriqCXKeSoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI4MDkxNjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjg3ZjZhOWIyZDU2MGMyZjFjNDZiMDA2MjI4ZmNhM2M0Y2MyZWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5JtVvs0grOI/IXeTm/h9XPOLdgdP
qWboc1Eena6hshpYWdUw7g9HF8titoC9lHrtBZ+UMY8VKssIJCC8JCoL64Vzk7yt
h/UYVGhKlnw2z9mjGhYt04W+VR4dcyxvu+a/rQLafN5ZsxJhZAZDeoswuFs4ThmZ
+zodFMfZGxuoF8U4jMNT8RB6Pf5zX6b9pMG6/qFVXynP2AOYtmwmaPf5CaKSpL4o
0//Jxv+8fwX3XAsp3B7t6jFXHgwOW+cyzwvcQanhIk2VKrYUN2D3zfi99wVZaFYh
HL8DTpH01TLcbyCrZJyAFzsdLE1eg3N7atnF5La9pkypbOoI94BaDqBDYQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA+H9qmy1WDC8cRrAGIo/KPEzC7BMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvRDRmMnFiTFZZTUx4eEdzQVlpajhvOFRNTHNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGOBCHnlvbIYbFQNrOHA
uiXDDW8BI76Fq3vOMsZki570zzYfu/drj3LiwZGIQKM2v8kZBg5Ofom6IpmlVVsE
il0m+PzOqAgDp1lZBbn37qRkqWy4oQzzCUKBsLMXNrZ+VjdutZdZG995dnl9FWjE
e8Ipszn3PTJLVOeLpjX7dBlEABPI4FPDuhxG7woAsclgkU5/FiFi/xvXTAUA6804
rBHiK/k3bqBd+EOy0hCRTJ627Bq/smx517Aly0kslbzMEf8KdSeaxvLsekFaDwMq
0CzmYO8Oeb0tE9XWxYPLUWfTXI1ZMxxCkStIk2Yc8lQQtPLHhl3MqrpeQ9wQh87h
dzQ=
-----END CERTIFICATE-----
Generated at Sun May 11 18:58:17 2025 by rpki-client