Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/F-LqFUBwu_vse3YiodvG-34lVUU.roa
File: F-LqFUBwu_vse3YiodvG-34lVUU.roa (raw, json)
Hash identifier: qYYM/VoionR7NGmWBxQtvLCkU2MKTsanmoxR/iCYwJA=
Subject key identifier: 17:E2:EA:15:40:70:BB:FB:EC:7B:76:22:A1:DB:C6:FB:7E:25:55:45
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AF31766DE83A92AD6DD94462DF69A9B98
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/F-LqFUBwu_vse3YiodvG-34lVUU.roa
Signing time: Tue 03 Oct 2023 01:11:51 +0000
ROA not before: Tue 03 Oct 2023 01:11:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f3:17:66:de:83:a9:2a:d6:dd:94:46:2d:f6:9a:9b:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 3 01:11:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=17e2ea154070bbfbec7b7622a1dbc6fb7e255545
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:7e:5f:05:a3:6f:c2:38:f7:b0:e0:99:4c:bc:
7e:a5:56:a7:16:d3:65:2b:3f:74:6a:a9:d3:d1:8f:
c2:bf:70:5a:c5:df:e4:b9:01:1f:39:3b:5a:10:74:
69:69:6b:cb:1e:81:59:a6:f2:3a:d6:54:01:01:2a:
da:31:2e:83:71:55:a8:52:1f:7f:c4:74:38:6a:0e:
d3:0c:19:aa:96:57:9a:d9:16:90:6d:31:f8:cc:2a:
60:9f:e2:66:f6:46:44:08:be:9f:5c:23:53:9d:26:
5e:ad:93:2f:40:ed:cd:f3:44:5d:82:cd:2c:4f:8d:
15:24:d3:05:1e:fb:d9:17:b7:1c:05:e0:8d:fb:01:
95:6b:dd:50:b5:c7:cf:18:ab:8b:52:09:fc:81:da:
f9:16:90:af:b3:55:71:0e:d9:d4:dd:9c:98:04:6b:
f7:6b:2a:b7:b1:a0:84:df:a4:e6:90:a8:84:ab:99:
96:95:3b:a3:46:36:df:c2:54:f8:34:00:2a:bc:c2:
ec:d1:f6:4a:76:51:42:6f:0a:5f:63:dd:bb:55:36:
5c:d2:3f:92:80:ae:1b:a6:d9:34:4f:97:42:3d:d1:
c8:43:63:2b:c0:50:27:2b:1f:b5:5d:01:13:f1:7a:
bc:05:82:f5:1e:8a:30:b7:d4:f2:7e:8a:9c:14:fe:
ec:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:E2:EA:15:40:70:BB:FB:EC:7B:76:22:A1:DB:C6:FB:7E:25:55:45
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/F-LqFUBwu_vse3YiodvG-34lVUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
77:2a:8a:d9:06:1d:0b:29:fb:80:dc:f5:61:bf:ea:8a:ad:0e:
de:e5:62:1f:d5:8a:be:62:f4:3b:d6:96:31:7a:6b:5a:31:68:
00:74:76:f8:c6:b7:8e:9f:95:42:8f:71:41:05:ca:33:54:04:
07:7f:f8:62:b4:3c:39:cd:b9:d3:c0:8b:76:d3:b8:c2:f9:8f:
b3:37:3b:cb:f7:b8:07:e5:38:f1:d2:29:87:86:1e:16:88:4b:
50:b0:bd:f9:d6:92:99:c2:60:05:f8:89:f1:d1:f3:cb:30:d9:
c3:04:fc:96:99:53:cc:2a:f0:bf:db:2f:1e:bc:f5:b9:66:8b:
14:e0:ec:04:88:c0:b4:7c:c2:46:ea:f8:67:7f:a3:fd:73:1e:
d3:f6:33:31:af:18:77:8b:b7:c7:ca:d3:55:73:85:a8:22:f2:
68:c4:9b:98:a7:29:df:0e:32:9a:06:6b:75:8c:b6:52:28:f3:
22:b5:f0:91:32:2c:a2:d7:d9:fa:65:ee:69:e7:cd:97:e1:cd:
a2:3f:91:a6:f7:bd:1f:4f:0f:cd:97:8f:31:fd:81:cb:22:1b:
22:a4:e3:bf:5e:f7:38:31:3b:2c:88:d9:b5:3e:8f:36:73:0d:
e2:7c:b9:36:87:5b:4e:88:5b:39:92:c9:11:15:3f:72:57:57:
48:ef:26:02
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrzF2beg6kq1t2URi32mpuYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDAzMDExMTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2UyZWExNTQwNzBiYmZiZWM3Yjc2MjJhMWRiYzZmYjdlMjU1NTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnX5fBaNvwjj3sOCZTLx+pVanFtNl
Kz90aqnT0Y/Cv3Baxd/kuQEfOTtaEHRpaWvLHoFZpvI61lQBASraMS6DcVWoUh9/
xHQ4ag7TDBmqllea2RaQbTH4zCpgn+Jm9kZECL6fXCNTnSZerZMvQO3N80Rdgs0s
T40VJNMFHvvZF7ccBeCN+wGVa91QtcfPGKuLUgn8gdr5FpCvs1VxDtnU3ZyYBGv3
ayq3saCE36TmkKiEq5mWlTujRjbfwlT4NAAqvMLs0fZKdlFCbwpfY927VTZc0j+S
gK4bptk0T5dCPdHIQ2MrwFAnKx+1XQET8Xq8BYL1Hoowt9TyfoqcFP7swwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBfi6hVAcLv77Ht2IqHbxvt+JVVFMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvRi1McUZVQnd1X3ZzZTNZaW9kdkctMzRsVlVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHcqitkGHQsp+4Dc9WG/
6oqtDt7lYh/Vir5i9DvWljF6a1oxaAB0dvjGt46flUKPcUEFyjNUBAd/+GK0PDnN
udPAi3bTuML5j7M3O8v3uAflOPHSKYeGHhaIS1CwvfnWkpnCYAX4ifHR88sw2cME
/JaZU8wq8L/bLx689blmixTg7ASIwLR8wkbq+Gd/o/1zHtP2MzGvGHeLt8fK01Vz
hagi8mjEm5inKd8OMpoGa3WMtlIo8yK18JEyLKLX2fpl7mnnzZfhzaI/kab3vR9P
D82XjzH9gcsiGyKk479e9zgxOyyI2bU+jzZzDeJ8uTaHW06IWzmSyREVP3JXV0jv
JgI=
-----END CERTIFICATE-----
Generated at Sun May 11 15:54:46 2025 by rpki-client