Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/L-3hfkeBCCK0VPmqldjyDThHeLc.roa
File: L-3hfkeBCCK0VPmqldjyDThHeLc.roa (raw, json)
Hash identifier: VrD71IoJEcUuaohYtnEk0b7Wqwob3puXidperUd9y9g=
Subject key identifier: 2F:ED:E1:7E:47:81:08:22:B4:54:F9:AA:95:D8:F2:0D:38:47:78:B7
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AFFC215DEFDE91A60F729E6B5350B7C8F
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/L-3hfkeBCCK0VPmqldjyDThHeLc.roa
Signing time: Thu 05 Oct 2023 12:13:44 +0000
ROA not before: Thu 05 Oct 2023 12:13:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ff:c2:15:de:fd:e9:1a:60:f7:29:e6:b5:35:0b:7c:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 5 12:13:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2fede17e47810822b454f9aa95d8f20d384778b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:cb:ea:9e:0b:45:15:dc:f0:ac:38:d2:d0:3b:
d8:40:d3:ef:67:2b:99:dc:b0:e2:a8:e7:d6:85:d0:
1a:bc:69:53:d8:2f:78:74:1e:07:a6:c0:50:48:61:
ab:4b:4f:f9:44:d9:fa:71:33:78:92:6c:ae:32:dd:
25:46:36:9c:3c:e3:18:2b:cb:9a:89:a9:94:c7:74:
aa:09:dd:77:50:75:54:1c:11:7a:8a:06:7b:3f:97:
e5:ef:b9:2e:34:f4:d4:8f:52:67:4f:c9:98:a2:22:
da:27:88:bb:bd:45:ac:03:89:26:4b:23:d6:cc:49:
8d:90:49:75:5e:2b:64:c6:f3:5f:4e:24:2c:eb:24:
cd:89:6b:60:0e:ad:b2:db:95:09:8c:e3:90:80:c2:
e5:5e:70:db:2a:f1:76:c0:c6:d1:03:b0:c2:08:79:
cd:55:42:c6:30:fe:dd:29:c8:d1:21:24:11:ce:20:
90:09:1f:1f:b9:9f:10:61:2c:87:e4:0c:eb:a7:19:
62:b1:d9:80:82:e6:63:7e:b9:5a:99:dd:95:a3:96:
1a:ec:c8:12:a0:15:db:38:4a:f7:10:0b:73:93:c2:
a2:93:1c:46:f9:61:77:07:f6:51:4d:9c:bb:98:43:
c1:a2:30:26:b0:ee:b5:3c:53:a0:cf:d4:6c:20:67:
26:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:ED:E1:7E:47:81:08:22:B4:54:F9:AA:95:D8:F2:0D:38:47:78:B7
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/L-3hfkeBCCK0VPmqldjyDThHeLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
56:b6:5a:67:71:fd:0b:b8:c6:d2:74:4b:0a:22:0e:e0:f6:7b:
f2:a6:fd:95:43:0c:14:91:af:9e:7f:f9:9b:c3:91:8b:8f:b2:
9b:53:67:4a:6a:d8:3f:6c:46:00:92:54:5e:e8:88:28:f4:c1:
03:de:ef:27:0b:bc:4b:fb:1e:f5:dd:fd:4c:13:8b:cf:85:eb:
74:fe:1c:55:7f:f0:f5:f9:7a:28:d9:bc:fe:e9:fc:e3:23:87:
5f:ac:ad:4c:de:e4:ff:b3:19:22:93:7a:7b:11:e3:d1:de:da:
34:82:a4:96:46:1e:11:f8:d7:1b:69:3c:3b:a2:79:d7:67:c7:
45:f5:77:f4:5e:8b:c4:6f:bc:37:3e:58:53:f2:4d:e2:e0:73:
53:e6:69:6e:0b:e2:bf:2b:a9:e2:bc:cf:96:da:2c:13:74:35:
69:3b:14:f0:fa:9e:ca:b6:77:58:a0:90:72:67:d1:d4:b1:13:
fb:b7:eb:a4:14:56:9e:12:34:32:17:ca:02:f4:5c:fd:bb:b0:
05:27:9a:d7:b1:55:b4:33:78:0a:15:86:5a:9f:f6:62:03:4b:
c2:fe:2d:e4:51:5a:76:88:5c:83:2a:06:96:17:2a:dd:fd:3e:
8d:5c:be:3e:fd:03:e0:c8:1e:93:e1:ee:bf:33:ea:26:a5:a0:
8c:c0:99:13
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYr/whXe/ekaYPcp5rU1C3yPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA1MTIxMzQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmVkZTE3ZTQ3ODEwODIyYjQ1NGY5YWE5NWQ4ZjIwZDM4NDc3OGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8vqngtFFdzwrDjS0DvYQNPvZyuZ
3LDiqOfWhdAavGlT2C94dB4HpsBQSGGrS0/5RNn6cTN4kmyuMt0lRjacPOMYK8ua
iamUx3SqCd13UHVUHBF6igZ7P5fl77kuNPTUj1JnT8mYoiLaJ4i7vUWsA4kmSyPW
zEmNkEl1XitkxvNfTiQs6yTNiWtgDq2y25UJjOOQgMLlXnDbKvF2wMbRA7DCCHnN
VULGMP7dKcjRISQRziCQCR8fuZ8QYSyH5AzrpxlisdmAguZjfrlamd2Vo5Ya7MgS
oBXbOEr3EAtzk8KikxxG+WF3B/ZRTZy7mEPBojAmsO61PFOgz9RsIGcmIwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC/t4X5HgQgitFT5qpXY8g04R3i3MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvTC0zaGZrZUJDQ0swVlBtcWxkanlEVGhIZUxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFa2Wmdx/Qu4xtJ0Swoi
DuD2e/Km/ZVDDBSRr55/+ZvDkYuPsptTZ0pq2D9sRgCSVF7oiCj0wQPe7ycLvEv7
HvXd/UwTi8+F63T+HFV/8PX5eijZvP7p/OMjh1+srUze5P+zGSKTensR49He2jSC
pJZGHhH41xtpPDuieddnx0X1d/Rei8RvvDc+WFPyTeLgc1PmaW4L4r8rqeK8z5ba
LBN0NWk7FPD6nsq2d1igkHJn0dSxE/u366QUVp4SNDIXygL0XP27sAUnmtexVbQz
eAoVhlqf9mIDS8L+LeRRWnaIXIMqBpYXKt39Po1cvj79A+DIHpPh7r8z6ialoIzA
mRM=
-----END CERTIFICATE-----
Generated at Sun May 11 19:20:15 2025 by rpki-client