Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/LL9B3f_6wbdg41aizcmj7v7lz4Q.roa
File: LL9B3f_6wbdg41aizcmj7v7lz4Q.roa (raw, json)
Hash identifier: OJREUbHaipvgkSo0UhEoECKGSfNdoOICHrRpkRNrjzY=
Subject key identifier: 2C:BF:41:DD:FF:FA:C1:B7:60:E3:56:A2:CD:C9:A3:EE:FE:E5:CF:84
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AF2E337BD3F9168CC6C49F13B9A6EE36A
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/LL9B3f_6wbdg41aizcmj7v7lz4Q.roa
Signing time: Tue 03 Oct 2023 00:14:51 +0000
ROA not before: Tue 03 Oct 2023 00:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f2:e3:37:bd:3f:91:68:cc:6c:49:f1:3b:9a:6e:e3:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 3 00:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2cbf41ddfffac1b760e356a2cdc9a3eefee5cf84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:0e:cd:ac:60:80:37:ec:2e:51:4c:43:1f:e9:
74:fb:ed:41:5c:50:85:f3:05:3f:88:98:ba:e9:3f:
53:7e:f4:bf:38:cb:df:f7:49:86:25:e0:ba:eb:05:
f0:b8:fd:4a:6f:90:99:90:cb:b4:bd:f0:61:da:82:
f6:40:03:de:95:b7:4e:2c:3b:19:48:10:ec:72:33:
65:12:77:3a:00:71:02:cb:ec:ed:14:26:64:77:06:
81:4a:7a:c5:9f:1e:a0:27:35:a3:7d:66:72:21:ed:
e9:dd:50:a7:73:25:bb:d9:ea:4f:74:ac:17:20:ad:
b8:7c:9d:c1:be:78:7f:07:a1:c6:68:7e:b8:4a:a9:
f1:35:92:a1:c5:81:2a:e5:f8:d1:d5:9f:cb:10:6d:
d6:0f:46:18:5a:12:fc:5e:81:52:06:17:70:59:6c:
78:87:34:79:d2:76:6e:f3:6d:64:44:47:32:fe:62:
dd:60:f6:27:26:46:d6:0c:b9:52:e9:37:36:82:b4:
02:1a:ba:f3:cf:d9:4a:d1:13:88:40:cc:42:bd:14:
cf:19:6c:c9:07:66:c8:41:23:72:af:39:fc:38:a9:
19:bf:00:b6:5a:76:39:3c:6d:de:93:77:96:40:f9:
77:5d:53:59:27:cd:71:82:a4:58:61:25:9a:79:e1:
2a:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:BF:41:DD:FF:FA:C1:B7:60:E3:56:A2:CD:C9:A3:EE:FE:E5:CF:84
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/LL9B3f_6wbdg41aizcmj7v7lz4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
46:6d:c9:69:79:75:34:81:c8:b1:02:79:89:21:c4:ef:ba:ae:
b9:b3:e8:06:64:e4:d0:4d:1d:e9:ab:23:7d:44:21:da:cb:5f:
79:2a:a4:65:c8:94:f3:3d:1a:11:ea:29:d2:12:1a:6c:18:70:
ba:49:d6:c0:a8:6b:b7:19:61:bc:fe:e5:c6:b0:ea:ed:79:e1:
ee:64:7d:7b:1c:53:2a:ee:34:5f:ab:45:ac:62:10:c6:84:ec:
47:5d:00:de:42:ac:10:7d:35:ea:c5:0a:19:a3:13:f4:61:12:
a0:07:88:3d:4e:43:1c:c1:65:91:1f:f8:02:4c:57:10:7c:c1:
08:fc:84:97:e3:c0:9f:be:9d:b7:0f:9d:93:1f:30:c8:77:a7:
dc:0b:87:77:67:6a:ea:7d:d1:43:77:01:3d:f8:2e:25:73:48:
3b:c4:a9:0b:c7:82:ee:f0:59:a6:15:87:cf:b3:0e:c0:92:6f:
ef:98:31:3c:14:11:7e:72:b7:62:e2:42:94:05:d9:59:d5:63:
2b:d3:03:18:6f:ca:73:8b:b9:75:84:2f:d9:1e:f8:20:15:12:
f4:6e:81:41:a5:21:82:96:aa:ae:65:14:4c:fe:0d:a3:6c:03:
00:09:c8:5b:f5:65:3d:2e:9f:33:fa:e8:9a:68:0f:2a:eb:25:
f2:9e:63:e8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYry4ze9P5FozGxJ8TuabuNqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDAzMDAxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2JmNDFkZGZmZmFjMWI3NjBlMzU2YTJjZGM5YTNlZWZlZTVjZjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQ7NrGCAN+wuUUxDH+l0++1BXFCF
8wU/iJi66T9TfvS/OMvf90mGJeC66wXwuP1Kb5CZkMu0vfBh2oL2QAPelbdOLDsZ
SBDscjNlEnc6AHECy+ztFCZkdwaBSnrFnx6gJzWjfWZyIe3p3VCncyW72epPdKwX
IK24fJ3Bvnh/B6HGaH64SqnxNZKhxYEq5fjR1Z/LEG3WD0YYWhL8XoFSBhdwWWx4
hzR50nZu821kREcy/mLdYPYnJkbWDLlS6Tc2grQCGrrzz9lK0ROIQMxCvRTPGWzJ
B2bIQSNyrzn8OKkZvwC2WnY5PG3ek3eWQPl3XVNZJ81xgqRYYSWaeeEq4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCy/Qd3/+sG3YONWos3Jo+7+5c+EMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvTEw5QjNmXzZ3YmRnNDFhaXpjbWo3djdsejRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEZtyWl5dTSByLECeYkh
xO+6rrmz6AZk5NBNHemrI31EIdrLX3kqpGXIlPM9GhHqKdISGmwYcLpJ1sCoa7cZ
Ybz+5caw6u154e5kfXscUyruNF+rRaxiEMaE7EddAN5CrBB9NerFChmjE/RhEqAH
iD1OQxzBZZEf+AJMVxB8wQj8hJfjwJ++nbcPnZMfMMh3p9wLh3dnaup90UN3AT34
LiVzSDvEqQvHgu7wWaYVh8+zDsCSb++YMTwUEX5yt2LiQpQF2VnVYyvTAxhvynOL
uXWEL9ke+CAVEvRugUGlIYKWqq5lFEz+DaNsAwAJyFv1ZT0unzP66JpoDyrrJfKe
Y+g=
-----END CERTIFICATE-----
Generated at Mon May 12 16:17:23 2025 by rpki-client