Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/NhPzfX7KNiPMjydxh9kEPBppFXE.roa
File: NhPzfX7KNiPMjydxh9kEPBppFXE.roa (raw, json)
Hash identifier: uHlGuT8Jvnpx37gfdkwpjJefjet5SxASSjvBlGeMcRA=
Subject key identifier: 36:13:F3:7D:7E:CA:36:23:CC:8F:27:71:87:D9:04:3C:1A:69:15:71
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AF98C6AACB90CE79E942AF350AF0A455C
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/NhPzfX7KNiPMjydxh9kEPBppFXE.roa
Signing time: Wed 04 Oct 2023 07:17:23 +0000
ROA not before: Wed 04 Oct 2023 07:17:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f9:8c:6a:ac:b9:0c:e7:9e:94:2a:f3:50:af:0a:45:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 4 07:17:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3613f37d7eca3623cc8f277187d9043c1a691571
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:0d:fc:c6:94:aa:1f:21:af:52:8a:fc:fa:00:
0c:68:3d:c3:98:bb:cc:98:ec:ec:9b:01:a3:8e:f7:
e5:1d:1c:0e:06:67:d5:45:38:ae:d4:77:12:97:34:
ea:62:c7:b6:70:01:c4:f0:37:ec:b0:45:e5:59:a4:
d7:1a:2b:50:e4:08:10:af:48:e1:4e:bd:3f:6c:8c:
19:2c:f2:0f:0f:f7:1e:1f:a0:35:5e:23:e2:43:0b:
08:62:6e:f2:5c:3a:95:a5:ac:70:a8:be:24:d7:d5:
e9:43:82:db:72:7d:ca:2e:3a:7e:f9:66:96:90:42:
2a:aa:25:ab:18:6b:a7:5d:9e:70:8d:7d:d4:0a:94:
f5:b5:ed:e0:16:32:cf:e7:f8:42:aa:20:e1:30:26:
1c:76:ae:c7:5a:32:ae:a9:e6:a7:ac:74:94:87:f5:
48:37:f9:66:b1:29:49:d0:e2:94:70:d1:9a:2e:77:
3c:d6:55:9c:51:0f:0f:87:5c:92:e8:c1:fd:fc:ab:
f5:09:08:52:7b:c8:81:30:b1:1b:a4:13:ac:98:37:
bf:18:df:28:c9:35:fe:f5:03:e9:11:de:a4:e9:98:
b3:c0:3d:74:7b:5b:4f:df:c0:71:d6:40:b8:16:9f:
6a:f9:a9:10:b4:1f:10:3c:e7:26:6c:a2:f5:a2:09:
fd:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:13:F3:7D:7E:CA:36:23:CC:8F:27:71:87:D9:04:3C:1A:69:15:71
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/NhPzfX7KNiPMjydxh9kEPBppFXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
30:aa:6d:46:e8:52:2d:41:09:57:3e:29:70:b6:63:e5:5d:db:
dd:1d:02:51:f4:cf:de:57:5b:89:ed:35:4a:29:ce:6a:90:c2:
fb:60:79:7d:00:ba:03:0c:5e:69:0d:c6:1b:6e:e4:34:62:09:
72:ea:f7:27:9b:c7:fa:48:1d:13:ee:a4:7c:c2:29:ee:54:69:
49:4d:4d:d7:ea:8c:43:b4:da:a5:d6:af:85:3e:de:53:b1:66:
98:12:7c:a5:0e:bc:44:59:af:04:91:cc:29:4f:b6:14:77:39:
50:f3:d5:b9:21:a6:1d:63:00:a9:d5:7d:21:86:7c:9f:b7:8e:
0c:ba:af:6b:eb:31:d2:5b:5a:0c:fe:1e:f4:b9:43:56:7a:fc:
47:6d:46:7c:75:ff:58:e2:d5:25:87:f7:39:e5:e8:20:7d:fe:
8f:ff:a2:e9:6e:34:36:58:1a:f5:e7:45:aa:b0:41:d9:92:86:
c6:98:10:3d:e3:66:b4:c1:dd:58:23:f7:13:f5:a9:99:0e:2f:
e9:94:3a:1a:04:0a:c3:05:9b:e0:46:d4:94:3b:94:82:37:6e:
7f:76:db:9d:b5:b0:46:2e:71:66:61:f7:02:e9:3a:37:eb:62:
18:f1:dd:d3:bc:d1:71:67:4e:77:b4:0d:08:30:28:81:0d:51:
d9:d6:5f:e0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYr5jGqsuQznnpQq81CvCkVcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA0MDcxNzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjEzZjM3ZDdlY2EzNjIzY2M4ZjI3NzE4N2Q5MDQzYzFhNjkxNTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkg38xpSqHyGvUor8+gAMaD3DmLvM
mOzsmwGjjvflHRwOBmfVRTiu1HcSlzTqYse2cAHE8DfssEXlWaTXGitQ5AgQr0jh
Tr0/bIwZLPIPD/ceH6A1XiPiQwsIYm7yXDqVpaxwqL4k19XpQ4Lbcn3KLjp++WaW
kEIqqiWrGGunXZ5wjX3UCpT1te3gFjLP5/hCqiDhMCYcdq7HWjKuqeanrHSUh/VI
N/lmsSlJ0OKUcNGaLnc81lWcUQ8Ph1yS6MH9/Kv1CQhSe8iBMLEbpBOsmDe/GN8o
yTX+9QPpEd6k6ZizwD10e1tP38Bx1kC4Fp9q+akQtB8QPOcmbKL1ogn9zwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDYT831+yjYjzI8ncYfZBDwaaRVxMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvTmhQemZYN0tOaVBNanlkeGg5a0VQQnBwRlhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADCqbUboUi1BCVc+KXC2
Y+Vd290dAlH0z95XW4ntNUopzmqQwvtgeX0AugMMXmkNxhtu5DRiCXLq9yebx/pI
HRPupHzCKe5UaUlNTdfqjEO02qXWr4U+3lOxZpgSfKUOvERZrwSRzClPthR3OVDz
1bkhph1jAKnVfSGGfJ+3jgy6r2vrMdJbWgz+HvS5Q1Z6/EdtRnx1/1ji1SWH9znl
6CB9/o//ouluNDZYGvXnRaqwQdmShsaYED3jZrTB3Vgj9xP1qZkOL+mUOhoECsMF
m+BG1JQ7lII3bn922521sEYucWZh9wLpOjfrYhjx3dO80XFnTne0DQgwKIENUdnW
X+A=
-----END CERTIFICATE-----
Generated at Thu May 15 19:17:47 2025 by rpki-client