Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/P22eNGhvSkenUQHit8qz3m51Cjc.roa
File: P22eNGhvSkenUQHit8qz3m51Cjc.roa (raw, json)
Hash identifier: 4OcWKZNvww8uBdU/X3OC6Fcl59KNjU9Uwd8aVbUIuBI=
Subject key identifier: 3F:6D:9E:34:68:6F:4A:47:A7:51:01:E2:B7:CA:B3:DE:6E:75:0A:37
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B4B12A87F53BE5435FA07708B9D0AA457
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/P22eNGhvSkenUQHit8qz3m51Cjc.roa
Signing time: Fri 20 Oct 2023 03:13:15 +0000
ROA not before: Fri 20 Oct 2023 03:13:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4b:12:a8:7f:53:be:54:35:fa:07:70:8b:9d:0a:a4:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 20 03:13:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f6d9e34686f4a47a75101e2b7cab3de6e750a37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:8b:ab:ce:a1:a8:9e:fa:ba:fe:0b:48:94:c2:
54:99:d2:04:be:4e:6f:ba:30:d5:5a:1e:cf:04:df:
63:d2:3f:b2:b7:8f:b0:1a:8f:4b:8e:fc:2a:d0:24:
45:c6:de:45:bf:e8:39:c9:c0:4b:50:94:ce:8c:f6:
aa:aa:a1:fd:ea:51:02:29:bb:46:15:88:f9:7f:77:
88:1c:4b:a2:f4:fd:d0:f7:06:8c:00:b5:f8:8b:94:
73:f4:9b:07:1d:8a:8f:2a:96:88:e4:89:a8:a2:9d:
22:3d:7f:02:8a:59:10:11:99:53:1b:a3:a1:94:0e:
7a:7f:3c:33:dc:f4:79:0c:43:67:20:ba:ce:30:49:
46:18:42:6b:56:c4:13:b9:f6:60:8a:77:15:29:d2:
fe:43:b7:79:04:63:19:18:bc:66:3d:db:25:b1:58:
9e:3f:a6:46:8f:b2:74:66:d9:68:0b:be:27:8a:65:
a1:fb:65:21:57:89:d6:47:be:d4:0d:fb:3c:44:33:
2c:8c:dc:50:ce:f0:93:0f:92:d9:89:80:06:82:d2:
99:94:84:1f:3a:21:72:5b:4f:0d:ee:0e:57:2e:3b:
f4:73:21:23:ec:00:2c:18:13:7f:be:2f:72:b6:b7:
8d:11:25:6d:c1:1a:a8:89:10:f6:08:a8:81:af:51:
79:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:6D:9E:34:68:6F:4A:47:A7:51:01:E2:B7:CA:B3:DE:6E:75:0A:37
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/P22eNGhvSkenUQHit8qz3m51Cjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8a:7a:cc:3e:7b:d8:e1:b3:76:4d:b7:03:83:6c:41:32:94:af:
c9:04:77:5c:33:3b:01:6a:a2:15:c8:ff:a6:cf:c8:7b:d5:fe:
25:87:1d:61:52:72:cf:01:50:bd:59:bb:15:c7:67:8b:06:cc:
7a:e2:40:c2:dc:b6:b5:cb:1b:ec:ab:c3:99:bc:4d:9c:58:b6:
b6:d2:54:ea:42:98:2f:7d:63:59:7b:d6:1a:2a:27:a6:37:2d:
d1:c8:08:d6:0f:03:82:60:a7:42:5a:c7:27:35:77:9f:60:99:
90:76:94:8e:ea:e9:e2:40:2e:bb:96:5a:8b:4b:e7:6a:30:ed:
12:cb:14:4d:32:a3:da:43:64:9e:04:d1:86:b3:a2:25:af:09:
57:4a:77:b7:8a:37:72:91:b1:92:3f:04:2d:30:94:f4:e0:ad:
fb:19:74:fa:fd:5a:b0:3a:e0:66:3a:8b:eb:0f:6d:3f:53:d3:
02:09:2a:7e:37:ca:fb:03:df:8a:72:0e:df:84:4b:5a:e0:c3:
bb:f4:1a:6c:ca:c2:61:c8:4d:d7:e4:94:cf:dc:a5:2d:fc:20:
67:9c:f8:e3:19:29:50:c3:00:b5:47:e3:e6:ba:3b:c1:1f:7d:
66:fe:2a:39:24:e3:72:b1:74:52:59:82:5b:42:b3:30:10:42:
2c:e6:a5:52
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtLEqh/U75UNfoHcIudCqRXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIwMDMxMzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjZkOWUzNDY4NmY0YTQ3YTc1MTAxZTJiN2NhYjNkZTZlNzUwYTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwourzqGonvq6/gtIlMJUmdIEvk5v
ujDVWh7PBN9j0j+yt4+wGo9Ljvwq0CRFxt5Fv+g5ycBLUJTOjPaqqqH96lECKbtG
FYj5f3eIHEui9P3Q9waMALX4i5Rz9JsHHYqPKpaI5Imoop0iPX8CilkQEZlTG6Oh
lA56fzwz3PR5DENnILrOMElGGEJrVsQTufZgincVKdL+Q7d5BGMZGLxmPdslsVie
P6ZGj7J0ZtloC74nimWh+2UhV4nWR77UDfs8RDMsjNxQzvCTD5LZiYAGgtKZlIQf
OiFyW08N7g5XLjv0cyEj7AAsGBN/vi9ytreNESVtwRqoiRD2CKiBr1F53QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD9tnjRob0pHp1EB4rfKs95udQo3MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUDIyZU5HaHZTa2VuVVFIaXQ4cXozbTUxQ2pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIp6zD572OGzdk23A4Ns
QTKUr8kEd1wzOwFqohXI/6bPyHvV/iWHHWFScs8BUL1ZuxXHZ4sGzHriQMLctrXL
G+yrw5m8TZxYtrbSVOpCmC99Y1l71hoqJ6Y3LdHICNYPA4Jgp0Jaxyc1d59gmZB2
lI7q6eJALruWWotL52ow7RLLFE0yo9pDZJ4E0YazoiWvCVdKd7eKN3KRsZI/BC0w
lPTgrfsZdPr9WrA64GY6i+sPbT9T0wIJKn43yvsD34pyDt+ES1rgw7v0GmzKwmHI
TdfklM/cpS38IGec+OMZKVDDALVH4+a6O8EffWb+Kjkk43KxdFJZgltCszAQQizm
pVI=
-----END CERTIFICATE-----
Generated at Sat May 10 14:51:34 2025 by rpki-client