Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PV_thf0m2VoUo-nJcNdaVVbUOvw.roa
File: PV_thf0m2VoUo-nJcNdaVVbUOvw.roa (raw, json)
Hash identifier: DGZp5e8M0y5LknIZT8Z9RfhXb8Q1uP8H1OnPyiRdhOA=
Subject key identifier: 3D:5F:ED:85:FD:26:D9:5A:14:A3:E9:C9:70:D7:5A:55:56:D4:3A:FC
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B9CCC4AF5CB5705906CF70A992E044B57
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PV_thf0m2VoUo-nJcNdaVVbUOvw.roa
Signing time: Sun 05 Nov 2023 00:05:15 +0000
ROA not before: Sun 05 Nov 2023 00:05:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:9ccb:fdc0/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:9c:cc:4a:f5:cb:57:05:90:6c:f7:0a:99:2e:04:4b:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 5 00:05:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d5fed85fd26d95a14a3e9c970d75a5556d43afc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:20:ea:9b:fc:ad:5b:51:17:77:33:3a:9c:c0:
1f:03:96:dd:f0:0d:e0:55:c5:99:09:16:4c:fd:34:
36:07:d3:43:32:22:e3:d2:2e:be:17:d8:75:b8:26:
05:86:9d:28:b0:ca:0e:02:6d:9b:a3:4c:47:24:dd:
c2:45:a2:c8:f7:a9:d8:5e:7a:6e:24:2b:bc:d4:a1:
01:60:1c:ac:09:29:0c:3f:f7:7a:46:67:54:4c:d9:
9f:11:0f:eb:6d:65:84:df:00:cf:f5:bb:2e:0e:fe:
80:cd:4f:62:d1:68:ed:c0:5f:90:91:c5:e1:ed:0f:
ed:74:f0:bc:2e:9a:f0:21:e4:bc:01:ec:26:ce:52:
a7:f7:51:72:67:ea:23:c1:d5:15:b3:d0:27:4a:a8:
a2:7f:1c:e3:3d:39:52:96:ac:44:1d:72:8c:72:98:
16:8e:e7:60:a1:1a:1f:c0:c2:cc:50:7a:6b:04:dc:
f0:c2:20:96:0f:c4:66:b9:42:f9:fa:13:72:8f:ac:
af:08:0b:dd:74:cb:44:76:23:a0:16:3c:4f:5f:03:
b2:c4:ea:da:80:9e:c0:a6:11:3a:a6:db:66:0a:a1:
de:dd:02:f9:17:29:6b:8b:29:6b:0a:6d:a9:f7:2f:
b2:0e:6d:a8:0c:64:fa:79:bb:5e:d8:a7:fe:1e:6f:
79:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:5F:ED:85:FD:26:D9:5A:14:A3:E9:C9:70:D7:5A:55:56:D4:3A:FC
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PV_thf0m2VoUo-nJcNdaVVbUOvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
97:ca:81:2a:a5:f0:55:16:08:62:dd:44:6b:bc:fa:3f:cc:2e:
74:d0:29:d4:5b:69:f2:fe:10:1b:f7:88:4e:6e:89:6a:6b:6d:
ba:89:36:f4:b2:56:0f:2d:b1:f4:4d:5f:24:d5:6f:bd:75:db:
3c:1d:ad:0b:a4:84:92:14:78:ad:43:8b:4c:13:43:ef:7a:49:
4b:88:ea:1f:5e:ba:b6:8c:25:72:35:33:e6:cd:9d:8a:ca:e4:
cc:ff:27:40:b2:6e:fa:d3:d9:51:47:ae:e9:3d:07:5e:6f:cc:
71:99:73:15:be:25:82:3c:ed:00:7b:aa:50:78:b7:02:0e:26:
b0:e0:dd:f6:d7:c2:b9:c0:01:90:c8:dc:0e:c0:31:07:18:25:
db:07:12:ab:45:e6:a3:33:e1:a9:0b:83:3d:9f:ab:f8:54:a3:
ce:4b:e8:6e:06:8b:63:c5:47:01:73:da:3b:ef:3a:a1:e2:05:
89:9f:ba:87:81:b7:45:06:b7:01:1e:c3:aa:94:86:8e:70:50:
40:70:d4:9a:0d:6f:22:9c:19:82:0b:c8:bf:4d:56:06:24:b0:
e2:fc:f1:36:e0:a1:83:25:eb:27:f5:80:62:c5:a1:fe:19:e4:
ea:f3:31:dc:94:f2:cc:f0:66:a8:0b:7e:79:2d:af:08:2a:e5:
92:ad:77:dd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuczEr1y1cFkGz3CpkuBEtXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA1MDAwNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDVmZWQ4NWZkMjZkOTVhMTRhM2U5Yzk3MGQ3NWE1NTU2ZDQzYWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSDqm/ytW1EXdzM6nMAfA5bd8A3g
VcWZCRZM/TQ2B9NDMiLj0i6+F9h1uCYFhp0osMoOAm2bo0xHJN3CRaLI96nYXnpu
JCu81KEBYBysCSkMP/d6RmdUTNmfEQ/rbWWE3wDP9bsuDv6AzU9i0WjtwF+QkcXh
7Q/tdPC8LprwIeS8AewmzlKn91FyZ+ojwdUVs9AnSqiifxzjPTlSlqxEHXKMcpgW
judgoRofwMLMUHprBNzwwiCWD8RmuUL5+hNyj6yvCAvddMtEdiOgFjxPXwOyxOra
gJ7AphE6pttmCqHe3QL5FylriylrCm2p9y+yDm2oDGT6ebte2Kf+Hm95nQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD1f7YX9JtlaFKPpyXDXWlVW1Dr8MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUFZfdGhmMG0yVm9Vby1uSmNOZGFWVmJVT3Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJfKgSql8FUWCGLdRGu8
+j/MLnTQKdRbafL+EBv3iE5uiWprbbqJNvSyVg8tsfRNXyTVb7112zwdrQukhJIU
eK1Di0wTQ+96SUuI6h9euraMJXI1M+bNnYrK5Mz/J0CybvrT2VFHruk9B15vzHGZ
cxW+JYI87QB7qlB4twIOJrDg3fbXwrnAAZDI3A7AMQcYJdsHEqtF5qMz4akLgz2f
q/hUo85L6G4Gi2PFRwFz2jvvOqHiBYmfuoeBt0UGtwEew6qUho5wUEBw1JoNbyKc
GYILyL9NVgYksOL88TbgoYMl6yf1gGLFof4Z5OrzMdyU8szwZqgLfnktrwgq5ZKt
d90=
-----END CERTIFICATE-----
Generated at Sat May 10 21:35:13 2025 by rpki-client