Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/RFdnwiX4CZPA-uX_DpodtZwRqy8.roa
File: RFdnwiX4CZPA-uX_DpodtZwRqy8.roa (raw, json)
Hash identifier: 4hW1jiMhfGEPKKY8S6XuWx5mOD0IWZTn34yEJjI2kyc=
Subject key identifier: 44:57:67:C2:25:F8:09:93:C0:FA:E5:FF:0E:9A:1D:B5:9C:11:AB:2F
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B83BA719FE68AE222DC01F52DECDBDF24
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/RFdnwiX4CZPA-uX_DpodtZwRqy8.roa
Signing time: Tue 31 Oct 2023 03:15:15 +0000
ROA not before: Tue 31 Oct 2023 03:15:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:83:ba:71:9f:e6:8a:e2:22:dc:01:f5:2d:ec:db:df:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 31 03:15:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=445767c225f80993c0fae5ff0e9a1db59c11ab2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:24:ea:70:79:a9:ec:1a:b4:08:b3:39:67:8b:
42:3f:ae:5e:43:2d:cf:0a:b1:bb:f6:62:65:6e:9c:
e1:7f:b3:d0:65:99:6b:41:08:33:ad:ba:66:97:9d:
94:3a:9b:10:5e:b5:60:98:8f:4e:6d:bd:70:7d:2d:
7b:c0:e1:97:c0:43:a7:ca:a1:01:1b:48:eb:c0:e1:
f2:e2:81:5d:24:5c:14:d0:86:6b:af:a3:c6:a2:e0:
b6:00:3a:23:0c:23:a0:1f:45:90:ec:96:7f:38:ee:
3c:9c:91:8f:6e:2c:24:e8:99:c5:ff:8a:fc:55:70:
00:40:0b:fc:ae:50:11:48:09:7c:74:de:a5:a1:51:
83:5e:3c:1d:72:57:76:7b:97:b6:c3:df:be:d9:8a:
c9:97:89:cc:3b:ab:82:a0:d4:ef:af:0d:35:0e:16:
95:e7:86:d4:9e:50:5e:c7:5c:cf:52:eb:04:67:08:
f8:c2:44:3d:6b:ad:f6:bf:02:cb:c4:0e:0a:26:b2:
fe:a7:ea:48:09:c5:42:17:af:4c:46:17:1f:4d:52:
61:45:03:eb:15:98:bb:1a:3d:e9:46:6c:fe:11:39:
ed:6c:e2:d8:5d:0f:eb:b5:5a:95:22:68:96:9a:2a:
b2:4d:16:98:01:7f:d3:e1:b6:0f:7a:f1:a5:52:d5:
80:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:57:67:C2:25:F8:09:93:C0:FA:E5:FF:0E:9A:1D:B5:9C:11:AB:2F
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/RFdnwiX4CZPA-uX_DpodtZwRqy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ad:cc:a4:26:c2:df:63:65:fd:65:3d:9f:1f:cb:3a:70:c8:4b:
d4:97:21:1d:32:66:ee:e6:b3:5d:ae:96:fe:ec:3c:f9:42:e5:
fa:21:1d:e4:ed:db:a9:4d:e9:6f:5a:88:2b:46:e2:10:58:40:
86:76:c8:88:16:bc:09:30:26:8c:48:56:08:ac:81:10:07:2e:
9b:94:d4:c5:29:9b:eb:86:1c:86:44:64:06:19:a6:16:92:90:
3e:09:20:68:bf:06:a5:02:1c:c6:31:76:b7:31:8c:30:02:e0:
99:43:8d:1d:ef:97:9b:8c:fd:bf:51:be:8b:aa:93:bd:ab:80:
92:a6:6b:bf:8d:86:85:17:06:5c:8e:82:96:8a:b6:e7:18:f0:
a3:5a:44:46:b6:ef:8a:52:ad:dc:dd:73:c5:f7:77:7b:1f:5a:
c1:5b:4c:6b:07:83:57:5a:d6:31:c9:99:cf:67:6d:88:71:c9:
1b:73:a0:87:81:59:a4:88:9b:3b:18:e5:17:63:a4:a4:30:4f:
79:12:3a:ef:ed:91:14:53:c3:1e:b8:bb:40:f8:ba:7f:06:47:
47:37:a0:2d:58:d6:0f:e7:27:0b:78:7f:a1:18:17:16:4c:a3:
89:b2:d5:76:82:5d:e7:cb:43:f8:a1:36:49:b3:99:e7:3f:e1:
3c:00:ff:73
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuDunGf5oriItwB9S3s298kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDMxMDMxNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDU3NjdjMjI1ZjgwOTkzYzBmYWU1ZmYwZTlhMWRiNTljMTFhYjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyTqcHmp7Bq0CLM5Z4tCP65eQy3P
CrG79mJlbpzhf7PQZZlrQQgzrbpml52UOpsQXrVgmI9Obb1wfS17wOGXwEOnyqEB
G0jrwOHy4oFdJFwU0IZrr6PGouC2ADojDCOgH0WQ7JZ/OO48nJGPbiwk6JnF/4r8
VXAAQAv8rlARSAl8dN6loVGDXjwdcld2e5e2w9++2YrJl4nMO6uCoNTvrw01DhaV
54bUnlBex1zPUusEZwj4wkQ9a632vwLLxA4KJrL+p+pICcVCF69MRhcfTVJhRQPr
FZi7Gj3pRmz+ETntbOLYXQ/rtVqVImiWmiqyTRaYAX/T4bYPevGlUtWAvwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFERXZ8Il+AmTwPrl/w6aHbWcEasvMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUkZkbndpWDRDWlBBLXVYX0Rwb2R0WndScXk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAK3MpCbC32Nl/WU9nx/L
OnDIS9SXIR0yZu7ms12ulv7sPPlC5fohHeTt26lN6W9aiCtG4hBYQIZ2yIgWvAkw
JoxIVgisgRAHLpuU1MUpm+uGHIZEZAYZphaSkD4JIGi/BqUCHMYxdrcxjDAC4JlD
jR3vl5uM/b9Rvouqk72rgJKma7+NhoUXBlyOgpaKtucY8KNaREa274pSrdzdc8X3
d3sfWsFbTGsHg1da1jHJmc9nbYhxyRtzoIeBWaSImzsY5RdjpKQwT3kSOu/tkRRT
wx64u0D4un8GR0c3oC1Y1g/nJwt4f6EYFxZMo4my1XaCXefLQ/ihNkmzmec/4TwA
/3M=
-----END CERTIFICATE-----
Generated at Mon May 12 07:25:39 2025 by rpki-client