Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TOh8lcSNhTuod8kFXVeikx-bqjI.roa
File: TOh8lcSNhTuod8kFXVeikx-bqjI.roa (raw, json)
Hash identifier: 1mVx0BsKQrksRiLY4V6cHSxY6fHxBN3JgZC4QNAiQkY=
Subject key identifier: 4C:E8:7C:95:C4:8D:85:3B:A8:77:C9:05:5D:57:A2:93:1F:9B:AA:32
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B28C009088B2029BCF0D6F6DBAEC53197
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TOh8lcSNhTuod8kFXVeikx-bqjI.roa
Signing time: Fri 13 Oct 2023 11:15:55 +0000
ROA not before: Fri 13 Oct 2023 11:15:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:28:c0:09:08:8b:20:29:bc:f0:d6:f6:db:ae:c5:31:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 13 11:15:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ce87c95c48d853ba877c9055d57a2931f9baa32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:71:5a:06:0b:95:c0:32:c7:32:26:9c:aa:1f:
32:8c:a3:96:ed:46:62:2e:37:ad:af:f4:a9:10:e5:
a4:8f:9b:a9:e9:e4:9b:be:ae:7c:c3:53:c4:c8:5c:
de:7a:75:06:b9:c4:02:5f:54:e0:b1:be:0d:c4:34:
86:48:b8:13:73:2c:e5:7d:85:11:6a:bf:85:ed:a0:
5a:f7:d0:b8:f7:a2:66:d7:2c:d5:5e:0c:b5:e4:e6:
22:fc:fa:5a:51:47:c4:82:b1:fb:ed:68:41:0f:ec:
df:ee:76:37:77:22:5b:c2:20:9e:6b:05:cc:ef:f0:
61:16:76:80:60:af:42:c5:93:e9:1b:a4:d2:d1:34:
dc:d8:8a:e0:4b:bc:da:6d:32:15:af:6c:db:95:f2:
e6:ea:b9:84:a8:ea:53:dd:60:f8:2f:a5:e7:c1:fa:
3a:28:15:d2:22:63:e1:f3:d4:51:7e:23:70:66:37:
98:ea:7e:df:52:40:a7:3d:53:7a:e1:ae:a2:b7:f1:
1e:b1:c9:ca:fc:15:a3:93:1b:9f:aa:b2:cc:45:46:
1b:59:eb:03:ee:25:b8:a3:12:36:a5:37:64:25:60:
c5:31:84:b2:dc:82:36:58:fb:cb:70:c3:c9:37:42:
ac:aa:7c:dd:49:a6:90:ca:e7:6b:9d:d7:2b:89:ae:
a0:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:E8:7C:95:C4:8D:85:3B:A8:77:C9:05:5D:57:A2:93:1F:9B:AA:32
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TOh8lcSNhTuod8kFXVeikx-bqjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
d2:f9:08:05:a6:2a:20:04:37:33:73:4b:b4:71:c4:8f:cd:30:
a6:c6:0a:79:f0:e5:bf:17:e9:e0:67:e2:f1:bc:2c:c9:32:01:
c7:48:65:3e:1f:7a:ce:bf:2f:ea:85:ca:60:6f:94:8c:6e:f6:
6d:9f:e7:ba:7e:fd:80:4c:98:17:7b:54:26:c1:ec:cb:47:0f:
50:d8:a9:68:f4:b2:5c:6b:98:39:08:13:8f:bd:dd:5c:8e:7d:
7f:6e:24:71:3b:67:d5:d9:31:54:68:de:58:36:2c:ae:ac:dd:
ee:d6:8a:cd:17:7f:d4:0a:79:2b:78:cb:19:0e:10:cb:a0:46:
c1:cd:38:37:ab:fc:15:8c:0f:1a:6c:13:69:7e:ac:62:66:10:
b9:88:f3:f2:20:b9:2e:ca:40:ed:1d:b6:2d:fd:23:89:66:52:
db:b5:34:a4:74:7b:64:29:c1:08:62:d3:ba:ad:23:f7:a8:97:
ed:ea:5c:33:45:7d:d5:df:67:5e:cf:a1:2f:46:12:2f:eb:08:
ac:66:0b:8f:fe:eb:0c:ce:f9:b1:2e:36:16:a9:19:a0:4b:15:
85:e9:1b:82:96:32:bb:a0:ec:3b:14:e3:b1:b6:46:3f:e0:b8:
81:f8:4b:1d:fe:47:d3:58:70:ee:c5:71:5a:e2:e7:a4:4a:49:
49:78:b1:74
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsowAkIiyApvPDW9tuuxTGXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDEzMTExNTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2U4N2M5NWM0OGQ4NTNiYTg3N2M5MDU1ZDU3YTI5MzFmOWJhYTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHFaBguVwDLHMiacqh8yjKOW7UZi
Ljetr/SpEOWkj5up6eSbvq58w1PEyFzeenUGucQCX1Tgsb4NxDSGSLgTcyzlfYUR
ar+F7aBa99C496Jm1yzVXgy15OYi/PpaUUfEgrH77WhBD+zf7nY3dyJbwiCeawXM
7/BhFnaAYK9CxZPpG6TS0TTc2IrgS7zabTIVr2zblfLm6rmEqOpT3WD4L6Xnwfo6
KBXSImPh89RRfiNwZjeY6n7fUkCnPVN64a6it/EescnK/BWjkxufqrLMRUYbWesD
7iW4oxI2pTdkJWDFMYSy3II2WPvLcMPJN0KsqnzdSaaQyudrndcria6giwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEzofJXEjYU7qHfJBV1XopMfm6oyMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVE9oOGxjU05oVHVvZDhrRlhWZWlreC1icWpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBANL5CAWmKiAENzNzS7Rx
xI/NMKbGCnnw5b8X6eBn4vG8LMkyAcdIZT4fes6/L+qFymBvlIxu9m2f57p+/YBM
mBd7VCbB7MtHD1DYqWj0slxrmDkIE4+93VyOfX9uJHE7Z9XZMVRo3lg2LK6s3e7W
is0Xf9QKeSt4yxkOEMugRsHNODer/BWMDxpsE2l+rGJmELmI8/IguS7KQO0dti39
I4lmUtu1NKR0e2QpwQhi07qtI/eol+3qXDNFfdXfZ17PoS9GEi/rCKxmC4/+6wzO
+bEuNhapGaBLFYXpG4KWMrug7DsU47G2Rj/guIH4Sx3+R9NYcO7FcVri56RKSUl4
sXQ=
-----END CERTIFICATE-----
Generated at Wed May 14 08:10:16 2025 by rpki-client