Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/VT7PKn0INHqjE8xBPGEUpWPpUj0.roa
File: VT7PKn0INHqjE8xBPGEUpWPpUj0.roa (raw, json)
Hash identifier: xJOweHtIcglSLj+XXgSYb0zKkrdzm4w+BQXkVVyJgaI=
Subject key identifier: 55:3E:CF:2A:7D:08:34:7A:A3:13:CC:41:3C:61:14:A5:63:E9:52:3D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B6B40527A1E97B795D8B57C8324F487AA
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/VT7PKn0INHqjE8xBPGEUpWPpUj0.roa
Signing time: Thu 26 Oct 2023 09:10:59 +0000
ROA not before: Thu 26 Oct 2023 09:10:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18b:6b3a:b4e9/128 maxlen: 128
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6b:40:52:7a:1e:97:b7:95:d8:b5:7c:83:24:f4:87:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 26 09:10:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=553ecf2a7d08347aa313cc413c6114a563e9523d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f8:75:14:b2:9f:b1:57:eb:2c:72:14:f3:43:
5b:a8:b0:fd:50:00:7b:15:38:f2:51:6e:a0:cb:7c:
33:7b:f9:f0:e0:8a:82:2b:c4:d0:79:3e:cd:d1:a1:
fc:cb:ec:80:97:96:a6:a3:72:f1:0c:74:80:a2:f7:
21:38:92:7d:c2:64:5b:a8:6a:ab:1c:bc:e7:e8:46:
db:a1:38:cf:28:77:e2:95:13:52:09:b4:3d:c8:e5:
11:e6:ce:22:64:2d:d0:a0:c9:23:11:0a:d0:6c:32:
bc:7a:51:e0:6e:80:1e:c8:6a:c7:19:53:ae:08:19:
d4:ac:ad:21:f2:09:25:e1:dd:a4:ab:77:28:06:88:
85:3a:4b:6f:1a:29:9a:51:27:e2:09:f0:43:24:d5:
e3:89:f4:7d:67:27:23:6c:44:3e:c4:dc:5e:2a:46:
08:a6:a3:51:21:20:46:eb:74:89:5e:5d:72:64:e1:
70:cf:a4:ae:54:8f:17:1f:e7:cd:23:47:db:fb:6f:
74:0f:f9:3b:0f:57:5b:67:b5:a6:33:5c:ba:4b:ba:
a7:c7:e4:81:a7:74:c6:a7:f3:87:cc:ed:df:3d:1e:
90:39:a5:da:af:5a:b0:d1:c6:28:6d:b3:0e:27:87:
99:59:fc:e9:15:83:d5:f8:8f:47:ee:ee:ad:ca:1b:
e1:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:3E:CF:2A:7D:08:34:7A:A3:13:CC:41:3C:61:14:A5:63:E9:52:3D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/VT7PKn0INHqjE8xBPGEUpWPpUj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b0:7c:70:c4:58:29:6c:3e:14:06:bb:1a:ea:07:5b:67:4d:1b:
5e:dc:5d:55:cc:db:69:b0:1f:59:bf:2d:02:ab:fd:3e:e3:ce:
d2:10:7d:46:0b:27:97:bb:32:36:38:f2:c2:95:0a:d9:0c:95:
7a:e0:ff:b3:d1:31:fc:b5:fc:fd:e3:19:f8:37:98:48:c4:9c:
5c:05:e3:63:e8:2e:5f:64:81:d9:38:02:ac:60:f7:8d:d1:68:
fa:6d:a3:d8:03:27:f8:a7:6d:25:9d:c1:3d:a1:e6:84:8d:e7:
0b:18:8e:b6:80:ee:78:a1:78:d7:60:2f:31:7c:43:1f:9f:c0:
3b:5e:24:58:75:76:26:ac:56:9c:92:ed:f2:c2:e3:c0:92:00:
57:24:1f:aa:e6:58:58:ab:ef:da:30:97:58:26:1e:ef:cf:57:
ab:32:4c:9b:ce:d8:29:1b:ba:60:32:d7:09:21:d0:a4:8a:e3:
4e:f6:a0:6b:c9:4f:06:bc:eb:d6:f2:81:46:68:64:58:93:cb:
01:c2:6d:af:30:9b:61:aa:5c:c1:97:49:ee:60:9f:93:5a:16:
ba:8b:2d:95:75:d8:f5:25:1e:f3:36:69:fb:2f:a4:ef:08:6f:
98:60:18:58:6f:92:a7:60:9c:bd:c2:a5:a5:26:9c:3d:f5:6a:
af:1f:33:4b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtrQFJ6Hpe3ldi1fIMk9IeqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI2MDkxMDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTNlY2YyYTdkMDgzNDdhYTMxM2NjNDEzYzYxMTRhNTYzZTk1MjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfh1FLKfsVfrLHIU80NbqLD9UAB7
FTjyUW6gy3wze/nw4IqCK8TQeT7N0aH8y+yAl5amo3LxDHSAovchOJJ9wmRbqGqr
HLzn6EbboTjPKHfilRNSCbQ9yOUR5s4iZC3QoMkjEQrQbDK8elHgboAeyGrHGVOu
CBnUrK0h8gkl4d2kq3coBoiFOktvGimaUSfiCfBDJNXjifR9ZycjbEQ+xNxeKkYI
pqNRISBG63SJXl1yZOFwz6SuVI8XH+fNI0fb+290D/k7D1dbZ7WmM1y6S7qnx+SB
p3TGp/OHzO3fPR6QOaXar1qw0cYobbMOJ4eZWfzpFYPV+I9H7u6tyhvhEwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFU+zyp9CDR6oxPMQTxhFKVj6VI9MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVlQ3UEtuMElOSHFqRTh4QlBHRVVwV1BwVWowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALB8cMRYKWw+FAa7GuoH
W2dNG17cXVXM22mwH1m/LQKr/T7jztIQfUYLJ5e7MjY48sKVCtkMlXrg/7PRMfy1
/P3jGfg3mEjEnFwF42PoLl9kgdk4Aqxg943RaPpto9gDJ/inbSWdwT2h5oSN5wsY
jraA7niheNdgLzF8Qx+fwDteJFh1diasVpyS7fLC48CSAFckH6rmWFir79owl1gm
Hu/PV6syTJvO2CkbumAy1wkh0KSK4072oGvJTwa869bygUZoZFiTywHCba8wm2Gq
XMGXSe5gn5NaFrqLLZV12PUlHvM2afsvpO8Ib5hgGFhvkqdgnL3CpaUmnD31aq8f
M0s=
-----END CERTIFICATE-----
Generated at Sun May 11 12:14:42 2025 by rpki-client