Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/VfDiZvkrlEl6u_R9sueFqgHs_X8.roa
File: VfDiZvkrlEl6u_R9sueFqgHs_X8.roa (raw, json)
Hash identifier: 3it+brOe/4VvwTxR3KMuHhNLLOubimsrlQugAqOEjrU=
Subject key identifier: 55:F0:E2:66:F9:2B:94:49:7A:BB:F4:7D:B2:E7:85:AA:01:EC:FD:7F
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B3A857451CA33865D395EE9A9940EED2C
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/VfDiZvkrlEl6u_R9sueFqgHs_X8.roa
Signing time: Mon 16 Oct 2023 22:05:06 +0000
ROA not before: Mon 16 Oct 2023 22:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:3a84:9a2e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3a:85:74:51:ca:33:86:5d:39:5e:e9:a9:94:0e:ed:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 16 22:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=55f0e266f92b94497abbf47db2e785aa01ecfd7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:99:61:c6:94:53:2d:f7:e9:9f:50:61:4c:1e:
d2:30:ec:23:e4:61:a4:d4:c2:de:c7:97:e8:a3:02:
21:5f:b3:15:f2:eb:8c:1d:b3:fb:bd:82:60:b7:9e:
9f:8c:1a:d8:e4:8d:3e:60:03:b7:8d:2e:51:05:9d:
8e:48:a3:f7:3f:11:fe:aa:df:a1:4d:80:78:0b:ca:
7b:fc:d8:d8:02:41:13:b7:55:36:c7:4f:eb:ab:1d:
6a:d2:ad:56:7b:18:74:83:48:ce:47:e4:fd:cf:35:
69:be:80:36:ca:f5:54:1f:e5:ab:9d:ce:bc:3a:ac:
69:e8:e3:f7:9e:57:1b:fa:60:ec:ae:07:49:4e:2d:
c1:53:22:6d:5f:6a:0c:ad:9c:18:33:d3:98:77:68:
67:f6:4f:48:2b:0c:f9:13:a7:11:91:25:60:a1:3b:
e9:e8:61:6c:f5:83:89:db:b0:90:75:b6:da:99:b8:
cb:7b:cd:68:ce:0c:9b:36:5b:ca:3c:e0:70:e3:e1:
56:c2:a5:58:c9:cd:4b:89:ec:cf:bc:93:6c:97:70:
75:02:5b:d6:cf:6d:26:ea:79:40:1b:63:0d:92:24:
84:62:d8:d2:57:37:20:35:75:07:b6:03:f2:bb:e2:
10:40:97:98:d0:f4:3d:f3:ca:9a:5e:82:e1:30:7b:
29:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:F0:E2:66:F9:2B:94:49:7A:BB:F4:7D:B2:E7:85:AA:01:EC:FD:7F
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/VfDiZvkrlEl6u_R9sueFqgHs_X8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ad:24:e0:5d:45:43:42:61:f6:df:e5:c0:2e:46:65:e4:8d:e1:
d7:83:c7:eb:fc:51:0c:f5:19:21:6e:7b:ce:11:5c:78:79:0e:
a5:24:5a:4b:2f:9b:ac:59:11:73:8d:fb:11:32:2e:8e:58:38:
f1:f3:9d:cc:a8:e4:7e:69:12:71:8b:ab:4a:13:02:00:6b:10:
20:25:45:a9:d2:b3:d7:70:e9:a2:14:bd:fd:43:ab:7b:97:e7:
9c:15:d7:a3:90:f4:b5:4e:c8:46:5b:35:12:ea:07:51:fa:c1:
f8:e6:f4:a4:23:e2:38:ba:2b:ef:68:b5:c4:0a:89:33:8b:8a:
25:26:ea:03:7f:15:9d:6d:d5:5e:d4:cd:37:66:b8:51:e7:a3:
14:db:85:86:5a:47:9b:77:62:79:2a:8b:7a:d8:b3:71:69:c7:
e0:ae:8f:11:69:ea:fe:ef:91:5a:ed:6e:9f:31:a7:e4:82:b7:
cb:35:58:ac:a2:92:bb:2c:9a:5d:38:b2:03:81:c9:9b:81:cb:
1d:33:86:8b:d4:77:46:19:a6:59:33:5e:5d:9a:58:cf:a1:dd:
34:70:57:3f:88:2f:19:32:26:51:a0:cd:f1:bb:eb:00:65:dc:
19:50:de:e9:f2:36:46:4d:ba:ab:ed:40:79:85:9c:90:75:62:
59:4a:8f:bc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYs6hXRRyjOGXTle6amUDu0sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE2MjIwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWYwZTI2NmY5MmI5NDQ5N2FiYmY0N2RiMmU3ODVhYTAxZWNmZDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZlhxpRTLffpn1BhTB7SMOwj5GGk
1MLex5foowIhX7MV8uuMHbP7vYJgt56fjBrY5I0+YAO3jS5RBZ2OSKP3PxH+qt+h
TYB4C8p7/NjYAkETt1U2x0/rqx1q0q1Wexh0g0jOR+T9zzVpvoA2yvVUH+Wrnc68
Oqxp6OP3nlcb+mDsrgdJTi3BUyJtX2oMrZwYM9OYd2hn9k9IKwz5E6cRkSVgoTvp
6GFs9YOJ27CQdbbambjLe81ozgybNlvKPOBw4+FWwqVYyc1LiezPvJNsl3B1AlvW
z20m6nlAG2MNkiSEYtjSVzcgNXUHtgPyu+IQQJeY0PQ988qaXoLhMHspSwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFXw4mb5K5RJerv0fbLnhaoB7P1/MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVmZEaVp2a3JsRWw2dV9SOXN1ZUZxZ0hzX1g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAK0k4F1FQ0Jh9t/lwC5G
ZeSN4deDx+v8UQz1GSFue84RXHh5DqUkWksvm6xZEXON+xEyLo5YOPHzncyo5H5p
EnGLq0oTAgBrECAlRanSs9dw6aIUvf1Dq3uX55wV16OQ9LVOyEZbNRLqB1H6wfjm
9KQj4ji6K+9otcQKiTOLiiUm6gN/FZ1t1V7UzTdmuFHnoxTbhYZaR5t3Ynkqi3rY
s3Fpx+CujxFp6v7vkVrtbp8xp+SCt8s1WKyikrssml04sgOByZuByx0zhovUd0YZ
plkzXl2aWM+h3TRwVz+ILxkyJlGgzfG76wBl3BlQ3unyNkZNuqvtQHmFnJB1YllK
j7w=
-----END CERTIFICATE-----
Generated at Wed May 14 08:17:51 2025 by rpki-client