Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/_11PGwoXIErkpMJ6K6bGEuAbovE.roa
File: _11PGwoXIErkpMJ6K6bGEuAbovE.roa (raw, json)
Hash identifier: eW94Xj9vL3Bn0kSSjA3b72eRVAqEwnqOUpRd39RoNkY=
Subject key identifier: FF:5D:4F:1B:0A:17:20:4A:E4:A4:C2:7A:2B:A6:C6:12:E0:1B:A2:F1
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B61CF8218513F493F3C9C2B0830417A7D
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/_11PGwoXIErkpMJ6K6bGEuAbovE.roa
Signing time: Tue 24 Oct 2023 13:11:11 +0000
ROA not before: Tue 24 Oct 2023 13:11:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:61c9:3e61/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:61:cf:82:18:51:3f:49:3f:3c:9c:2b:08:30:41:7a:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 24 13:11:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff5d4f1b0a17204ae4a4c27a2ba6c612e01ba2f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:43:c7:f1:22:74:e3:d5:b5:c1:e2:91:d2:d4:
bf:b3:78:1a:8f:dc:67:d0:ef:ab:41:e5:1a:97:ce:
32:12:c5:3b:85:fb:bd:ea:1e:d3:8e:24:38:32:47:
39:f1:5d:41:34:da:10:ff:b2:27:9e:38:0c:3c:4f:
c1:7a:1b:b5:db:04:cf:f0:d0:7a:c0:d8:3f:d3:e6:
f5:fe:1d:29:71:ed:81:57:14:79:af:bd:79:f8:61:
5c:cc:1d:41:27:ec:c8:5e:93:84:16:b1:e7:61:a3:
72:4b:c7:73:45:e3:b5:62:33:15:4b:89:55:83:a2:
13:c2:aa:8d:62:8b:66:b4:75:08:73:5c:2a:21:9c:
df:5a:fa:06:a8:38:5b:f7:de:f9:fc:37:43:41:1d:
c2:12:4c:62:c4:9d:16:23:5f:fb:5d:57:ed:c1:ed:
0b:ad:f1:1e:e5:b7:84:08:50:26:ed:90:a3:bf:d3:
85:10:dd:c6:fd:8e:aa:58:3a:25:39:2e:15:59:c4:
a8:39:6c:db:ca:00:d8:83:15:46:4b:aa:53:80:9d:
25:6e:57:60:6c:73:e7:55:36:97:b0:56:24:10:22:
d4:df:43:22:3f:4a:9f:20:78:55:35:14:2d:09:e0:
f3:31:2a:d7:51:b5:7e:1d:ae:53:f3:7d:61:bb:0f:
22:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:5D:4F:1B:0A:17:20:4A:E4:A4:C2:7A:2B:A6:C6:12:E0:1B:A2:F1
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/_11PGwoXIErkpMJ6K6bGEuAbovE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9e:f5:df:a3:bc:43:4b:b5:b5:5e:ce:00:e7:b9:bc:4f:b6:50:
21:6a:f5:15:ec:77:61:11:71:79:3d:5e:06:d8:3b:d5:65:fe:
4d:78:b8:1c:f5:a1:ee:c1:bd:89:85:a9:27:88:8e:6e:be:27:
ea:56:37:b5:50:f3:80:68:2a:f4:45:de:c7:71:c1:b3:9c:bd:
f7:b4:b4:1f:f9:00:45:b7:06:24:37:80:bf:72:f7:ff:3a:93:
e7:79:82:49:31:20:f2:d9:e5:95:c8:e3:eb:39:8d:2d:d4:0d:
3e:8f:6c:95:c5:74:31:f3:f1:d9:c9:f8:43:7e:a3:5c:01:fd:
23:83:7a:2a:01:8c:80:4a:c2:a6:96:ed:b4:c3:71:c0:2b:a5:
29:ca:ab:03:9c:0d:6a:e0:cf:5a:24:f4:04:49:d7:53:da:fe:
7f:65:db:fb:12:5f:e1:f7:ed:46:ea:fd:58:c9:af:85:5f:6b:
ae:bc:d0:f3:d3:01:87:23:85:c7:a4:7b:dd:b5:38:c2:3c:64:
4d:71:58:63:df:9f:b7:f5:8d:59:8c:d8:84:59:ad:87:cb:68:
cd:b3:ad:85:9c:97:0d:a6:d1:bd:91:c4:38:75:5d:6e:cd:78:
a4:01:2f:8b:8d:df:ff:1b:7d:7f:d1:db:23:8d:6a:25:d2:ef:
db:a5:e6:a0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYthz4IYUT9JPzycKwgwQXp9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI0MTMxMTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjVkNGYxYjBhMTcyMDRhZTRhNGMyN2EyYmE2YzYxMmUwMWJhMmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0PH8SJ049W1weKR0tS/s3gaj9xn
0O+rQeUal84yEsU7hfu96h7TjiQ4Mkc58V1BNNoQ/7InnjgMPE/Behu12wTP8NB6
wNg/0+b1/h0pce2BVxR5r715+GFczB1BJ+zIXpOEFrHnYaNyS8dzReO1YjMVS4lV
g6ITwqqNYotmtHUIc1wqIZzfWvoGqDhb9975/DdDQR3CEkxixJ0WI1/7XVftwe0L
rfEe5beECFAm7ZCjv9OFEN3G/Y6qWDolOS4VWcSoOWzbygDYgxVGS6pTgJ0lbldg
bHPnVTaXsFYkECLU30MiP0qfIHhVNRQtCeDzMSrXUbV+Ha5T831huw8iZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP9dTxsKFyBK5KTCeiumxhLgG6LxMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvXzExUEd3b1hJRXJrcE1KNks2YkdFdUFib3ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ7136O8Q0u1tV7OAOe5
vE+2UCFq9RXsd2ERcXk9XgbYO9Vl/k14uBz1oe7BvYmFqSeIjm6+J+pWN7VQ84Bo
KvRF3sdxwbOcvfe0tB/5AEW3BiQ3gL9y9/86k+d5gkkxIPLZ5ZXI4+s5jS3UDT6P
bJXFdDHz8dnJ+EN+o1wB/SODeioBjIBKwqaW7bTDccArpSnKqwOcDWrgz1ok9ARJ
11Pa/n9l2/sSX+H37Ubq/VjJr4Vfa6680PPTAYcjhceke921OMI8ZE1xWGPfn7f1
jVmM2IRZrYfLaM2zrYWclw2m0b2RxDh1XW7NeKQBL4uN3/8bfX/R2yONaiXS79ul
5qA=
-----END CERTIFICATE-----
Generated at Tue May 13 08:10:20 2025 by rpki-client