Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/_kDZBUVykkzv2Z9Xs2WzxRAEftw.roa
File: _kDZBUVykkzv2Z9Xs2WzxRAEftw.roa (raw, json)
Hash identifier: 0RjHa1qVK9vFou4KJX36hopGIUTg4owr2oki1uRSpjQ=
Subject key identifier: FE:40:D9:05:45:72:92:4C:EF:D9:9F:57:B3:65:B3:C5:10:04:7E:DC
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AB1A70ED2A3BBB1338EFD346DEA86DD40
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/_kDZBUVykkzv2Z9Xs2WzxRAEftw.roa
Signing time: Wed 20 Sep 2023 08:13:50 +0000
ROA not before: Wed 20 Sep 2023 08:13:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b1:a7:0e:d2:a3:bb:b1:33:8e:fd:34:6d:ea:86:dd:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 20 08:13:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe40d9054572924cefd99f57b365b3c510047edc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:8b:fb:6a:7e:6a:67:75:0c:0a:64:34:36:82:
07:19:a3:6e:9d:75:c6:b4:dd:de:fb:da:bb:4f:10:
e2:4a:81:59:95:ef:b7:99:e4:dc:f7:61:cb:2d:82:
9d:11:59:4b:32:22:18:b0:ba:bf:98:6a:03:67:54:
33:3a:68:d3:10:2e:35:7b:17:2f:90:bc:8b:8c:17:
64:ae:ba:7f:82:30:f2:ac:fa:9e:fb:61:02:03:05:
bc:d8:34:51:f0:21:95:12:d2:b3:53:05:37:51:c5:
21:a5:ee:87:9e:07:ab:e2:68:93:f2:07:c5:98:1b:
c7:0a:bb:40:50:46:ab:14:a3:80:a5:67:7e:b1:40:
9b:11:47:9d:4c:f9:6c:b1:6d:b8:d6:06:12:d3:1a:
67:19:1e:8c:43:aa:a8:15:6f:b3:bd:c0:b0:74:be:
cd:98:98:f5:90:6c:0d:94:9f:b6:54:03:14:e9:de:
0d:8a:7c:84:27:c1:9b:69:df:4a:70:f4:60:b5:c8:
60:af:ba:50:56:95:6d:f9:69:8a:16:bc:bd:35:e0:
cf:ef:09:bd:b4:39:a7:ac:35:2d:60:71:d2:33:5f:
40:66:71:5b:1a:13:7e:1f:60:5a:7b:31:2f:ee:21:
8f:36:0f:55:39:25:53:16:f2:2a:7f:96:dc:02:2a:
28:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:40:D9:05:45:72:92:4C:EF:D9:9F:57:B3:65:B3:C5:10:04:7E:DC
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/_kDZBUVykkzv2Z9Xs2WzxRAEftw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
51:f1:ea:09:00:07:f9:3b:c7:6f:a1:4c:2f:ed:f7:bd:27:68:
c0:b6:2a:26:82:15:84:c2:ee:1b:bf:df:22:bb:ab:20:da:cd:
81:f6:f1:74:56:96:d4:b2:28:ed:92:a3:91:d3:fe:fe:5a:61:
44:38:6e:04:2a:8f:34:46:c8:8f:8c:ff:31:88:d7:cc:8b:a2:
29:a0:57:77:4a:ba:50:34:90:6a:6b:81:b0:0b:d9:e1:7f:6d:
79:f6:ab:cc:f1:e9:bb:95:32:49:f3:80:c4:86:cd:34:e1:7f:
a8:a3:ab:a2:95:19:35:0c:d9:89:8e:78:e8:2c:dc:b6:52:04:
72:11:e4:76:4c:8c:f7:0f:1f:3c:30:07:ef:cf:e2:9f:f4:d8:
db:83:d0:4c:15:be:1f:eb:5c:d9:0a:39:45:1f:f2:9a:e0:6b:
b9:3c:da:4b:48:3e:21:33:ea:fd:29:d9:8c:e6:17:9e:fe:70:
40:97:3f:b6:81:73:bd:1f:b2:e9:e9:66:0f:7b:38:e5:d5:ab:
d5:b2:91:73:9b:f4:97:a7:3b:46:7a:20:4c:29:47:6e:09:ed:
4d:8f:c7:c5:54:43:0a:81:c4:ae:9c:5a:3f:00:c8:5c:95:b8:
e9:6c:92:c3:24:ef:c3:cd:0f:eb:ef:3f:80:24:3a:24:3f:1d:
7a:10:f1:27
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqxpw7So7uxM479NG3qht1AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIwMDgxMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTQwZDkwNTQ1NzI5MjRjZWZkOTlmNTdiMzY1YjNjNTEwMDQ3ZWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgIv7an5qZ3UMCmQ0NoIHGaNunXXG
tN3e+9q7TxDiSoFZle+3meTc92HLLYKdEVlLMiIYsLq/mGoDZ1QzOmjTEC41excv
kLyLjBdkrrp/gjDyrPqe+2ECAwW82DRR8CGVEtKzUwU3UcUhpe6Hnger4miT8gfF
mBvHCrtAUEarFKOApWd+sUCbEUedTPlssW241gYS0xpnGR6MQ6qoFW+zvcCwdL7N
mJj1kGwNlJ+2VAMU6d4NinyEJ8Gbad9KcPRgtchgr7pQVpVt+WmKFry9NeDP7wm9
tDmnrDUtYHHSM19AZnFbGhN+H2BaezEv7iGPNg9VOSVTFvIqf5bcAioo7wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP5A2QVFcpJM79mfV7Nls8UQBH7cMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvX2tEWkJVVnlra3p2Mlo5WHMyV3p4UkFFZnR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFHx6gkAB/k7x2+hTC/t
970naMC2KiaCFYTC7hu/3yK7qyDazYH28XRWltSyKO2So5HT/v5aYUQ4bgQqjzRG
yI+M/zGI18yLoimgV3dKulA0kGprgbAL2eF/bXn2q8zx6buVMknzgMSGzTThf6ij
q6KVGTUM2YmOeOgs3LZSBHIR5HZMjPcPHzwwB+/P4p/02NuD0EwVvh/rXNkKOUUf
8prga7k82ktIPiEz6v0p2YzmF57+cECXP7aBc70fsunpZg97OOXVq9WykXOb9Jen
O0Z6IEwpR24J7U2Px8VUQwqBxK6cWj8AyFyVuOlsksMk78PND+vvP4AkOiQ/HXoQ
8Sc=
-----END CERTIFICATE-----
Generated at Mon May 12 22:02:59 2025 by rpki-client