Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/aygBbWRiazFQ3EWNXkWd95smkRg.roa
File: aygBbWRiazFQ3EWNXkWd95smkRg.roa (raw, json)
Hash identifier: I4B9Vp4MU7i4kY5eVQjod54dyUiz9s30acdCLS242aA=
Subject key identifier: 6B:28:01:6D:64:62:6B:31:50:DC:45:8D:5E:45:9D:F7:9B:26:91:18
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AEF3E6B12554942D774BD46E166CE04C4
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/aygBbWRiazFQ3EWNXkWd95smkRg.roa
Signing time: Mon 02 Oct 2023 07:15:59 +0000
ROA not before: Mon 02 Oct 2023 07:15:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ef:3e:6b:12:55:49:42:d7:74:bd:46:e1:66:ce:04:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 2 07:15:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b28016d64626b3150dc458d5e459df79b269118
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c8:1c:39:bb:3a:91:4e:a6:68:22:7e:4f:87:
52:fd:c6:ab:9e:40:4c:44:bf:93:af:4a:38:a4:54:
21:7b:23:1a:12:63:39:44:7a:54:f1:59:cf:2b:a2:
2e:7f:48:f1:6a:c9:a1:f2:1e:13:7f:80:9f:fb:73:
c2:4d:39:65:1f:e2:8d:3d:08:79:a8:27:8f:47:ef:
4d:7a:36:95:13:2b:7f:30:8e:84:29:df:a6:28:17:
3a:7e:db:6d:0f:a8:50:af:97:30:03:ae:97:1f:cd:
f3:8f:33:11:ce:97:b3:56:79:2d:5e:ae:7f:f4:fa:
62:9b:6d:c5:d4:32:2d:e1:13:47:12:19:63:af:16:
c9:8d:5f:66:f9:41:cf:8d:fa:49:da:02:4d:5b:da:
37:ec:26:ec:b4:06:33:24:ef:63:f8:da:6c:c9:36:
c3:b0:39:ca:80:6d:cf:7d:3c:08:22:12:a3:c1:a4:
13:55:b2:47:f6:7b:6e:c8:ad:19:e8:85:c5:26:be:
d9:62:46:17:72:e2:7c:67:83:95:a3:7e:cb:3f:28:
f8:64:77:75:0c:f3:c1:8d:cb:1e:68:da:a2:7e:bb:
ee:2c:bc:79:df:2a:da:93:69:93:b6:56:f1:b5:00:
99:4d:bd:f0:a3:dd:39:d4:4a:1b:04:d1:69:ae:a2:
d8:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:28:01:6D:64:62:6B:31:50:DC:45:8D:5E:45:9D:F7:9B:26:91:18
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/aygBbWRiazFQ3EWNXkWd95smkRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
49:74:15:f1:e5:9a:3a:af:d9:c9:ca:d2:2c:6e:09:a7:b3:b6:
9e:0a:58:87:af:cd:92:da:8c:a5:3b:19:51:7a:91:9a:02:5e:
1c:08:1d:ff:d4:45:64:09:01:37:0d:b7:37:7b:f3:e5:7e:5a:
a5:eb:ba:92:f2:39:17:d4:71:41:70:ed:f9:cd:21:03:32:8e:
b9:26:3b:56:38:2c:f1:85:e5:8b:cf:b7:1c:44:65:ba:ed:49:
15:58:f9:d8:a8:d1:e0:7c:1a:1e:e8:3a:4e:8c:1b:93:94:1e:
e2:bc:f9:e4:cc:e4:59:70:bc:c2:72:0c:6c:92:b0:d1:a0:aa:
93:6c:12:78:fd:25:c7:13:0f:a6:d2:19:e7:b4:20:58:f5:59:
4c:a3:94:8e:e2:75:a3:6c:e7:61:8a:69:a3:61:66:cf:2e:16:
87:de:1a:eb:c3:44:46:8e:99:f8:8c:ba:bf:28:cb:b6:4d:ed:
65:dc:08:70:04:ae:39:bd:1a:7d:ea:96:55:e9:45:5f:70:61:
8e:de:4f:40:ff:5a:39:a0:46:74:a7:b4:44:0d:f9:62:d0:8a:
41:0a:5b:4a:fd:76:3b:4c:58:60:9a:e2:b9:b8:94:5f:34:c3:
c4:6b:9b:b5:55:08:a8:be:6b:43:7f:d3:6a:69:73:72:5e:77:
61:b0:0f:25
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrvPmsSVUlC13S9RuFmzgTEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDAyMDcxNTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjI4MDE2ZDY0NjI2YjMxNTBkYzQ1OGQ1ZTQ1OWRmNzliMjY5MTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMgcObs6kU6maCJ+T4dS/carnkBM
RL+Tr0o4pFQheyMaEmM5RHpU8VnPK6Iuf0jxasmh8h4Tf4Cf+3PCTTllH+KNPQh5
qCePR+9NejaVEyt/MI6EKd+mKBc6ftttD6hQr5cwA66XH83zjzMRzpezVnktXq5/
9Ppim23F1DIt4RNHEhljrxbJjV9m+UHPjfpJ2gJNW9o37CbstAYzJO9j+NpsyTbD
sDnKgG3PfTwIIhKjwaQTVbJH9ntuyK0Z6IXFJr7ZYkYXcuJ8Z4OVo37LPyj4ZHd1
DPPBjcseaNqifrvuLLx53yrak2mTtlbxtQCZTb3wo9051EobBNFprqLY9wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGsoAW1kYmsxUNxFjV5FnfebJpEYMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYXlnQmJXUmlhekZRM0VXTlhrV2Q5NXNta1JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEl0FfHlmjqv2cnK0ixu
Caeztp4KWIevzZLajKU7GVF6kZoCXhwIHf/URWQJATcNtzd78+V+WqXrupLyORfU
cUFw7fnNIQMyjrkmO1Y4LPGF5YvPtxxEZbrtSRVY+dio0eB8Gh7oOk6MG5OUHuK8
+eTM5FlwvMJyDGySsNGgqpNsEnj9JccTD6bSGee0IFj1WUyjlI7idaNs52GKaaNh
Zs8uFofeGuvDREaOmfiMur8oy7ZN7WXcCHAErjm9Gn3qllXpRV9wYY7eT0D/Wjmg
RnSntEQN+WLQikEKW0r9djtMWGCa4rm4lF80w8Rrm7VVCKi+a0N/02ppc3Jed2Gw
DyU=
-----END CERTIFICATE-----
Generated at Sun May 11 04:33:38 2025 by rpki-client