Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/f65WZwqUkFPqWNdlcUaqQGBNzbw.roa
File: f65WZwqUkFPqWNdlcUaqQGBNzbw.roa (raw, json)
Hash identifier: RrPtbdXe3J6KikeLVfGmNyPCRPXiLZ6WxnxIZ3vC6Kc=
Subject key identifier: 7F:AE:56:67:0A:94:90:53:EA:58:D7:65:71:46:AA:40:60:4D:CD:BC
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B66B984F7A1E1F79720683321313207E3
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/f65WZwqUkFPqWNdlcUaqQGBNzbw.roa
Signing time: Wed 25 Oct 2023 12:05:15 +0000
ROA not before: Wed 25 Oct 2023 12:05:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:66b9:126b/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:66:b9:84:f7:a1:e1:f7:97:20:68:33:21:31:32:07:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 25 12:05:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7fae56670a949053ea58d7657146aa40604dcdbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:a2:b5:c0:18:25:d3:51:92:c3:97:41:60:f3:
df:f6:a5:83:22:be:16:92:95:01:ba:94:5a:38:39:
c2:bd:e2:61:6e:de:5a:8e:bd:66:83:aa:9a:ae:e6:
68:74:14:c3:ab:8d:f3:56:15:11:63:49:02:6c:de:
5e:77:cc:a2:85:65:5b:02:72:d3:6c:2b:1d:31:7e:
12:ba:44:6f:24:0b:68:71:e0:36:fc:28:00:b1:98:
40:51:f5:bd:b2:4b:0c:c3:30:2e:c8:52:1a:83:7b:
63:9e:84:5c:87:fd:3d:95:f3:a9:31:f1:65:00:f7:
86:49:6c:0f:24:08:60:e1:2a:6b:cc:ef:4c:79:05:
e2:fa:18:a6:2b:a2:1a:09:dc:df:87:26:ab:a3:b7:
85:f2:ca:a3:05:46:71:71:84:73:b4:30:8e:3d:5e:
bf:57:9e:a0:9d:5c:b1:3a:e8:a1:a7:71:ad:af:05:
c7:6f:5d:29:3b:fe:16:b9:2e:76:75:23:58:d7:92:
5c:1c:f5:c5:89:62:ae:9b:ac:19:19:4f:e7:ad:4d:
55:77:b2:92:45:e0:0e:83:a1:2b:9d:9f:47:68:32:
99:bf:93:b2:f4:a3:12:30:02:ee:b7:c5:59:eb:24:
a2:80:30:48:38:29:09:93:ac:97:f7:12:3d:f4:19:
7c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:AE:56:67:0A:94:90:53:EA:58:D7:65:71:46:AA:40:60:4D:CD:BC
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/f65WZwqUkFPqWNdlcUaqQGBNzbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c6:82:19:4e:bd:2f:18:4c:82:12:c2:f6:db:b4:89:02:0d:30:
b9:d4:5d:69:d1:d7:c5:18:27:e1:5e:52:20:7e:b0:48:6d:61:
f2:f6:5b:95:6e:b3:e0:7f:24:fe:43:95:64:e9:fa:c1:12:b7:
ac:f8:b2:17:81:a8:47:fc:f5:6f:40:e5:5a:3b:d5:ff:4a:92:
de:df:62:a8:89:96:1d:f7:45:40:a6:81:0d:06:b5:ac:84:09:
41:8b:75:73:14:2b:aa:f3:99:f1:2a:8f:7c:e0:d4:39:74:dd:
82:99:71:22:d7:e2:8c:c7:b7:44:b6:38:ee:b2:c2:34:b6:74:
28:26:b1:4e:1b:e2:dd:0e:31:2f:66:65:d3:cc:d9:92:a4:8d:
1e:67:ce:71:1e:2c:a5:c1:47:05:59:a4:6a:bb:29:bd:dd:f9:
d3:01:33:5d:9c:43:4d:65:c7:09:74:4c:55:2d:47:93:9f:61:
e1:6c:98:58:e1:22:7b:d3:5b:58:11:d1:20:6c:10:c7:24:84:
11:97:4e:4e:28:20:6c:f6:b7:70:fb:76:90:1b:02:96:7c:5d:
6b:1b:8d:46:ab:50:8e:be:2a:79:da:e3:32:bf:60:23:1c:05:
dd:14:5a:2d:a3:da:08:df:f3:73:5a:5d:11:e9:f4:ce:f0:9b:
7f:11:e9:d7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtmuYT3oeH3lyBoMyExMgfjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI1MTIwNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmFlNTY2NzBhOTQ5MDUzZWE1OGQ3NjU3MTQ2YWE0MDYwNGRjZGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6K1wBgl01GSw5dBYPPf9qWDIr4W
kpUBupRaODnCveJhbt5ajr1mg6qaruZodBTDq43zVhURY0kCbN5ed8yihWVbAnLT
bCsdMX4SukRvJAtoceA2/CgAsZhAUfW9sksMwzAuyFIag3tjnoRch/09lfOpMfFl
APeGSWwPJAhg4SprzO9MeQXi+himK6IaCdzfhyaro7eF8sqjBUZxcYRztDCOPV6/
V56gnVyxOuihp3GtrwXHb10pO/4WuS52dSNY15JcHPXFiWKum6wZGU/nrU1Vd7KS
ReAOg6ErnZ9HaDKZv5Oy9KMSMALut8VZ6ySigDBIOCkJk6yX9xI99Bl8OwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH+uVmcKlJBT6ljXZXFGqkBgTc28MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZjY1V1p3cVVrRlBxV05kbGNVYXFRR0JOemJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMaCGU69LxhMghLC9tu0
iQINMLnUXWnR18UYJ+FeUiB+sEhtYfL2W5Vus+B/JP5DlWTp+sESt6z4sheBqEf8
9W9A5Vo71f9Kkt7fYqiJlh33RUCmgQ0GtayECUGLdXMUK6rzmfEqj3zg1Dl03YKZ
cSLX4ozHt0S2OO6ywjS2dCgmsU4b4t0OMS9mZdPM2ZKkjR5nznEeLKXBRwVZpGq7
Kb3d+dMBM12cQ01lxwl0TFUtR5OfYeFsmFjhInvTW1gR0SBsEMckhBGXTk4oIGz2
t3D7dpAbApZ8XWsbjUarUI6+Knna4zK/YCMcBd0UWi2j2gjf83NaXRHp9M7wm38R
6dc=
-----END CERTIFICATE-----
Generated at Sat May 17 01:06:08 2025 by rpki-client