Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/flhZGTGaBjN2AnpiZWqAfp2rDnw.roa
File: flhZGTGaBjN2AnpiZWqAfp2rDnw.roa (raw, json)
Hash identifier: eJGw7xhyHpgJrMQ+VKA1IgVZQS+4uff26R2GRm6Lyls=
Subject key identifier: 7E:58:59:19:31:9A:06:33:76:02:7A:62:65:6A:80:7E:9D:AB:0E:7C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B38694AA891C5EC29E3FE1B8B57A2569D
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/flhZGTGaBjN2AnpiZWqAfp2rDnw.roa
Signing time: Mon 16 Oct 2023 12:15:06 +0000
ROA not before: Mon 16 Oct 2023 12:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:38:69:4a:a8:91:c5:ec:29:e3:fe:1b:8b:57:a2:56:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 16 12:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e585919319a063376027a62656a807e9dab0e7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:bf:00:33:f3:8a:e8:38:d7:c9:ba:34:8c:c2:
51:af:97:46:35:71:c4:fd:80:ca:03:d6:cb:6a:17:
73:e5:fb:08:7a:a9:a1:a8:57:9c:22:95:ed:82:1b:
80:98:75:c7:1e:2c:c6:d5:7c:7b:17:6a:89:2c:ea:
6c:82:dd:e8:42:dd:71:92:47:1f:84:e0:ed:4a:99:
11:04:a2:39:f2:65:7d:4c:54:d7:0b:a4:a4:b6:ee:
0c:fb:22:50:20:cd:9f:9d:06:48:15:69:a5:36:18:
4f:b0:f6:52:67:ba:6c:6a:ef:99:e0:4f:cc:c4:b4:
90:dc:6f:a3:f7:9a:0c:d5:d6:cc:d5:25:81:20:95:
06:c7:b2:7b:cd:41:cc:52:bf:42:dd:d4:31:f0:e7:
0b:68:ce:5d:3f:a4:bd:a5:56:ff:8b:b9:c3:16:37:
62:2f:29:72:ee:42:0a:8b:20:d8:0d:52:d1:1c:c6:
e1:72:db:50:15:72:92:72:ba:f7:17:b0:8d:30:13:
e2:a7:10:d3:16:52:40:d5:d4:79:1c:7d:6d:33:34:
2c:50:a9:ef:46:13:45:88:f8:97:b9:f9:35:1f:22:
b8:bb:cd:92:1a:92:08:2b:bc:ca:e0:00:d3:71:ca:
c6:54:ed:fe:aa:19:d8:2d:e5:7d:7b:0e:b7:72:83:
de:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:58:59:19:31:9A:06:33:76:02:7A:62:65:6A:80:7E:9D:AB:0E:7C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/flhZGTGaBjN2AnpiZWqAfp2rDnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
68:79:eb:31:79:1c:d2:3d:3f:8f:35:05:e7:3d:e4:e2:32:a0:
75:68:44:b6:4a:26:25:9e:8a:5b:9c:fe:6e:d0:57:a8:d6:ab:
b8:48:42:f9:57:46:e0:7d:86:50:25:35:ad:3b:44:da:2e:93:
e3:d6:f4:d4:a0:f5:58:d0:ec:74:76:61:62:f1:d1:58:a8:81:
65:47:53:65:e3:5c:ba:eb:27:52:ce:83:00:09:6a:61:9b:67:
72:36:7d:0d:8d:27:33:d3:66:d9:3b:91:55:aa:e6:46:48:90:
43:5b:fc:c3:2e:64:77:35:e9:e5:62:40:e3:ad:6b:a6:97:2d:
f2:e9:fb:89:26:ed:ce:3e:64:92:c0:90:c0:3d:cb:33:49:77:
f4:ad:72:e0:06:91:5b:3c:0c:6f:76:a0:c3:90:63:6b:56:36:
f3:79:a3:a3:ed:7d:55:6e:07:3e:a6:ce:5b:76:45:28:b8:4d:
cc:45:9f:89:1c:2d:4f:7d:c2:88:fb:84:2d:19:b7:9e:b9:f4:
9f:b2:9c:62:2f:d9:78:7a:9c:da:7a:91:c0:42:62:80:4e:5e:
5a:3e:cf:8a:b4:20:47:a7:51:1b:8a:65:78:fd:79:72:27:a6:
db:2c:3c:46:d9:72:07:6a:ee:b5:35:b3:8b:ca:15:eb:3d:49:
b5:6b:ee:a6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYs4aUqokcXsKeP+G4tXoladMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE2MTIxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTU4NTkxOTMxOWEwNjMzNzYwMjdhNjI2NTZhODA3ZTlkYWIwZTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApr8AM/OK6DjXybo0jMJRr5dGNXHE
/YDKA9bLahdz5fsIeqmhqFecIpXtghuAmHXHHizG1Xx7F2qJLOpsgt3oQt1xkkcf
hODtSpkRBKI58mV9TFTXC6Sktu4M+yJQIM2fnQZIFWmlNhhPsPZSZ7psau+Z4E/M
xLSQ3G+j95oM1dbM1SWBIJUGx7J7zUHMUr9C3dQx8OcLaM5dP6S9pVb/i7nDFjdi
Lyly7kIKiyDYDVLRHMbhcttQFXKScrr3F7CNMBPipxDTFlJA1dR5HH1tMzQsUKnv
RhNFiPiXufk1HyK4u82SGpIIK7zK4ADTccrGVO3+qhnYLeV9ew63coPelwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH5YWRkxmgYzdgJ6YmVqgH6dqw58MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZmxoWkdUR2FCak4yQW5waVpXcUFmcDJyRG53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGh56zF5HNI9P481Bec9
5OIyoHVoRLZKJiWeiluc/m7QV6jWq7hIQvlXRuB9hlAlNa07RNouk+PW9NSg9VjQ
7HR2YWLx0ViogWVHU2XjXLrrJ1LOgwAJamGbZ3I2fQ2NJzPTZtk7kVWq5kZIkENb
/MMuZHc16eViQOOta6aXLfLp+4km7c4+ZJLAkMA9yzNJd/StcuAGkVs8DG92oMOQ
Y2tWNvN5o6PtfVVuBz6mzlt2RSi4TcxFn4kcLU99woj7hC0Zt5659J+ynGIv2Xh6
nNp6kcBCYoBOXlo+z4q0IEenURuKZXj9eXInptssPEbZcgdq7rU1s4vKFes9SbVr
7qY=
-----END CERTIFICATE-----
Generated at Sun May 11 16:05:50 2025 by rpki-client