Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/m7iPDdbnp62_3htnUCbU6RTs4e8.roa
File: m7iPDdbnp62_3htnUCbU6RTs4e8.roa (raw, json)
Hash identifier: 7uS6vVYX/+r/43RXtejM7QXqu+ly8URdRLsCx+NWrKw=
Subject key identifier: 9B:B8:8F:0D:D6:E7:A7:AD:BF:DE:1B:67:50:26:D4:E9:14:EC:E1:EF
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B178C5AAEEF715A150E90CFFC2C14CE17
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/m7iPDdbnp62_3htnUCbU6RTs4e8.roa
Signing time: Tue 10 Oct 2023 03:05:56 +0000
ROA not before: Tue 10 Oct 2023 03:05:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18b:178b:db8b/128 maxlen: 128
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:17:8c:5a:ae:ef:71:5a:15:0e:90:cf:fc:2c:14:ce:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 10 03:05:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9bb88f0dd6e7a7adbfde1b675026d4e914ece1ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:9d:89:90:00:4f:df:4c:ca:a1:f4:05:93:58:
04:17:98:a3:19:75:e0:d3:4a:42:f5:3e:79:28:d8:
7e:0b:d8:97:32:0b:1a:f2:4d:63:1f:27:28:46:f0:
7b:75:dd:a4:17:7b:2f:f2:01:ed:27:35:a7:11:56:
a7:59:f4:44:e8:4d:1c:41:28:d9:4b:7c:2d:5b:45:
82:b6:23:e0:c3:4b:64:aa:87:82:ad:a7:aa:67:77:
d7:de:a5:8b:be:06:40:2a:34:a0:ae:48:4a:b9:01:
dc:e9:45:aa:9b:43:dd:0c:26:76:84:f1:0e:eb:3e:
59:8f:eb:3a:65:82:ff:14:6b:eb:71:7e:61:bf:52:
00:0f:1a:3f:04:7b:90:21:08:a9:4e:31:c1:e6:bc:
cb:ab:25:21:f0:5b:ee:c6:5e:01:4f:a8:71:92:7b:
a1:a5:b7:ec:16:ce:dc:ff:f8:8c:98:06:a4:7a:ab:
9e:04:22:a6:7c:7a:bd:9e:41:e2:52:fe:af:7d:20:
b0:04:59:7a:83:fa:88:13:6f:fe:13:4c:c1:0a:ff:
3f:c7:0b:31:69:cc:e3:2c:60:9a:6d:9b:dd:6f:30:
a9:e6:51:1d:79:90:11:16:7a:f7:f9:20:f3:df:33:
34:9f:1b:5f:40:08:8a:e4:8c:3a:12:00:e6:ce:cd:
b5:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:B8:8F:0D:D6:E7:A7:AD:BF:DE:1B:67:50:26:D4:E9:14:EC:E1:EF
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/m7iPDdbnp62_3htnUCbU6RTs4e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
82:dd:b5:e8:d4:5a:82:02:70:38:a2:6f:4f:f6:ee:8f:8c:e8:
0a:6a:06:32:4b:70:dc:93:aa:d1:f1:ca:61:6c:d0:31:19:ce:
a9:69:43:c2:63:07:fd:11:c4:d2:f4:50:2a:ab:76:ed:ad:0c:
eb:c8:38:c3:f5:f1:bd:e9:7d:f9:0c:7e:85:4e:ce:09:8f:fc:
d5:67:43:03:2b:2d:77:6e:ac:0a:6c:a7:d2:de:f8:78:ae:3a:
6e:63:b8:f6:54:99:cc:a5:be:4e:42:22:62:d7:ed:9a:3e:c2:
7a:9b:db:a1:da:25:ac:24:c4:46:0c:c0:18:e5:fc:31:bd:97:
4c:ff:73:15:ef:5a:72:7d:37:8a:de:73:1d:45:a9:cd:7e:c5:
80:da:1f:0f:04:c2:e9:4d:68:fb:90:7f:ec:6b:3f:58:9e:ef:
cf:d8:06:01:8e:89:68:52:73:4e:29:d5:09:91:b1:99:8a:1a:
cc:f3:c6:73:20:ac:f1:3e:95:c1:8a:60:68:48:4d:9b:f9:b4:
bd:28:16:8b:18:b6:ab:0b:89:d5:90:29:ff:04:0c:f2:29:23:
30:2a:89:31:d5:5f:1f:df:35:2e:f7:19:17:85:cc:98:78:c5:
90:fc:b6:ec:53:45:41:71:de:4a:6c:80:01:6a:63:1b:5b:d0:
62:76:2e:2a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsXjFqu73FaFQ6Qz/wsFM4XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDEwMDMwNTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmI4OGYwZGQ2ZTdhN2FkYmZkZTFiNjc1MDI2ZDRlOTE0ZWNlMWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl52JkABP30zKofQFk1gEF5ijGXXg
00pC9T55KNh+C9iXMgsa8k1jHycoRvB7dd2kF3sv8gHtJzWnEVanWfRE6E0cQSjZ
S3wtW0WCtiPgw0tkqoeCraeqZ3fX3qWLvgZAKjSgrkhKuQHc6UWqm0PdDCZ2hPEO
6z5Zj+s6ZYL/FGvrcX5hv1IADxo/BHuQIQipTjHB5rzLqyUh8Fvuxl4BT6hxknuh
pbfsFs7c//iMmAakequeBCKmfHq9nkHiUv6vfSCwBFl6g/qIE2/+E0zBCv8/xwsx
aczjLGCabZvdbzCp5lEdeZARFnr3+SDz3zM0nxtfQAiK5Iw6EgDmzs21kQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJu4jw3W56etv94bZ1Am1OkU7OHvMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbTdpUERkYm5wNjJfM2h0blVDYlU2UlRzNGU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAILdtejUWoICcDiib0/2
7o+M6ApqBjJLcNyTqtHxymFs0DEZzqlpQ8JjB/0RxNL0UCqrdu2tDOvIOMP18b3p
ffkMfoVOzgmP/NVnQwMrLXdurApsp9Le+HiuOm5juPZUmcylvk5CImLX7Zo+wnqb
26HaJawkxEYMwBjl/DG9l0z/cxXvWnJ9N4recx1Fqc1+xYDaHw8EwulNaPuQf+xr
P1ie78/YBgGOiWhSc04p1QmRsZmKGszzxnMgrPE+lcGKYGhITZv5tL0oFosYtqsL
idWQKf8EDPIpIzAqiTHVXx/fNS73GReFzJh4xZD8tuxTRUFx3kpsgAFqYxtb0GJ2
Lio=
-----END CERTIFICATE-----
Generated at Sun May 11 15:27:40 2025 by rpki-client