Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rFsnkewHPfqRITOOIM4cWvq5t5s.roa
File: rFsnkewHPfqRITOOIM4cWvq5t5s.roa (raw, json)
Hash identifier: Mj0UDgM0cbCgMbi3hUMR5pE3NtmHTZ3ykNzHYYbsP50=
Subject key identifier: AC:5B:27:91:EC:07:3D:FA:91:21:33:8E:20:CE:1C:5A:FA:B9:B7:9B
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ABC90224BF90B40B374A88BFF55BC71C8
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rFsnkewHPfqRITOOIM4cWvq5t5s.roa
Signing time: Fri 22 Sep 2023 11:04:37 +0000
ROA not before: Fri 22 Sep 2023 11:04:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:bc8f:cdd2/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bc:90:22:4b:f9:0b:40:b3:74:a8:8b:ff:55:bc:71:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 22 11:04:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac5b2791ec073dfa9121338e20ce1c5afab9b79b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:68:71:ff:a3:35:a9:d7:c1:d8:dc:94:3b:30:
d5:d4:f7:df:78:08:ff:3f:22:30:33:c0:46:2d:15:
73:f8:1d:de:eb:22:01:94:b9:d7:bd:f8:ae:fb:03:
04:b9:79:26:a9:97:3a:d2:31:fe:df:0b:da:45:a6:
20:3b:98:7f:66:ad:9f:ee:d4:73:1d:81:f9:6f:d8:
ae:02:57:05:cf:dd:24:93:67:18:c6:5f:dd:c5:fc:
87:61:0f:11:cd:64:05:56:8a:93:33:8b:f9:72:b0:
8d:b0:c2:5d:0b:5d:fc:7e:b0:5c:15:0c:c5:f2:65:
f2:cc:2d:66:24:d4:f5:81:a6:67:5a:a3:11:2a:a6:
08:8e:64:be:21:eb:65:40:7d:70:2a:8b:28:8b:7a:
ce:3c:c1:05:53:4c:86:b1:86:66:1a:41:d8:08:83:
67:97:99:d2:f0:45:0d:b8:69:10:c9:c6:10:8f:ad:
05:6e:05:e2:49:6f:8b:d2:64:1a:84:2a:47:b8:c8:
77:9a:00:40:3f:92:aa:78:78:4e:c8:83:b8:f4:9c:
d4:2a:fb:dd:3e:45:1b:e6:15:e9:58:ae:cb:ba:fc:
d9:a4:bc:5e:af:70:75:6f:76:8f:a0:52:1d:9b:48:
a8:f0:8f:66:89:d2:ca:2b:47:c0:be:3c:e9:77:91:
52:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:5B:27:91:EC:07:3D:FA:91:21:33:8E:20:CE:1C:5A:FA:B9:B7:9B
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rFsnkewHPfqRITOOIM4cWvq5t5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
93:96:5a:02:a2:3b:75:15:7f:ff:56:48:e9:63:0f:bb:6f:aa:
30:59:d6:6f:94:bb:67:c3:0c:82:dd:a1:6a:fd:81:c5:da:94:
97:0a:bf:c8:8c:cf:be:ec:ce:90:e4:50:2f:a4:97:f2:18:05:
aa:c7:5d:7e:f3:94:af:c5:eb:b4:6b:53:0a:df:74:41:3b:6a:
fe:e7:8e:e0:a8:24:ea:b7:fd:59:9e:b8:de:b3:30:86:0c:9a:
93:46:5c:94:93:79:f0:af:cc:0e:00:c1:22:3c:88:dc:30:f6:
4c:e4:60:d2:50:9c:30:06:ba:29:ab:0b:62:44:39:83:5e:66:
32:46:75:f3:a7:01:8f:c1:42:a4:9e:e9:8d:ef:10:0e:0a:6c:
3a:56:83:26:f6:1f:39:a7:fd:7c:97:dd:c5:dc:db:54:04:6e:
06:ab:21:6c:62:96:33:0f:8a:c7:67:bb:a9:62:ea:fe:97:ab:
43:4e:4b:9f:53:76:8d:be:24:83:bd:5f:b4:2b:9a:76:99:51:
6f:75:27:76:7b:8f:21:b9:89:29:8c:5c:b4:f0:70:f6:35:74:
f8:e5:32:c0:a5:b9:da:8e:ec:43:45:a3:21:00:07:c0:7f:92:
21:23:a5:29:cd:e9:01:1c:2c:5f:b1:17:f0:36:b6:3c:dc:88:
79:e3:c7:77
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYq8kCJL+QtAs3Soi/9VvHHIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIyMTEwNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzViMjc5MWVjMDczZGZhOTEyMTMzOGUyMGNlMWM1YWZhYjliNzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmhx/6M1qdfB2NyUOzDV1PffeAj/
PyIwM8BGLRVz+B3e6yIBlLnXvfiu+wMEuXkmqZc60jH+3wvaRaYgO5h/Zq2f7tRz
HYH5b9iuAlcFz90kk2cYxl/dxfyHYQ8RzWQFVoqTM4v5crCNsMJdC138frBcFQzF
8mXyzC1mJNT1gaZnWqMRKqYIjmS+IetlQH1wKosoi3rOPMEFU0yGsYZmGkHYCINn
l5nS8EUNuGkQycYQj60FbgXiSW+L0mQahCpHuMh3mgBAP5KqeHhOyIO49JzUKvvd
PkUb5hXpWK7LuvzZpLxer3B1b3aPoFIdm0io8I9midLKK0fAvjzpd5FScQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKxbJ5HsBz36kSEzjiDOHFr6ubebMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvckZzbmtld0hQZnFSSVRPT0lNNGNXdnE1dDVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJOWWgKiO3UVf/9WSOlj
D7tvqjBZ1m+Uu2fDDILdoWr9gcXalJcKv8iMz77szpDkUC+kl/IYBarHXX7zlK/F
67RrUwrfdEE7av7njuCoJOq3/VmeuN6zMIYMmpNGXJSTefCvzA4AwSI8iNww9kzk
YNJQnDAGuimrC2JEOYNeZjJGdfOnAY/BQqSe6Y3vEA4KbDpWgyb2Hzmn/XyX3cXc
21QEbgarIWxiljMPisdnu6li6v6Xq0NOS59Tdo2+JIO9X7QrmnaZUW91J3Z7jyG5
iSmMXLTwcPY1dPjlMsCludqO7ENFoyEAB8B/kiEjpSnN6QEcLF+xF/A2tjzciHnj
x3c=
-----END CERTIFICATE-----
Generated at Sat May 10 11:20:51 2025 by rpki-client