Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/t9oxKEXD35bHqcXWBCbRFG_JFnY.roa
File: t9oxKEXD35bHqcXWBCbRFG_JFnY.roa (raw, json)
Hash identifier: FHrYKE+bDJggvFVUy042ilusrtDO4Dw57lYGXYeBOAw=
Subject key identifier: B7:DA:31:28:45:C3:DF:96:C7:A9:C5:D6:04:26:D1:14:6F:C9:16:76
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BB50B47A223D325289346104E4F82B755
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/t9oxKEXD35bHqcXWBCbRFG_JFnY.roa
Signing time: Thu 09 Nov 2023 17:04:57 +0000
ROA not before: Thu 09 Nov 2023 17:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18b:b50a:f719/128 maxlen: 128
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b5:0b:47:a2:23:d3:25:28:93:46:10:4e:4f:82:b7:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 9 17:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7da312845c3df96c7a9c5d60426d1146fc91676
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:a7:aa:24:99:80:d5:49:62:23:53:22:83:4e:
3b:3a:b6:8d:08:3d:4a:c5:ff:5a:09:91:86:17:ef:
99:11:86:0a:e0:5b:17:85:8a:52:0f:50:4f:2c:48:
a5:ab:c8:3b:54:3a:c6:fb:d0:e9:ef:a7:50:8f:de:
18:b9:2c:1f:0e:97:18:5c:32:6a:ea:ef:7e:5e:5e:
ba:70:f7:b2:77:e1:3b:49:ee:be:59:6d:26:70:d8:
91:4e:3a:cf:f3:64:be:b0:61:61:8c:e4:9e:ac:d3:
a2:86:90:85:13:a0:d4:94:6d:89:12:07:e7:bf:d9:
5b:6d:d5:32:f8:51:80:e4:c0:73:20:ef:b1:9f:9d:
7a:fa:76:9f:52:92:ca:e7:4f:45:5e:ed:6b:75:f3:
e6:54:44:b8:d9:0a:ea:c5:e8:ac:92:24:a7:9f:39:
7a:d4:20:31:fc:5f:81:c4:fa:64:40:33:df:f0:36:
2a:33:8f:e4:bc:c0:ae:d4:fc:e1:c8:ea:47:2d:2d:
0b:f3:2f:78:98:a1:c9:4d:bc:aa:e7:8c:78:f9:a7:
4b:b8:e0:35:80:65:f8:bb:2b:1e:eb:4a:26:cf:e0:
e1:ec:dc:12:0d:9e:de:ec:3b:ba:c8:f6:7a:1a:03:
eb:ee:59:62:fa:df:d6:17:b5:51:a5:27:9d:39:99:
31:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:DA:31:28:45:C3:DF:96:C7:A9:C5:D6:04:26:D1:14:6F:C9:16:76
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/t9oxKEXD35bHqcXWBCbRFG_JFnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c0:f5:bf:0a:49:6d:92:e6:33:11:4c:a3:4d:e6:41:99:ea:3f:
4b:a1:21:fc:d7:0a:24:62:4f:cd:ae:d6:60:27:a6:7d:97:57:
a5:32:cc:59:9d:9e:e8:cd:51:17:75:85:b3:a5:d3:7c:04:6b:
b9:47:a3:ef:9b:11:be:75:ab:79:17:32:c0:b6:dd:ea:a7:bc:
b3:55:49:83:71:7f:ea:00:2c:3d:c9:1b:2d:08:82:b3:cd:78:
97:69:12:4f:92:5d:7b:38:91:4c:b5:95:fe:d7:e7:bc:d0:b9:
0e:59:61:df:b8:af:f4:a9:a0:2d:d3:67:86:24:b4:a6:1f:ce:
6a:8c:af:25:dc:b0:6a:61:18:a2:80:8c:f9:d4:4a:46:a8:48:
ad:eb:a5:32:f1:e2:ae:b4:bc:09:67:67:72:24:64:3c:e8:10:
cd:49:3a:ff:d0:e5:3c:10:a6:9b:a3:50:9d:92:56:e0:a4:b4:
e4:07:5d:27:78:15:f0:65:74:6c:4a:55:d6:76:36:aa:0a:de:
01:9d:c1:7f:16:2d:9a:c4:eb:6e:47:2a:23:3b:dc:54:43:ea:
66:45:36:61:6d:a5:eb:a4:1c:43:c3:ce:33:4c:67:7f:64:98:
b6:b9:16:93:9d:62:d9:cd:f9:0c:1e:18:46:06:81:85:b9:31:
e6:89:27:1d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYu1C0eiI9MlKJNGEE5PgrdVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA5MTcwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2RhMzEyODQ1YzNkZjk2YzdhOWM1ZDYwNDI2ZDExNDZmYzkxNjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnaeqJJmA1UliI1Mig047OraNCD1K
xf9aCZGGF++ZEYYK4FsXhYpSD1BPLEilq8g7VDrG+9Dp76dQj94YuSwfDpcYXDJq
6u9+Xl66cPeyd+E7Se6+WW0mcNiRTjrP82S+sGFhjOSerNOihpCFE6DUlG2JEgfn
v9lbbdUy+FGA5MBzIO+xn516+nafUpLK509FXu1rdfPmVES42QrqxeiskiSnnzl6
1CAx/F+BxPpkQDPf8DYqM4/kvMCu1PzhyOpHLS0L8y94mKHJTbyq54x4+adLuOA1
gGX4uyse60omz+Dh7NwSDZ7e7Du6yPZ6GgPr7lli+t/WF7VRpSedOZkxaQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLfaMShFw9+Wx6nF1gQm0RRvyRZ2MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdDlveEtFWEQzNWJIcWNYV0JDYlJGR19KRm5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMD1vwpJbZLmMxFMo03m
QZnqP0uhIfzXCiRiT82u1mAnpn2XV6UyzFmdnujNURd1hbOl03wEa7lHo++bEb51
q3kXMsC23eqnvLNVSYNxf+oALD3JGy0IgrPNeJdpEk+SXXs4kUy1lf7X57zQuQ5Z
Yd+4r/SpoC3TZ4YktKYfzmqMryXcsGphGKKAjPnUSkaoSK3rpTLx4q60vAlnZ3Ik
ZDzoEM1JOv/Q5TwQppujUJ2SVuCktOQHXSd4FfBldGxKVdZ2NqoK3gGdwX8WLZrE
625HKiM73FRD6mZFNmFtpeukHEPDzjNMZ39kmLa5FpOdYtnN+QweGEYGgYW5MeaJ
Jx0=
-----END CERTIFICATE-----
Generated at Wed May 14 02:10:16 2025 by rpki-client