Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/tSi08UTleJWSyRffJcx6unFLMq4.roa
File: tSi08UTleJWSyRffJcx6unFLMq4.roa (raw, json)
Hash identifier: yqfnX3sLc2IQPDHu0jFxps9eJTkwKk6zIu7zIE5lLRo=
Subject key identifier: B5:28:B4:F1:44:E5:78:95:92:C9:17:DF:25:CC:7A:BA:71:4B:32:AE
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B0E5A597EEE6C24CC85B19B97BB9F9E10
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/tSi08UTleJWSyRffJcx6unFLMq4.roa
Signing time: Sun 08 Oct 2023 08:14:43 +0000
ROA not before: Sun 08 Oct 2023 08:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:0e:5a:59:7e:ee:6c:24:cc:85:b1:9b:97:bb:9f:9e:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 8 08:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b528b4f144e5789592c917df25cc7aba714b32ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:82:85:58:a5:af:1c:9c:0a:d6:48:93:4e:d5:
0d:ac:ff:87:83:2e:c5:af:b5:dc:39:ce:4e:68:49:
e4:bc:f2:76:b8:d0:bf:76:4f:a3:62:04:4e:cc:3a:
1f:37:02:82:dd:ad:ed:ca:ce:39:f6:f4:d5:55:f2:
b8:19:a8:4f:55:2b:60:b7:15:07:6d:55:1a:9e:d7:
6c:0f:bf:33:5c:e6:86:66:ee:c6:d3:5f:14:94:7c:
31:89:4c:f3:55:35:3b:7a:a7:e2:e6:e1:eb:c7:da:
50:84:b2:71:cf:44:8f:79:d9:d1:3f:7c:9d:67:cf:
9c:72:c7:b8:2f:a3:0b:e4:56:b4:c3:95:e5:b2:3b:
31:5d:d9:52:4b:48:2b:0b:df:2d:bd:4c:49:97:08:
a1:5f:88:30:a0:81:d3:fb:64:17:75:1f:4c:b3:d1:
b5:ff:19:c8:30:0c:59:4c:a2:ed:49:c0:c0:be:7f:
bd:0b:b9:16:28:aa:89:9d:ab:ac:48:48:a7:84:89:
b3:55:47:fc:b5:db:a5:e2:10:4d:fa:47:19:74:dc:
d3:69:72:66:62:5f:f2:fe:67:ee:c6:92:be:c0:96:
de:ac:da:a2:6e:26:58:a2:6b:28:5d:e2:3b:68:66:
5a:9c:86:ff:de:84:a6:52:a4:a7:70:e6:e9:2a:54:
a4:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:28:B4:F1:44:E5:78:95:92:C9:17:DF:25:CC:7A:BA:71:4B:32:AE
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/tSi08UTleJWSyRffJcx6unFLMq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
be:74:11:f9:ae:ac:84:72:0f:e5:ca:e9:9a:5b:ba:ae:59:bc:
0f:08:6e:ed:b7:a5:9b:5e:74:f2:66:c1:70:9c:38:b3:2f:4d:
76:f3:b3:6f:98:66:68:c8:6b:4f:03:89:03:b1:77:cb:da:ec:
a7:e0:6d:b9:00:de:6e:f6:ba:e1:16:3a:ad:1f:41:89:01:70:
c2:53:e2:ec:28:1e:0e:1d:1a:d5:2d:5b:03:1a:80:f6:44:88:
df:9f:bf:4b:2d:5b:c7:42:89:27:ee:2e:e0:14:6c:7c:ed:d2:
a6:fe:2c:15:8e:22:ad:da:40:f9:50:f0:79:f3:21:ef:91:1a:
4d:c2:96:90:89:d3:46:1d:17:7c:26:de:6a:44:de:8c:2c:86:
ef:30:70:fd:0c:a7:ce:b8:2b:bb:a7:de:b7:0d:0b:52:09:c4:
f4:5b:39:75:ab:20:75:29:54:4c:64:03:fd:56:22:da:26:09:
8c:5c:cc:a9:03:fe:53:a6:95:00:6c:af:43:41:b0:b9:bd:52:
55:a5:76:62:d4:ed:36:63:73:cd:ff:48:e3:97:e4:60:ff:b5:
58:1f:a0:b6:c5:4f:9f:5c:61:04:09:00:c4:b3:c1:ef:fd:12:
5f:cc:16:59:e8:8e:cb:e2:13:c4:85:f5:29:80:35:66:76:2a:
02:5a:8b:8a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsOWll+7mwkzIWxm5e7n54QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA4MDgxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTI4YjRmMTQ0ZTU3ODk1OTJjOTE3ZGYyNWNjN2FiYTcxNGIzMmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgoKFWKWvHJwK1kiTTtUNrP+Hgy7F
r7XcOc5OaEnkvPJ2uNC/dk+jYgROzDofNwKC3a3tys459vTVVfK4GahPVStgtxUH
bVUantdsD78zXOaGZu7G018UlHwxiUzzVTU7eqfi5uHrx9pQhLJxz0SPednRP3yd
Z8+ccse4L6ML5Fa0w5XlsjsxXdlSS0grC98tvUxJlwihX4gwoIHT+2QXdR9Ms9G1
/xnIMAxZTKLtScDAvn+9C7kWKKqJnausSEinhImzVUf8tdul4hBN+kcZdNzTaXJm
Yl/y/mfuxpK+wJberNqibiZYomsoXeI7aGZanIb/3oSmUqSncObpKlSkLwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLUotPFE5XiVkskX3yXMerpxSzKuMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdFNpMDhVVGxlSldTeVJmZkpjeDZ1bkZMTXE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAL50EfmurIRyD+XK6Zpb
uq5ZvA8Ibu23pZtedPJmwXCcOLMvTXbzs2+YZmjIa08DiQOxd8va7KfgbbkA3m72
uuEWOq0fQYkBcMJT4uwoHg4dGtUtWwMagPZEiN+fv0stW8dCiSfuLuAUbHzt0qb+
LBWOIq3aQPlQ8HnzIe+RGk3ClpCJ00YdF3wm3mpE3owshu8wcP0Mp864K7un3rcN
C1IJxPRbOXWrIHUpVExkA/1WItomCYxczKkD/lOmlQBsr0NBsLm9UlWldmLU7TZj
c83/SOOX5GD/tVgfoLbFT59cYQQJAMSzwe/9El/MFlnojsviE8SF9SmANWZ2KgJa
i4o=
-----END CERTIFICATE-----
Generated at Sat May 10 13:38:08 2025 by rpki-client