Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/vLd0AXxoUjy0_IihN4FqD_ipsnM.roa
File: vLd0AXxoUjy0_IihN4FqD_ipsnM.roa (raw, json)
Hash identifier: ylaflL7K+rEB1Ol05BPp8Y5rXzRXKW2uRUeWRQ+H1uQ=
Subject key identifier: BC:B7:74:01:7C:68:52:3C:B4:FC:88:A1:37:81:6A:0F:F8:A9:B2:73
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BB6236E2CCDEE0E223C0270916C38AC00
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/vLd0AXxoUjy0_IihN4FqD_ipsnM.roa
Signing time: Thu 09 Nov 2023 22:10:57 +0000
ROA not before: Thu 09 Nov 2023 22:10:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b6:23:6e:2c:cd:ee:0e:22:3c:02:70:91:6c:38:ac:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 9 22:10:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bcb774017c68523cb4fc88a137816a0ff8a9b273
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d2:00:2e:af:77:95:c9:e1:c5:88:bc:a2:30:
f3:92:73:cc:fc:3e:74:2a:86:7c:2a:2e:a4:80:b9:
d7:85:ae:e1:13:f0:a8:42:dd:eb:bf:e3:d3:39:08:
e9:a9:d0:55:3c:ba:37:38:e7:08:59:1c:cb:9b:78:
e8:d4:2e:7c:ba:06:b3:63:5c:b7:41:80:29:f6:ef:
b0:52:3a:44:aa:18:03:e5:93:fc:28:ac:dc:d4:ee:
bf:61:59:a9:fe:d7:e2:b1:7d:bd:8f:49:7a:db:6b:
9d:c2:b7:93:eb:f1:06:c9:5b:af:72:2d:6d:02:23:
89:74:8f:30:0e:c5:f7:4c:3a:df:84:6b:f2:d2:1f:
e8:ca:78:2b:eb:74:12:e1:ff:54:5d:2b:91:8f:f5:
f0:dc:aa:ca:ef:d4:ca:4f:83:59:0e:e1:f6:59:64:
a3:e2:cc:bc:ab:67:c6:7a:1a:f5:e5:4b:ba:a4:41:
f0:25:ba:5c:93:5f:c9:a1:9b:fa:b7:94:96:56:5c:
8a:93:8f:31:e1:4a:cc:3d:b9:7c:82:6f:78:1c:44:
eb:41:95:c2:e3:fa:f6:2c:4c:46:a2:3f:54:d9:ad:
12:bd:35:6c:38:d6:64:06:3d:dd:ff:cb:9d:1f:1d:
9d:4f:35:00:f3:6f:60:96:f6:4d:fc:e9:1c:03:38:
08:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:B7:74:01:7C:68:52:3C:B4:FC:88:A1:37:81:6A:0F:F8:A9:B2:73
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/vLd0AXxoUjy0_IihN4FqD_ipsnM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b3:3a:8c:01:96:1f:a7:d3:51:2e:50:cd:2f:8b:56:be:1d:3e:
1c:f9:08:f2:3f:63:54:47:d4:0e:ca:c8:9a:0b:94:b4:b2:df:
26:fe:a0:d4:df:5d:db:9b:1e:94:03:ea:90:ef:cd:5e:d2:fd:
3e:ff:05:71:4b:bc:2b:13:f9:a5:b6:00:8b:da:65:ce:02:4d:
ea:57:38:5c:56:8b:32:37:b9:b7:2d:c8:fe:72:33:78:65:57:
af:78:87:fc:b9:1d:fd:51:b9:ee:0b:7e:4e:07:79:ad:90:78:
0b:8d:46:3f:b1:54:f9:4c:24:38:16:2c:6d:dd:fb:fd:a8:54:
c7:54:0c:7e:64:9d:06:26:ed:08:31:61:fd:4e:3d:d7:4d:6e:
59:ba:2f:aa:33:93:27:33:61:59:ad:14:08:28:2a:ab:96:5b:
04:4e:7a:0e:43:ca:31:dd:84:c6:f1:02:69:88:b3:ed:bb:f7:
a7:80:24:ca:92:1a:e4:c3:76:a5:3f:86:91:22:1e:4b:86:13:
18:f5:05:c2:e1:c9:41:2d:74:2c:08:5d:4b:87:11:5d:88:45:
fb:3d:6f:35:c3:d1:41:c1:eb:db:95:28:e2:3e:74:cd:41:cb:
c3:b6:c5:a0:b7:d3:9b:c6:c4:92:0f:90:6d:67:01:57:c6:b9:
23:f4:45:cc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYu2I24sze4OIjwCcJFsOKwAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA5MjIxMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2I3NzQwMTdjNjg1MjNjYjRmYzg4YTEzNzgxNmEwZmY4YTliMjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtIALq93lcnhxYi8ojDzknPM/D50
KoZ8Ki6kgLnXha7hE/CoQt3rv+PTOQjpqdBVPLo3OOcIWRzLm3jo1C58ugazY1y3
QYAp9u+wUjpEqhgD5ZP8KKzc1O6/YVmp/tfisX29j0l622udwreT6/EGyVuvci1t
AiOJdI8wDsX3TDrfhGvy0h/oyngr63QS4f9UXSuRj/Xw3KrK79TKT4NZDuH2WWSj
4sy8q2fGehr15Uu6pEHwJbpck1/JoZv6t5SWVlyKk48x4UrMPbl8gm94HETrQZXC
4/r2LExGoj9U2a0SvTVsONZkBj3d/8udHx2dTzUA829glvZN/OkcAzgIvwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLy3dAF8aFI8tPyIoTeBag/4qbJzMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdkxkMEFYeG9VankwX0lpaE40RnFEX2lwc25NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALM6jAGWH6fTUS5QzS+L
Vr4dPhz5CPI/Y1RH1A7KyJoLlLSy3yb+oNTfXdubHpQD6pDvzV7S/T7/BXFLvCsT
+aW2AIvaZc4CTepXOFxWizI3ubctyP5yM3hlV694h/y5Hf1Rue4Lfk4Hea2QeAuN
Rj+xVPlMJDgWLG3d+/2oVMdUDH5knQYm7QgxYf1OPddNblm6L6ozkyczYVmtFAgo
KquWWwROeg5DyjHdhMbxAmmIs+2796eAJMqSGuTDdqU/hpEiHkuGExj1BcLhyUEt
dCwIXUuHEV2IRfs9bzXD0UHB69uVKOI+dM1By8O2xaC305vGxJIPkG1nAVfGuSP0
Rcw=
-----END CERTIFICATE-----
Generated at Sat May 10 12:22:57 2025 by rpki-client