Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/vPWFjN7zPxLehZwyvik5iEKYtFE.roa
File: vPWFjN7zPxLehZwyvik5iEKYtFE.roa (raw, json)
Hash identifier: r/Tj4PheJQCV4O77HQdVMrnL5p6PoVmbruALmLbZkV8=
Subject key identifier: BC:F5:85:8C:DE:F3:3F:12:DE:85:9C:32:BE:29:39:88:42:98:B4:51
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BC3A820B91EFD0269173C005A35004947
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/vPWFjN7zPxLehZwyvik5iEKYtFE.roa
Signing time: Sun 12 Nov 2023 13:10:57 +0000
ROA not before: Sun 12 Nov 2023 13:10:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c3:a8:20:b9:1e:fd:02:69:17:3c:00:5a:35:00:49:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 12 13:10:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bcf5858cdef33f12de859c32be2939884298b451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:43:06:73:ff:94:7f:02:89:0c:d8:07:e1:d8:
45:e2:9c:e3:ca:1a:fd:91:3f:60:b6:d5:05:99:c9:
13:45:00:b6:22:52:f2:34:7e:4e:4f:27:e6:0b:52:
85:c7:e8:21:a7:f7:9d:cc:0b:ef:a0:d4:6b:ed:4e:
96:88:59:c3:de:e9:c6:f4:c5:be:a2:e7:35:3f:5e:
2b:72:cc:8c:e6:59:44:3f:8d:e1:97:e4:3d:8d:44:
c1:63:1c:99:39:44:07:ca:c8:d8:b5:da:ee:04:19:
39:3e:48:2e:59:8a:22:06:ce:bc:d8:3e:4d:8a:38:
2e:68:47:e9:e2:e0:b4:06:92:e6:85:a3:e7:16:5d:
1d:a8:0c:65:f4:63:a7:3b:d9:83:b3:34:3e:60:6b:
b4:78:88:62:89:ab:a3:44:4b:e1:de:a0:d6:c7:e4:
67:40:f9:fd:91:c1:b6:d9:c1:8e:eb:57:e5:1a:bd:
ef:83:53:23:40:ef:ae:9c:06:a6:97:ed:bf:33:36:
2f:95:d5:fe:40:20:9e:c0:b2:17:c0:f6:25:85:5c:
ec:6f:4a:28:88:6d:61:75:57:59:15:e8:c9:a4:6c:
7a:68:41:19:31:92:92:dd:01:a9:d7:0c:24:42:7d:
28:42:4c:02:24:36:5b:9e:e6:04:54:62:10:e4:d2:
37:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:F5:85:8C:DE:F3:3F:12:DE:85:9C:32:BE:29:39:88:42:98:B4:51
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/vPWFjN7zPxLehZwyvik5iEKYtFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9e:33:23:c9:21:34:4c:24:60:54:76:bf:26:f3:97:73:f9:9b:
43:0e:65:75:6f:c8:77:43:7b:cb:49:50:da:7e:ea:4d:78:d4:
09:17:d5:2e:8a:1f:e0:45:8e:af:80:22:0d:69:4e:71:7b:a6:
2b:9c:83:72:63:13:1e:03:39:3a:c5:35:58:a4:eb:ce:a6:e8:
b6:e8:48:47:b8:99:91:5a:f3:e4:d9:a5:61:7b:73:5e:1c:3c:
ac:5f:b5:72:02:d5:55:6a:12:62:51:58:6f:4c:ab:5e:59:7d:
be:8f:29:40:46:c6:e9:d2:5a:26:e1:1c:ad:06:9d:67:da:7f:
f6:0c:27:d5:ea:2d:77:f4:51:58:7f:c1:7b:b1:3b:a0:cc:57:
a6:ec:ae:65:a1:10:f9:a8:3a:f5:55:e2:43:01:ed:1d:1e:69:
4d:10:e5:e6:1b:9c:b2:8a:41:c6:54:6e:9d:08:3d:2e:c2:a1:
66:ac:d6:1e:07:a9:97:ea:4a:1d:7a:48:cc:c4:c6:c7:4b:e9:
8f:15:b6:c0:fe:ce:3f:37:d1:5a:fa:66:d5:b2:b9:8c:60:e1:
03:50:5d:a9:d3:7a:89:8f:6d:d6:cb:f2:a0:9d:2f:16:e4:f0:
c2:f2:64:69:bd:c3:d2:19:99:97:87:d3:4c:5b:a3:8c:ff:d6:
3c:55:4c:99
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvDqCC5Hv0CaRc8AFo1AElHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTEyMTMxMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2Y1ODU4Y2RlZjMzZjEyZGU4NTljMzJiZTI5Mzk4ODQyOThiNDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEMGc/+UfwKJDNgH4dhF4pzjyhr9
kT9gttUFmckTRQC2IlLyNH5OTyfmC1KFx+ghp/edzAvvoNRr7U6WiFnD3unG9MW+
ouc1P14rcsyM5llEP43hl+Q9jUTBYxyZOUQHysjYtdruBBk5PkguWYoiBs682D5N
ijguaEfp4uC0BpLmhaPnFl0dqAxl9GOnO9mDszQ+YGu0eIhiiaujREvh3qDWx+Rn
QPn9kcG22cGO61flGr3vg1MjQO+unAaml+2/MzYvldX+QCCewLIXwPYlhVzsb0oo
iG1hdVdZFejJpGx6aEEZMZKS3QGp1wwkQn0oQkwCJDZbnuYEVGIQ5NI3fwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLz1hYze8z8S3oWcMr4pOYhCmLRRMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdlBXRmpON3pQeExlaFp3eXZpazVpRUtZdEZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ4zI8khNEwkYFR2vybz
l3P5m0MOZXVvyHdDe8tJUNp+6k141AkX1S6KH+BFjq+AIg1pTnF7piucg3JjEx4D
OTrFNVik686m6LboSEe4mZFa8+TZpWF7c14cPKxftXIC1VVqEmJRWG9Mq15Zfb6P
KUBGxunSWibhHK0GnWfaf/YMJ9XqLXf0UVh/wXuxO6DMV6bsrmWhEPmoOvVV4kMB
7R0eaU0Q5eYbnLKKQcZUbp0IPS7CoWas1h4HqZfqSh16SMzExsdL6Y8VtsD+zj83
0Vr6ZtWyuYxg4QNQXanTeomPbdbL8qCdLxbk8MLyZGm9w9IZmZeH00xbo4z/1jxV
TJk=
-----END CERTIFICATE-----
Generated at Mon May 12 07:29:06 2025 by rpki-client