Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/vdHKEYXhn3ywHhNtKqW0nAO2agM.roa
File: vdHKEYXhn3ywHhNtKqW0nAO2agM.roa (raw, json)
Hash identifier: U1wQ7imTWlVGDu47PG6zj3mT/FV1Q9AxCC/hZ/SdxFg=
Subject key identifier: BD:D1:CA:11:85:E1:9F:7C:B0:1E:13:6D:2A:A5:B4:9C:03:B6:6A:03
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B07AA50129AAF464728D9046B0C0DDEEA
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/vdHKEYXhn3ywHhNtKqW0nAO2agM.roa
Signing time: Sat 07 Oct 2023 01:04:43 +0000
ROA not before: Sat 07 Oct 2023 01:04:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18b:7aa:3b59/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:07:aa:50:12:9a:af:46:47:28:d9:04:6b:0c:0d:de:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 7 01:04:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bdd1ca1185e19f7cb01e136d2aa5b49c03b66a03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:42:1d:9a:07:62:e6:19:ab:29:da:cd:b0:3a:
1d:c5:47:75:a9:9c:a9:1f:76:64:fd:73:78:5e:c5:
31:b5:29:cf:81:6d:f7:3f:99:bd:51:1e:f7:c2:09:
1a:4f:90:0a:54:6f:1c:63:e1:ce:4c:15:ae:e8:47:
0b:ea:03:d1:af:19:85:ba:26:93:4a:dc:2c:41:bc:
68:fe:94:e1:d3:73:2f:55:62:a0:53:ae:ba:34:b0:
7b:a6:cd:87:db:ed:9b:5f:44:4f:8f:ac:d3:b8:4f:
01:8b:97:1e:3c:5d:a9:bb:b0:3f:1d:0a:ad:23:55:
99:49:e8:31:dc:65:61:0e:1e:b7:6b:af:43:8d:77:
de:fd:b2:62:49:50:5c:3f:e8:98:94:24:1d:72:5c:
5a:65:ed:df:a9:4f:d2:2f:c7:84:e3:de:56:5e:4d:
64:aa:a2:30:22:56:06:c4:8c:1f:d9:38:9a:64:b8:
a4:bf:3f:a2:9a:8e:06:da:ff:7c:ce:4e:db:3f:4d:
c8:73:05:c1:c5:f3:d8:65:b4:da:a1:c1:79:9b:60:
53:a6:c9:75:b5:0a:d3:0e:cc:4f:19:3b:cd:4d:de:
06:9e:0d:31:89:e3:e3:82:55:9d:ad:d8:94:d1:92:
c1:b4:5a:77:92:7c:21:dc:10:df:00:e5:00:d2:dc:
be:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:D1:CA:11:85:E1:9F:7C:B0:1E:13:6D:2A:A5:B4:9C:03:B6:6A:03
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/vdHKEYXhn3ywHhNtKqW0nAO2agM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a4:5b:82:74:01:e2:aa:81:a3:24:63:bf:c8:08:79:21:5e:4f:
65:1b:fc:32:4c:1d:20:6f:9f:2c:6a:63:73:17:68:2c:c1:db:
6d:69:49:a0:e2:94:ce:9d:46:c8:de:64:bf:40:94:ee:97:66:
b6:b4:db:b4:a5:e5:01:ee:41:ad:9f:d8:7d:84:2c:d5:50:3d:
5c:62:ee:a1:f3:67:77:94:45:23:b4:9d:4b:2d:30:e6:9d:26:
3c:eb:3e:57:2b:b0:75:14:88:9c:b1:8b:80:7a:f7:56:e0:34:
c2:b4:c9:19:d2:ea:93:ac:fc:ab:28:7c:8b:1a:a9:79:9c:45:
c6:e4:e8:47:15:a7:03:4e:3f:aa:61:90:b2:95:fc:60:70:59:
fd:4e:a5:74:60:b4:7a:0e:a4:74:8d:a7:01:ff:fa:b6:62:0f:
68:66:0f:c9:fc:7d:fd:7d:bc:81:7c:3c:b6:48:dc:b7:02:c7:
fb:b5:23:62:9b:56:7d:20:fb:b6:d9:0b:d3:55:51:0f:81:74:
2b:22:d1:be:9d:90:23:3c:20:a4:99:b0:8a:d5:eb:5f:82:b4:
2a:4e:b4:47:d8:b4:f6:83:56:13:71:59:f5:bf:2f:ef:25:16:
e6:22:5a:22:15:b1:c5:37:05:23:33:98:61:b1:9c:4b:9e:8f:
e9:f6:a4:a2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsHqlASmq9GRyjZBGsMDd7qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA3MDEwNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGQxY2ExMTg1ZTE5ZjdjYjAxZTEzNmQyYWE1YjQ5YzAzYjY2YTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgUIdmgdi5hmrKdrNsDodxUd1qZyp
H3Zk/XN4XsUxtSnPgW33P5m9UR73wgkaT5AKVG8cY+HOTBWu6EcL6gPRrxmFuiaT
StwsQbxo/pTh03MvVWKgU666NLB7ps2H2+2bX0RPj6zTuE8Bi5cePF2pu7A/HQqt
I1WZSegx3GVhDh63a69DjXfe/bJiSVBcP+iYlCQdclxaZe3fqU/SL8eE495WXk1k
qqIwIlYGxIwf2TiaZLikvz+imo4G2v98zk7bP03IcwXBxfPYZbTaocF5m2BTpsl1
tQrTDsxPGTvNTd4Gng0xiePjglWdrdiU0ZLBtFp3knwh3BDfAOUA0ty+sQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL3RyhGF4Z98sB4TbSqltJwDtmoDMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdmRIS0VZWGhuM3l3SGhOdEtxVzBuQU8yYWdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKRbgnQB4qqBoyRjv8gI
eSFeT2Ub/DJMHSBvnyxqY3MXaCzB221pSaDilM6dRsjeZL9AlO6XZra027Sl5QHu
Qa2f2H2ELNVQPVxi7qHzZ3eURSO0nUstMOadJjzrPlcrsHUUiJyxi4B691bgNMK0
yRnS6pOs/KsofIsaqXmcRcbk6EcVpwNOP6phkLKV/GBwWf1OpXRgtHoOpHSNpwH/
+rZiD2hmD8n8ff19vIF8PLZI3LcCx/u1I2KbVn0g+7bZC9NVUQ+BdCsi0b6dkCM8
IKSZsIrV61+CtCpOtEfYtPaDVhNxWfW/L+8lFuYiWiIVscU3BSMzmGGxnEuej+n2
pKI=
-----END CERTIFICATE-----
Generated at Wed May 14 21:23:28 2025 by rpki-client