Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/fSGTvxkftSG-ni-1hIQjptnzVwQ.roa
File: fSGTvxkftSG-ni-1hIQjptnzVwQ.roa (raw, json)
Hash identifier: 3USwgxQfiLM5U1f4R93viyooUuiheYoxqudJeDWbmdU=
Subject key identifier: 7D:21:93:BF:19:1F:B5:21:BE:9E:2F:B5:84:84:23:A6:D9:F3:57:04
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AE02F21BA8326F0E38D75BF56B0BB2ADB
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/fSGTvxkftSG-ni-1hIQjptnzVwQ.roa
Signing time: Fri 29 Sep 2023 09:04:59 +0000
ROA not before: Fri 29 Sep 2023 09:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:e02e:a662/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e0:2f:21:ba:83:26:f0:e3:8d:75:bf:56:b0:bb:2a:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 29 09:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7d2193bf191fb521be9e2fb5848423a6d9f35704
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:14:2b:5e:aa:98:dc:6d:6b:75:8d:dc:41:ce:
7a:83:c0:73:f3:a7:7d:1c:81:87:ad:72:45:42:1e:
e1:83:2f:76:c7:04:97:e0:c8:48:cc:23:56:97:47:
64:96:13:bf:b9:66:07:02:18:00:d5:92:d0:df:88:
a3:96:0a:60:3f:c6:b4:ab:ca:ea:cb:47:0b:f9:7b:
ee:b6:24:d4:1b:71:86:c9:39:6b:db:47:42:ba:be:
4a:0d:8d:4a:a9:d4:56:6a:d4:ae:f1:0d:25:72:7a:
4f:64:32:25:fd:7a:5f:d2:8e:2e:73:55:e8:0a:35:
3e:92:e3:ee:8b:ca:f1:14:19:64:e3:b7:94:9b:a3:
24:9f:e2:0c:c0:52:1e:8f:d0:46:f3:f1:7c:ad:06:
9a:2c:ea:e6:b8:a1:5d:28:45:6f:80:81:81:54:44:
f5:d2:be:18:f4:73:53:5b:b9:95:4c:0b:fc:a7:6d:
2f:a3:b6:70:03:a1:df:be:1d:20:8b:82:00:31:63:
40:81:1b:3e:e2:f7:72:7a:e8:b6:7a:f2:c9:91:e6:
bd:61:5d:25:89:6e:df:37:01:55:ca:8c:f4:7c:6b:
63:60:55:b3:e4:e8:0b:bf:f0:6f:6d:46:e6:54:89:
e4:d7:00:d3:de:8d:6c:e1:7d:43:a6:55:c2:0a:fa:
a8:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:21:93:BF:19:1F:B5:21:BE:9E:2F:B5:84:84:23:A6:D9:F3:57:04
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/fSGTvxkftSG-ni-1hIQjptnzVwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
d2:94:9e:bd:54:79:09:16:11:eb:a9:83:0d:1b:c6:3e:1c:05:
ac:a7:2f:24:89:59:e2:da:0f:f7:fc:93:7f:0e:f3:6a:94:a6:
36:00:cb:04:30:06:8b:4f:9f:34:bc:74:6c:ed:68:8a:4d:e5:
48:c1:cb:cc:ea:8b:d1:65:e1:59:b3:9f:a5:bd:14:f4:1c:cd:
96:51:39:ea:3a:4a:f6:e8:36:12:6d:47:8b:42:03:08:61:49:
08:41:dd:88:1b:2f:48:80:8e:2e:5a:45:e2:a6:99:67:74:60:
79:bb:b2:60:57:cf:1e:4b:d8:ca:52:34:c8:46:ff:8a:ad:a1:
0b:3f:b3:89:7f:de:62:7e:0d:71:12:c0:60:28:39:2f:a2:de:
c1:c8:2a:ea:b6:6f:7d:49:02:b7:49:a3:d5:b9:20:98:77:9a:
5b:5a:a8:78:b1:ac:b9:37:59:d5:64:60:71:2f:80:5b:61:0e:
80:8f:f7:b7:55:84:1a:f8:f3:1a:c9:9d:54:58:f8:b0:f7:cc:
5c:6c:68:24:b3:87:fe:3b:1d:0b:4d:d9:31:fc:94:c9:ea:6e:
43:f7:41:3c:2b:1b:3f:40:24:45:de:38:99:3d:0f:6e:25:74:
da:34:8a:a8:f4:65:55:bd:3e:ae:cb:d3:89:81:60:0d:b0:57:
e9:1f:59:16
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrgLyG6gybw4411v1awuyrbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI5MDkwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDIxOTNiZjE5MWZiNTIxYmU5ZTJmYjU4NDg0MjNhNmQ5ZjM1NzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7hQrXqqY3G1rdY3cQc56g8Bz86d9
HIGHrXJFQh7hgy92xwSX4MhIzCNWl0dklhO/uWYHAhgA1ZLQ34ijlgpgP8a0q8rq
y0cL+XvutiTUG3GGyTlr20dCur5KDY1KqdRWatSu8Q0lcnpPZDIl/Xpf0o4uc1Xo
CjU+kuPui8rxFBlk47eUm6Mkn+IMwFIej9BG8/F8rQaaLOrmuKFdKEVvgIGBVET1
0r4Y9HNTW7mVTAv8p20vo7ZwA6Hfvh0gi4IAMWNAgRs+4vdyeui2evLJkea9YV0l
iW7fNwFVyoz0fGtjYFWz5OgLv/BvbUbmVInk1wDT3o1s4X1DplXCCvqoEQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH0hk78ZH7Uhvp4vtYSEI6bZ81cEMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZlNHVHZ4a2Z0U0ctbmktMWhJUWpwdG56VndRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBANKUnr1UeQkWEeupgw0b
xj4cBaynLySJWeLaD/f8k38O82qUpjYAywQwBotPnzS8dGztaIpN5UjBy8zqi9Fl
4Vmzn6W9FPQczZZROeo6SvboNhJtR4tCAwhhSQhB3YgbL0iAji5aReKmmWd0YHm7
smBXzx5L2MpSNMhG/4qtoQs/s4l/3mJ+DXESwGAoOS+i3sHIKuq2b31JArdJo9W5
IJh3mltaqHixrLk3WdVkYHEvgFthDoCP97dVhBr48xrJnVRY+LD3zFxsaCSzh/47
HQtN2TH8lMnqbkP3QTwrGz9AJEXeOJk9D24ldNo0iqj0ZVW9Pq7L04mBYA2wV+kf
WRY=
-----END CERTIFICATE-----
Generated at Thu Jun 19 05:05:22 2025 by rpki-client