Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1Rcdni_p7GTic3IHAnSvDtbTRDk.roa
File: 1Rcdni_p7GTic3IHAnSvDtbTRDk.roa (raw, json)
Hash identifier: aYffisVMHi1ibWddbp9Ua/Pmy28ejJJJygQ5g+hPW7k=
Subject key identifier: D5:17:1D:9E:2F:E9:EC:64:E2:73:72:07:02:74:AF:0E:D6:D3:44:39
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B6B7697F50508929731165557FA261B7A
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1Rcdni_p7GTic3IHAnSvDtbTRDk.roa
Signing time: Thu 26 Oct 2023 10:10:16 +0000
ROA not before: Thu 26 Oct 2023 10:10:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6b:76:97:f5:05:08:92:97:31:16:55:57:fa:26:1b:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 26 10:10:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5171d9e2fe9ec64e27372070274af0ed6d34439
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:10:07:79:52:af:70:16:23:c4:e1:ba:fa:fd:
20:59:4c:8d:ee:c9:5f:50:b0:01:56:d3:0f:f2:a4:
8c:ae:39:f9:31:77:13:c0:d9:13:ab:42:2a:03:e6:
81:4b:7d:f7:e7:b0:dc:32:1e:a9:2c:87:f4:99:4f:
e3:aa:79:c1:d8:e6:63:3d:69:76:49:7c:1a:93:c2:
f0:d7:ee:b9:0d:87:ad:60:fe:9d:c7:21:ae:2f:b4:
06:79:ee:42:b4:45:6f:87:c7:cf:43:42:1b:df:b7:
da:42:0b:57:7e:5d:03:ec:a0:38:6b:ce:f8:0d:b2:
4b:77:dd:e8:79:88:3c:bc:58:33:c3:d6:0b:dc:a7:
18:4f:27:57:50:68:bb:4d:cd:61:ca:67:33:bb:19:
5f:76:a7:26:02:8d:52:7b:0d:24:fc:bb:3d:ad:bc:
1b:7e:56:3e:88:51:41:5b:c0:b8:4e:a8:f2:f8:3e:
23:7e:de:41:dd:70:d1:fe:ce:d0:a6:66:5a:9b:21:
17:16:45:c7:07:0a:37:21:88:84:2e:48:ff:28:34:
34:2f:ea:25:f6:2d:25:fc:1c:80:8d:b0:a8:6d:1e:
19:06:4a:f2:e9:ac:1e:3a:7d:e6:fa:d6:29:0b:c8:
2c:c8:86:14:81:6c:cf:0c:40:bf:60:b6:3d:c8:b0:
5b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:17:1D:9E:2F:E9:EC:64:E2:73:72:07:02:74:AF:0E:D6:D3:44:39
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1Rcdni_p7GTic3IHAnSvDtbTRDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c2:83:d5:85:42:c4:bb:83:64:a3:32:fe:1c:02:e6:0e:33:32:
0c:63:12:af:ae:80:d6:68:68:90:b2:cb:8a:27:31:d2:f9:f9:
84:d3:2f:df:cf:69:cb:d9:02:7a:49:60:92:69:e1:d3:52:19:
7e:15:65:13:1d:b9:08:f7:48:8c:dc:cb:a8:c2:6a:63:86:3e:
7d:3a:62:39:34:22:cf:8e:09:b5:92:33:8b:85:13:f0:d0:ce:
3b:50:0f:ef:d7:b5:33:3f:d5:84:22:ac:68:ec:1e:33:75:2c:
71:f3:81:78:b5:af:f0:66:60:14:e9:4b:a8:42:6d:c5:b4:e2:
31:49:e8:63:ea:0d:46:d4:e4:28:e2:04:c2:c7:bb:73:08:43:
61:c8:6d:fd:f7:63:77:c8:10:20:8f:c4:3f:14:9b:6b:54:48:
f3:9c:cf:0e:5b:9e:06:e3:cd:ea:55:06:5a:76:ef:52:55:b7:
ec:34:cd:7c:13:8d:7f:94:68:91:8d:72:7a:14:6a:e2:86:7a:
7f:b6:a0:07:0e:59:b8:c0:26:25:d5:f8:f1:1e:b0:85:4a:ff:
c2:d1:de:3a:88:5b:91:14:e2:94:11:27:72:c3:ee:8d:a4:23:
3c:96:88:5e:97:dc:e1:b4:27:5c:24:bd:2b:fb:bf:55:e1:82:
f3:a9:2c:fb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtrdpf1BQiSlzEWVVf6Jht6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI2MTAxMDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTE3MWQ5ZTJmZTllYzY0ZTI3MzcyMDcwMjc0YWYwZWQ2ZDM0NDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRAHeVKvcBYjxOG6+v0gWUyN7slf
ULABVtMP8qSMrjn5MXcTwNkTq0IqA+aBS33357DcMh6pLIf0mU/jqnnB2OZjPWl2
SXwak8Lw1+65DYetYP6dxyGuL7QGee5CtEVvh8fPQ0Ib37faQgtXfl0D7KA4a874
DbJLd93oeYg8vFgzw9YL3KcYTydXUGi7Tc1hymczuxlfdqcmAo1Sew0k/Ls9rbwb
flY+iFFBW8C4Tqjy+D4jft5B3XDR/s7QpmZamyEXFkXHBwo3IYiELkj/KDQ0L+ol
9i0l/ByAjbCobR4ZBkry6aweOn3m+tYpC8gsyIYUgWzPDEC/YLY9yLBbswIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNUXHZ4v6exk4nNyBwJ0rw7W00Q5MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMVJjZG5pX3A3R1RpYzNJSEFuU3ZEdGJUUkRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMKD1YVCxLuDZKMy/hwC
5g4zMgxjEq+ugNZoaJCyy4onMdL5+YTTL9/PacvZAnpJYJJp4dNSGX4VZRMduQj3
SIzcy6jCamOGPn06Yjk0Is+OCbWSM4uFE/DQzjtQD+/XtTM/1YQirGjsHjN1LHHz
gXi1r/BmYBTpS6hCbcW04jFJ6GPqDUbU5CjiBMLHu3MIQ2HIbf33Y3fIECCPxD8U
m2tUSPOczw5bngbjzepVBlp271JVt+w0zXwTjX+UaJGNcnoUauKGen+2oAcOWbjA
JiXV+PEesIVK/8LR3jqIW5EU4pQRJ3LD7o2kIzyWiF6X3OG0J1wkvSv7v1XhgvOp
LPs=
-----END CERTIFICATE-----
Generated at Sun May 11 13:51:11 2025 by rpki-client