Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1pRzsDqfGCG-OQHs5EYb0o1hHK0.roa
File: 1pRzsDqfGCG-OQHs5EYb0o1hHK0.roa (raw, json)
Hash identifier: IxsqRdP/3PicQpU0lyVn7+IrTX07VAtOWmdXbA842/Q=
Subject key identifier: D6:94:73:B0:3A:9F:18:21:BE:39:01:EC:E4:46:1B:D2:8D:61:1C:AD
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C1424E4ED139BDFA51E260574ED8F055C
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1pRzsDqfGCG-OQHs5EYb0o1hHK0.roa
Signing time: Tue 28 Nov 2023 04:16:51 +0000
ROA not before: Tue 28 Nov 2023 04:16:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:14:24:e4:ed:13:9b:df:a5:1e:26:05:74:ed:8f:05:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 28 04:16:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d69473b03a9f1821be3901ece4461bd28d611cad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a3:88:ce:bb:97:f3:83:e4:8c:2a:74:3a:a2:
ad:33:c7:d4:81:d5:1d:32:94:d4:19:ba:eb:c1:7e:
fe:18:32:be:4b:7a:f9:07:d9:34:ec:62:89:fb:fc:
cb:fe:ce:cc:24:42:10:07:86:a0:b4:4d:15:4d:51:
3b:8e:d7:20:12:76:89:c1:31:d9:f8:35:e3:b3:db:
5c:78:57:05:64:84:7e:a1:36:8a:33:94:63:97:1d:
69:2d:e8:26:8c:28:39:14:73:30:82:f3:df:6a:7a:
9b:d5:36:52:74:26:6f:49:8f:73:a2:84:26:a8:e8:
e4:53:7d:6b:11:98:ce:3e:a0:cc:97:c3:46:7d:83:
b4:29:14:12:cb:21:84:8c:11:20:51:4e:79:d6:6c:
d4:bc:83:b1:d4:1f:88:9e:4e:08:75:db:30:1e:29:
03:b5:d0:48:ec:dc:ed:a4:71:c6:46:20:57:10:97:
39:19:c3:3e:5e:c8:a0:11:3f:38:44:03:9f:06:43:
cf:70:5a:80:ba:b0:4a:c4:9f:fe:85:70:f1:89:c5:
c9:03:a6:b4:17:2e:a4:fb:d8:a8:29:c8:51:95:93:
8a:d5:0e:c4:7e:23:53:2c:b8:d5:d5:6b:e2:d8:1a:
9a:7b:13:88:c1:45:93:85:be:56:34:89:42:1e:3a:
1e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:94:73:B0:3A:9F:18:21:BE:39:01:EC:E4:46:1B:D2:8D:61:1C:AD
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1pRzsDqfGCG-OQHs5EYb0o1hHK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
27:06:a3:a1:25:d7:04:9e:cb:be:81:46:3c:22:fb:4f:70:ac:
6e:bc:f1:7d:59:8f:30:6a:2d:ec:ec:4e:d6:a3:4b:0c:20:a2:
ea:c4:f9:83:d3:bc:86:a3:dc:aa:5c:06:41:c1:df:1c:4f:70:
33:56:6c:d1:62:52:1a:ec:bd:c1:8e:84:f6:cd:da:3b:84:f3:
f0:99:61:59:bd:75:6d:19:e5:e1:f8:7f:4d:5e:58:51:e3:86:
2e:4f:d9:8a:71:73:5b:9e:1b:44:85:b6:4e:f8:74:82:b1:b1:
f3:bf:ea:35:66:f6:35:4e:89:5c:70:9a:e9:76:f3:ef:d3:f9:
ef:4e:13:78:c0:a6:ea:ba:5d:3c:47:62:7c:7d:86:76:f3:ff:
67:9a:29:4d:d2:41:4b:13:1f:4f:83:44:e1:65:2a:3c:20:07:
b8:90:95:72:17:73:b3:47:89:4e:4f:79:fa:ae:e2:42:5e:11:
0e:64:65:73:48:9a:d4:2f:d6:cc:b8:25:28:33:38:ab:b7:5a:
6b:bd:69:fe:c2:ef:2b:ca:f1:0e:aa:92:18:ef:c0:06:e5:17:
fd:0c:45:9b:b1:ff:c1:32:be:c1:3c:32:be:5b:7d:88:71:2d:
b1:3a:1b:ad:87:37:cc:67:35:46:96:1f:82:78:ba:5f:31:df:
89:c3:0e:56
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwUJOTtE5vfpR4mBXTtjwVcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI4MDQxNjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjk0NzNiMDNhOWYxODIxYmUzOTAxZWNlNDQ2MWJkMjhkNjExY2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6OIzruX84PkjCp0OqKtM8fUgdUd
MpTUGbrrwX7+GDK+S3r5B9k07GKJ+/zL/s7MJEIQB4agtE0VTVE7jtcgEnaJwTHZ
+DXjs9tceFcFZIR+oTaKM5Rjlx1pLegmjCg5FHMwgvPfanqb1TZSdCZvSY9zooQm
qOjkU31rEZjOPqDMl8NGfYO0KRQSyyGEjBEgUU551mzUvIOx1B+Ink4IddswHikD
tdBI7NztpHHGRiBXEJc5GcM+XsigET84RAOfBkPPcFqAurBKxJ/+hXDxicXJA6a0
Fy6k+9ioKchRlZOK1Q7EfiNTLLjV1Wvi2BqaexOIwUWThb5WNIlCHjoeLQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNaUc7A6nxghvjkB7ORGG9KNYRytMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMXBSenNEcWZHQ0ctT1FIczVFWWIwbzFoSEswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACcGo6El1wSey76BRjwi
+09wrG688X1ZjzBqLezsTtajSwwgourE+YPTvIaj3KpcBkHB3xxPcDNWbNFiUhrs
vcGOhPbN2juE8/CZYVm9dW0Z5eH4f01eWFHjhi5P2Ypxc1ueG0SFtk74dIKxsfO/
6jVm9jVOiVxwmul28+/T+e9OE3jApuq6XTxHYnx9hnbz/2eaKU3SQUsTH0+DROFl
KjwgB7iQlXIXc7NHiU5Pefqu4kJeEQ5kZXNImtQv1sy4JSgzOKu3Wmu9af7C7yvK
8Q6qkhjvwAblF/0MRZux/8EyvsE8Mr5bfYhxLbE6G62HN8xnNUaWH4J4ul8x34nD
DlY=
-----END CERTIFICATE-----
Generated at Wed May 14 05:18:44 2025 by rpki-client