Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/4ttk9DemH5h18X1yxCNjJh06Mqk.roa
File: 4ttk9DemH5h18X1yxCNjJh06Mqk.roa (raw, json)
Hash identifier: l5rt0xXB8jE244ibHOD+yVUUVYoHmz80WO9J0j+neVo=
Subject key identifier: E2:DB:64:F4:37:A6:1F:98:75:F1:7D:72:C4:23:63:26:1D:3A:32:A9
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B1422B50604D51A801B3B2C439BD9C6E5
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/4ttk9DemH5h18X1yxCNjJh06Mqk.roa
Signing time: Mon 09 Oct 2023 11:11:40 +0000
ROA not before: Mon 09 Oct 2023 11:11:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:14:22:b5:06:04:d5:1a:80:1b:3b:2c:43:9b:d9:c6:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 9 11:11:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2db64f437a61f9875f17d72c42363261d3a32a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:39:2d:2c:e3:79:18:40:02:41:ef:54:5a:a0:
ad:81:fd:d2:98:d2:9c:76:65:45:0e:de:38:81:46:
f3:ef:e8:e4:51:99:a7:5d:99:95:67:68:d5:1f:37:
25:24:30:f2:cb:95:81:9c:f9:e2:7c:c9:9c:49:d3:
c7:e3:fd:06:81:1e:2e:c6:c3:c0:d9:07:42:c1:0a:
d0:59:12:15:78:eb:89:39:3b:d1:86:79:35:8a:60:
3a:2f:3a:dc:c9:79:ff:c8:d6:51:b4:f1:b3:59:41:
b5:a0:fd:ae:c3:70:42:83:f2:0b:d0:60:2e:a9:d5:
3d:d8:1b:f1:8f:40:b7:0a:3b:14:57:a1:05:14:5b:
df:42:0c:5e:a6:a8:9b:e4:5f:91:53:c9:03:24:97:
55:64:14:59:70:28:07:89:17:58:8d:29:a1:62:25:
59:cb:9c:63:89:04:ee:85:17:46:80:c0:8b:a2:5b:
0b:3d:43:98:88:92:2a:d2:ac:83:02:36:7a:7e:f4:
5e:d6:5f:1d:a9:d7:84:3d:73:84:1a:b2:dc:0e:85:
b0:57:ca:1b:80:71:f5:a0:fe:55:9c:33:5f:34:f4:
a3:52:0d:08:e9:8f:78:f3:eb:b2:78:c2:f3:e8:d2:
80:f6:da:95:20:f1:96:52:68:2a:88:c0:f6:09:ca:
22:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:DB:64:F4:37:A6:1F:98:75:F1:7D:72:C4:23:63:26:1D:3A:32:A9
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/4ttk9DemH5h18X1yxCNjJh06Mqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
21:e1:39:34:9c:32:ec:dd:96:1f:12:3d:1a:e7:a7:49:74:89:
44:9b:24:b1:8c:34:59:51:6a:48:5b:bb:91:91:e2:7d:7b:86:
dd:d7:95:26:a2:c4:e0:6f:85:cd:3a:9a:03:2b:22:52:c1:a6:
27:8a:90:7b:26:da:22:e8:e7:06:69:80:10:f9:8e:4c:93:1f:
53:99:b2:9a:09:e4:a8:8b:7a:93:5a:08:8f:40:65:61:24:9f:
43:0f:a0:9a:2a:a9:94:dd:5c:24:1d:d7:38:2e:e5:e0:16:a1:
28:ba:ee:b5:eb:99:66:64:0d:c9:b7:0f:b2:ab:1f:54:23:50:
f7:f5:55:87:9a:27:fb:e6:f1:18:94:f4:c6:85:f4:e5:ef:bf:
2e:2e:92:6b:82:ab:c5:a7:22:b4:a9:0f:74:f5:35:9c:14:6f:
3f:f9:7b:db:22:87:f3:46:b3:5a:af:ac:b5:e5:39:02:1b:14:
e0:48:d3:91:03:83:cd:a4:e4:b3:7a:3a:9a:f8:73:9a:a9:b6:
07:03:83:99:41:04:91:1c:6a:da:77:7a:ee:57:45:70:33:a3:
cd:df:36:ed:f7:3b:42:cc:22:35:9b:98:42:10:ad:39:01:47:
6b:4b:05:5b:1d:39:64:88:6c:2a:80:ed:07:c5:3b:68:c5:d8:
5f:9b:19:8c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsUIrUGBNUagBs7LEOb2cblMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA5MTExMTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmRiNjRmNDM3YTYxZjk4NzVmMTdkNzJjNDIzNjMyNjFkM2EzMmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzktLON5GEACQe9UWqCtgf3SmNKc
dmVFDt44gUbz7+jkUZmnXZmVZ2jVHzclJDDyy5WBnPnifMmcSdPH4/0GgR4uxsPA
2QdCwQrQWRIVeOuJOTvRhnk1imA6LzrcyXn/yNZRtPGzWUG1oP2uw3BCg/IL0GAu
qdU92Bvxj0C3CjsUV6EFFFvfQgxepqib5F+RU8kDJJdVZBRZcCgHiRdYjSmhYiVZ
y5xjiQTuhRdGgMCLolsLPUOYiJIq0qyDAjZ6fvRe1l8dqdeEPXOEGrLcDoWwV8ob
gHH1oP5VnDNfNPSjUg0I6Y948+uyeMLz6NKA9tqVIPGWUmgqiMD2CcoiQwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOLbZPQ3ph+YdfF9csQjYyYdOjKpMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvNHR0azlEZW1INWgxOFgxeXhDTmpKaDA2TXFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACHhOTScMuzdlh8SPRrn
p0l0iUSbJLGMNFlRakhbu5GR4n17ht3XlSaixOBvhc06mgMrIlLBpieKkHsm2iLo
5wZpgBD5jkyTH1OZspoJ5KiLepNaCI9AZWEkn0MPoJoqqZTdXCQd1zgu5eAWoSi6
7rXrmWZkDcm3D7KrH1QjUPf1VYeaJ/vm8RiU9MaF9OXvvy4ukmuCq8WnIrSpD3T1
NZwUbz/5e9sih/NGs1qvrLXlOQIbFOBI05EDg82k5LN6Opr4c5qptgcDg5lBBJEc
atp3eu5XRXAzo83fNu33O0LMIjWbmEIQrTkBR2tLBVsdOWSIbCqA7QfFO2jF2F+b
GYw=
-----END CERTIFICATE-----
Generated at Mon May 12 18:42:13 2025 by rpki-client