Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/4uiiry0xCzxprlXoDCIigRZ-zMg.roa
File: 4uiiry0xCzxprlXoDCIigRZ-zMg.roa (raw, json)
Hash identifier: NacP9dSjyHIZ1d/00GRYsmbzWu4J2TESjWYo5GLMze8=
Subject key identifier: E2:E8:A2:AF:2D:31:0B:3C:69:AE:55:E8:0C:22:22:81:16:7E:CC:C8
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ACE5F75F40646A159D203D347D00E13C2
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/4uiiry0xCzxprlXoDCIigRZ-zMg.roa
Signing time: Mon 25 Sep 2023 22:04:37 +0000
ROA not before: Mon 25 Sep 2023 22:04:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:ce5f:583a/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ce:5f:75:f4:06:46:a1:59:d2:03:d3:47:d0:0e:13:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 25 22:04:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2e8a2af2d310b3c69ae55e80c222281167eccc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:fb:bd:01:7c:a9:a7:be:1c:32:c1:41:28:82:
95:2f:2c:5a:b7:e1:39:ac:40:e9:6a:d2:4c:87:04:
84:66:83:21:76:28:6b:80:95:e4:fe:50:5a:e6:6c:
e6:d4:e4:a8:fa:00:74:19:70:b5:e3:93:b2:41:e3:
d9:14:2c:6b:15:40:13:79:d0:37:51:a2:c7:c6:af:
d5:eb:44:55:0e:19:91:30:21:06:9c:5c:f6:1b:81:
0d:d9:f8:b2:81:ca:ff:99:f1:bb:15:7a:c0:20:01:
1f:cb:05:d1:ac:45:06:68:15:19:4e:ae:43:d3:8a:
1a:30:f1:67:e9:3d:c7:6a:19:45:dc:96:02:2d:2f:
c5:3f:2d:18:a5:e5:84:be:d4:0b:60:95:6c:a3:7a:
48:6c:1b:51:9a:68:6a:48:29:19:c7:dc:98:91:9c:
e0:11:21:91:13:0d:07:27:be:a8:f7:a8:91:bc:51:
d2:ba:ad:32:fa:ac:57:71:ee:79:8c:69:1d:c9:5f:
96:97:46:08:b8:8b:26:3b:2f:66:f5:29:1e:c0:f4:
c6:e7:02:f4:40:39:66:8c:5e:b9:72:bd:8a:a1:65:
eb:dd:cd:1d:60:ae:6f:16:ca:03:28:80:eb:09:6e:
9e:7b:fe:64:b1:37:77:28:5b:b8:9a:ac:23:a3:72:
c6:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:E8:A2:AF:2D:31:0B:3C:69:AE:55:E8:0C:22:22:81:16:7E:CC:C8
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/4uiiry0xCzxprlXoDCIigRZ-zMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
67:38:99:90:ff:c8:90:3a:80:73:8c:f2:8e:ac:f2:96:3f:f3:
a9:b1:79:a1:f8:5e:dc:92:63:b8:d5:f6:6b:90:2b:ce:03:0b:
b2:e3:48:c5:08:33:42:78:be:77:7c:8c:d3:1f:2a:30:68:b6:
67:e8:a9:fb:df:f1:d4:15:97:04:87:a0:97:67:2d:c5:24:15:
ab:15:01:54:e2:6d:9a:7a:21:82:c9:ff:cd:69:a0:2e:74:fd:
89:ca:fe:c0:88:3d:90:a6:d6:83:27:95:65:9f:67:bc:71:d5:
20:27:0e:6e:77:4b:93:e4:4f:db:d9:d6:bc:3b:29:b8:e4:29:
d8:61:fe:ec:ac:f8:9b:4f:23:08:70:32:c3:09:70:75:19:73:
fa:28:fa:fd:a1:8f:7e:1d:c7:15:eb:b9:75:ac:68:28:3c:88:
31:21:c7:1e:7c:6a:bb:da:52:1b:42:44:3c:8e:cd:4a:d5:7d:
8a:6c:d6:19:4f:ab:d5:cf:fd:1f:59:e9:bd:01:2b:83:60:9e:
6c:40:0f:33:c2:c0:02:0e:45:fe:3d:20:0a:9d:f6:e8:42:55:
e9:66:0e:1a:79:c7:9c:bf:a5:66:79:88:23:3e:f8:4f:c3:1e:
9a:b3:e0:d2:33:1e:fb:08:2f:f1:b3:2a:26:cc:1d:87:36:79:
85:e1:79:2c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrOX3X0BkahWdID00fQDhPCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI1MjIwNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmU4YTJhZjJkMzEwYjNjNjlhZTU1ZTgwYzIyMjI4MTE2N2VjY2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2vu9AXypp74cMsFBKIKVLyxat+E5
rEDpatJMhwSEZoMhdihrgJXk/lBa5mzm1OSo+gB0GXC145OyQePZFCxrFUATedA3
UaLHxq/V60RVDhmRMCEGnFz2G4EN2fiygcr/mfG7FXrAIAEfywXRrEUGaBUZTq5D
04oaMPFn6T3HahlF3JYCLS/FPy0YpeWEvtQLYJVso3pIbBtRmmhqSCkZx9yYkZzg
ESGREw0HJ76o96iRvFHSuq0y+qxXce55jGkdyV+Wl0YIuIsmOy9m9SkewPTG5wL0
QDlmjF65cr2KoWXr3c0dYK5vFsoDKIDrCW6ee/5ksTd3KFu4mqwjo3LGxQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOLooq8tMQs8aa5V6AwiIoEWfszIMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvNHVpaXJ5MHhDenhwcmxYb0RDSWlnUlotek1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGc4mZD/yJA6gHOM8o6s
8pY/86mxeaH4XtySY7jV9muQK84DC7LjSMUIM0J4vnd8jNMfKjBotmfoqfvf8dQV
lwSHoJdnLcUkFasVAVTibZp6IYLJ/81poC50/YnK/sCIPZCm1oMnlWWfZ7xx1SAn
Dm53S5PkT9vZ1rw7KbjkKdhh/uys+JtPIwhwMsMJcHUZc/oo+v2hj34dxxXruXWs
aCg8iDEhxx58arvaUhtCRDyOzUrVfYps1hlPq9XP/R9Z6b0BK4NgnmxADzPCwAIO
Rf49IAqd9uhCVelmDhp5x5y/pWZ5iCM++E/DHpqz4NIzHvsIL/GzKibMHYc2eYXh
eSw=
-----END CERTIFICATE-----
Generated at Sun May 11 10:36:18 2025 by rpki-client