Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/A2P0u9xYgNIINUVF5M3dAEISifU.roa
File: A2P0u9xYgNIINUVF5M3dAEISifU.roa (raw, json)
Hash identifier: /wjJEGFBYKyTOq4G8PK4S2BBevtkPG+23c7POS5pIe0=
Subject key identifier: 03:63:F4:BB:DC:58:80:D2:08:35:45:45:E4:CD:DD:00:42:12:89:F5
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C028C4A9F82075AD8B35E26FD50E3E837
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/A2P0u9xYgNIINUVF5M3dAEISifU.roa
Signing time: Fri 24 Nov 2023 18:16:37 +0000
ROA not before: Fri 24 Nov 2023 18:16:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:02:8c:4a:9f:82:07:5a:d8:b3:5e:26:fd:50:e3:e8:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 24 18:16:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0363f4bbdc5880d208354545e4cddd00421289f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:da:a8:30:92:17:02:7d:0c:99:c6:44:6a:8b:
7c:04:e6:32:fd:97:8e:d1:54:29:61:21:94:11:f2:
8b:e1:10:a0:88:80:48:e8:de:34:36:a9:48:b6:3d:
1c:22:18:3b:b7:f4:9c:a0:e1:81:8e:b4:bf:96:d4:
cb:04:97:2f:10:3a:05:ef:ae:c7:87:04:13:f6:53:
80:42:04:d5:45:31:d6:94:a0:6e:67:3b:69:ee:14:
02:eb:83:28:78:5c:48:20:cd:4f:32:1e:56:d3:5e:
d6:2a:8e:3f:5e:80:77:c8:6a:fb:fb:ed:26:14:37:
bf:5d:1d:52:91:4b:f0:bb:7c:91:da:10:19:30:61:
d2:aa:47:65:31:0e:6d:59:db:fe:8a:60:6d:08:59:
de:b9:6b:e6:68:8f:4b:05:1e:9a:7a:3b:b4:71:c3:
06:5c:a2:bc:e9:04:61:65:d3:7f:c5:02:9b:17:dd:
4e:12:ac:21:e3:b0:90:75:dd:98:60:05:ce:51:05:
cf:8d:6a:d6:bc:5f:76:02:96:93:ff:9f:f8:38:f9:
04:8d:6c:e4:80:06:71:5c:3b:33:c6:1b:53:0a:25:
ef:23:ad:c8:4a:9b:33:ce:28:fa:f0:d6:bc:e8:2a:
26:ae:38:ed:c6:65:3c:c1:e9:ad:30:fd:26:d5:d8:
dd:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:63:F4:BB:DC:58:80:D2:08:35:45:45:E4:CD:DD:00:42:12:89:F5
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/A2P0u9xYgNIINUVF5M3dAEISifU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4f:72:f0:87:2b:9b:38:b0:2b:16:c8:1d:93:69:18:86:1e:54:
60:4b:f6:82:6d:6a:72:16:f6:b6:37:c9:d4:81:e7:34:c9:5b:
97:64:c2:66:fa:3d:7a:b3:f6:2a:88:9f:19:7c:ec:7f:a2:9c:
50:63:06:c5:93:2c:0f:c5:fe:27:16:0a:13:44:54:3e:2f:42:
3c:57:c8:a0:7c:cc:de:4e:6f:15:d7:0b:c0:40:32:3d:ab:db:
d8:ae:1f:42:b7:63:dc:3b:81:92:70:6b:e4:ea:8c:ff:b0:5e:
20:5d:17:68:2f:03:8a:54:d3:f5:15:11:8c:b2:8c:0d:20:da:
b7:b0:32:d9:97:2c:0b:57:92:e2:32:1c:67:5f:84:01:31:32:
f7:46:c9:96:d6:21:54:3c:3a:b4:15:90:65:41:eb:8f:3b:db:
63:4c:89:1c:cd:2f:14:dc:2e:2a:a0:9c:02:2d:de:7a:11:e1:
ec:fb:70:9c:d8:48:77:5d:10:23:22:b2:9d:88:77:23:01:82:
87:0f:0e:c0:65:46:a4:c0:9d:b9:14:6e:77:c9:68:17:72:21:
d3:37:49:60:7a:12:b3:fb:92:70:1b:e7:6a:c2:79:ba:6c:3b:
41:cf:86:56:23:56:8f:03:cf:69:5a:da:91:45:cd:66:65:dd:
e0:dd:3d:0c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwCjEqfggda2LNeJv1Q4+g3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI0MTgxNjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzYzZjRiYmRjNTg4MGQyMDgzNTQ1NDVlNGNkZGQwMDQyMTI4OWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9qoMJIXAn0MmcZEaot8BOYy/ZeO
0VQpYSGUEfKL4RCgiIBI6N40NqlItj0cIhg7t/ScoOGBjrS/ltTLBJcvEDoF767H
hwQT9lOAQgTVRTHWlKBuZztp7hQC64MoeFxIIM1PMh5W017WKo4/XoB3yGr7++0m
FDe/XR1SkUvwu3yR2hAZMGHSqkdlMQ5tWdv+imBtCFneuWvmaI9LBR6aeju0ccMG
XKK86QRhZdN/xQKbF91OEqwh47CQdd2YYAXOUQXPjWrWvF92ApaT/5/4OPkEjWzk
gAZxXDszxhtTCiXvI63ISpszzij68Na86ComrjjtxmU8wemtMP0m1djdAwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFANj9LvcWIDSCDVFReTN3QBCEon1MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQTJQMHU5eFlnTklJTlVWRjVNM2RBRUlTaWZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE9y8IcrmziwKxbIHZNp
GIYeVGBL9oJtanIW9rY3ydSB5zTJW5dkwmb6PXqz9iqInxl87H+inFBjBsWTLA/F
/icWChNEVD4vQjxXyKB8zN5ObxXXC8BAMj2r29iuH0K3Y9w7gZJwa+TqjP+wXiBd
F2gvA4pU0/UVEYyyjA0g2rewMtmXLAtXkuIyHGdfhAExMvdGyZbWIVQ8OrQVkGVB
648722NMiRzNLxTcLiqgnAIt3noR4ez7cJzYSHddECMisp2IdyMBgocPDsBlRqTA
nbkUbnfJaBdyIdM3SWB6ErP7knAb52rCebpsO0HPhlYjVo8Dz2la2pFFzWZl3eDd
PQw=
-----END CERTIFICATE-----
Generated at Mon May 12 04:05:48 2025 by rpki-client