Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/A8l2l6sKgje7S6qUKGNZerqdMkg.roa
File: A8l2l6sKgje7S6qUKGNZerqdMkg.roa (raw, json)
Hash identifier: wVqoMYMzfqY91C6+xbTO0m9h3zHjM0UboBbm0gkjwYI=
Subject key identifier: 03:C9:76:97:AB:0A:82:37:BB:4B:AA:94:28:63:59:7A:BA:9D:32:48
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AF83E3FD3F4558EC53102C055A6D04359
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/A8l2l6sKgje7S6qUKGNZerqdMkg.roa
Signing time: Wed 04 Oct 2023 01:12:23 +0000
ROA not before: Wed 04 Oct 2023 01:12:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f8:3e:3f:d3:f4:55:8e:c5:31:02:c0:55:a6:d0:43:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 4 01:12:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03c97697ab0a8237bb4baa942863597aba9d3248
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:3b:44:fb:44:a7:aa:83:9e:32:58:7c:02:68:
8b:96:c6:e0:a3:69:5f:9c:f1:14:6e:69:8e:fd:17:
02:38:28:d3:0b:74:47:a6:83:44:4e:91:12:7f:37:
bf:03:0f:53:28:c2:4f:d2:01:2d:7b:67:c2:08:37:
8b:b0:48:ee:cf:dc:5b:73:4b:8d:5c:cd:68:26:b7:
1b:73:76:52:b4:f2:92:6a:ff:b9:0c:a2:48:cd:bf:
6e:fc:5a:77:31:c7:a9:e1:13:35:4c:35:f8:81:64:
51:a3:25:ca:6e:b7:83:01:84:91:9a:27:6b:db:3c:
79:b6:30:c7:63:b6:26:b0:6b:5a:2e:4a:40:64:af:
ac:81:01:74:ba:5a:a3:b0:92:3d:63:21:8e:fb:e6:
31:d2:31:c3:e3:98:0d:be:23:ce:b5:fc:cf:87:c5:
47:78:eb:ad:71:b8:9f:4e:d8:0b:71:e7:51:74:f9:
cd:a5:4d:a5:aa:0e:b5:8b:d0:d6:d3:f0:df:d9:e4:
6d:2e:3d:e6:b5:45:5a:fc:51:4c:6b:e1:c4:98:bb:
3a:72:27:06:d8:b0:91:4f:e3:8f:8d:fd:63:01:d3:
60:fe:39:7e:ca:84:03:fa:9e:94:40:8c:ae:be:af:
0d:3f:89:b0:8d:32:5d:6e:72:a7:f3:83:b2:c0:76:
1d:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:C9:76:97:AB:0A:82:37:BB:4B:AA:94:28:63:59:7A:BA:9D:32:48
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/A8l2l6sKgje7S6qUKGNZerqdMkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
51:1c:9b:b8:bc:d6:d6:24:75:5f:7d:a4:ba:70:78:89:d7:03:
6e:b6:88:5a:41:c8:c4:0f:be:f1:d8:ff:58:5d:a1:43:6f:90:
26:a6:59:4c:c2:19:a1:86:a7:8d:dc:40:ba:b7:44:64:bf:c7:
00:4a:3e:cc:56:43:84:95:27:9a:c8:60:9f:e0:e3:52:13:a2:
66:a9:b1:4c:b0:b0:72:b5:5d:d2:54:b6:61:cf:6b:25:46:5e:
5e:28:ac:e3:fe:10:67:e0:83:af:12:0e:4d:79:e9:f6:d6:5d:
2d:60:73:83:60:0e:a4:e5:a4:44:39:2d:88:9e:cc:8f:e6:3c:
8a:ca:c0:0e:5a:aa:d8:fe:2a:6d:a3:dc:d1:38:9e:c1:e5:89:
ef:69:8f:7b:74:a4:61:4c:d4:e0:8d:e9:b5:29:c9:c1:c4:b9:
23:e6:d0:05:a1:c9:fa:f9:ea:aa:d7:44:f7:cc:dc:45:e9:38:
2e:e9:ea:7a:cc:f4:5b:c7:68:e4:c3:49:1f:17:d2:b0:ec:82:
ca:71:b6:db:fa:cd:73:e5:da:bf:71:6b:86:aa:3f:c0:6f:57:
ce:12:f3:80:cf:36:85:a9:be:bd:0a:e8:4c:a6:5c:94:76:f2:
e9:f9:45:47:32:b4:ef:71:fb:7c:c3:c0:a4:e3:c3:62:d4:32:
0f:1b:b9:e5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYr4Pj/T9FWOxTECwFWm0ENZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA0MDExMjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2M5NzY5N2FiMGE4MjM3YmI0YmFhOTQyODYzNTk3YWJhOWQzMjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDtE+0SnqoOeMlh8AmiLlsbgo2lf
nPEUbmmO/RcCOCjTC3RHpoNETpESfze/Aw9TKMJP0gEte2fCCDeLsEjuz9xbc0uN
XM1oJrcbc3ZStPKSav+5DKJIzb9u/Fp3Mcep4RM1TDX4gWRRoyXKbreDAYSRmidr
2zx5tjDHY7YmsGtaLkpAZK+sgQF0ulqjsJI9YyGO++Yx0jHD45gNviPOtfzPh8VH
eOutcbifTtgLcedRdPnNpU2lqg61i9DW0/Df2eRtLj3mtUVa/FFMa+HEmLs6cicG
2LCRT+OPjf1jAdNg/jl+yoQD+p6UQIyuvq8NP4mwjTJdbnKn84OywHYd5QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAPJdperCoI3u0uqlChjWXq6nTJIMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQThsMmw2c0tnamU3UzZxVUtHTlplcnFkTWtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFEcm7i81tYkdV99pLpw
eInXA262iFpByMQPvvHY/1hdoUNvkCamWUzCGaGGp43cQLq3RGS/xwBKPsxWQ4SV
J5rIYJ/g41ITomapsUywsHK1XdJUtmHPayVGXl4orOP+EGfgg68SDk156fbWXS1g
c4NgDqTlpEQ5LYiezI/mPIrKwA5aqtj+Km2j3NE4nsHlie9pj3t0pGFM1OCN6bUp
ycHEuSPm0AWhyfr56qrXRPfM3EXpOC7p6nrM9FvHaOTDSR8X0rDsgspxttv6zXPl
2r9xa4aqP8BvV84S84DPNoWpvr0K6EymXJR28un5RUcytO9x+3zDwKTjw2LUMg8b
ueU=
-----END CERTIFICATE-----
Generated at Mon May 12 21:58:20 2025 by rpki-client