Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/CE3Lq35_0A1w22rglJ_nqEELyAY.roa
File: CE3Lq35_0A1w22rglJ_nqEELyAY.roa (raw, json)
Hash identifier: +G62Usu8dqBtz3ba1L14iubKa/hznztx0P24uEUf7tc=
Subject key identifier: 08:4D:CB:AB:7E:7F:D0:0D:70:DB:6A:E0:94:9F:E7:A8:41:0B:C8:06
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AF7D14D2C3BD92D57D7D1BA56C4A20120
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/CE3Lq35_0A1w22rglJ_nqEELyAY.roa
Signing time: Tue 03 Oct 2023 23:13:23 +0000
ROA not before: Tue 03 Oct 2023 23:13:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f7:d1:4d:2c:3b:d9:2d:57:d7:d1:ba:56:c4:a2:01:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 3 23:13:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=084dcbab7e7fd00d70db6ae0949fe7a8410bc806
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:aa:c3:59:a0:75:3b:2a:72:c1:e6:bb:02:6d:
45:56:85:6a:c4:24:2d:2a:7e:97:dc:33:6a:ab:40:
8f:ca:61:16:c5:26:27:61:45:a9:4f:b2:0e:9f:79:
09:ef:24:b3:fb:07:d0:39:05:90:f4:5f:a5:e8:d6:
7c:f3:5d:ec:25:de:50:bd:c8:2d:a8:7b:7b:c8:75:
bf:20:f4:2a:87:3a:fa:93:39:a6:1c:ea:c4:f0:bf:
6d:70:fe:e4:75:36:60:27:6a:82:a1:a4:f0:bb:c9:
13:92:59:44:7f:e2:46:28:8c:e2:7d:29:d0:74:9b:
98:04:e9:c2:eb:88:c4:07:95:b5:b8:fc:99:69:20:
f4:53:33:4b:b2:2b:8e:9e:0d:70:0d:f8:11:b3:fc:
5a:0d:6d:c2:eb:8f:4b:05:0e:23:e4:1a:ac:28:a7:
6d:a6:77:53:fa:39:a7:6f:d1:8a:81:06:b6:a2:9b:
bc:ac:de:dd:96:52:00:ab:e3:60:44:30:ac:8d:d0:
8a:12:87:26:87:2c:79:2f:b8:d0:9a:e8:45:d7:c4:
a7:40:e7:ef:95:89:a3:fb:80:2e:fb:50:e3:c2:11:
1e:96:4a:29:20:06:74:68:97:ff:5d:ab:b7:00:c1:
70:91:4d:2d:46:c6:23:fc:32:6c:f6:e9:b5:bb:37:
2c:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:4D:CB:AB:7E:7F:D0:0D:70:DB:6A:E0:94:9F:E7:A8:41:0B:C8:06
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/CE3Lq35_0A1w22rglJ_nqEELyAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
bb:ec:a5:45:1b:83:ce:58:dd:39:fc:ae:80:1a:88:f0:68:71:
a8:7a:26:b7:66:4d:89:51:3c:d1:5f:7a:11:f8:1b:e3:b4:7e:
dc:64:99:07:7c:cb:e9:bf:93:20:f5:1d:cd:84:bf:0f:a4:10:
f5:95:0e:58:d9:27:72:1c:d4:27:ac:af:6b:ac:95:d0:ef:ff:
35:10:f4:66:f4:3e:a9:83:05:f7:dd:5a:d4:c5:1f:b5:16:79:
92:5a:f9:33:23:39:8a:b9:5c:27:13:cf:4e:39:9d:d9:c8:08:
c7:f6:dd:42:7e:84:e5:ef:00:88:d2:e0:12:51:02:6d:c2:52:
45:34:3e:37:93:6e:56:e3:59:c2:ed:fa:a2:8c:6e:ea:82:e1:
01:51:7b:10:c0:36:c4:b9:5a:f1:c6:71:7d:f2:98:2c:f8:5e:
c1:40:37:08:b0:6b:2b:86:37:7a:0a:0f:c3:37:9f:58:3c:e5:
e5:da:6a:82:3c:40:2e:ea:74:fd:65:fe:5a:34:7f:e3:48:2f:
9f:5e:a4:f9:bb:18:06:04:42:7d:8e:d1:7f:ea:bc:59:77:cc:
e6:6b:08:1e:78:71:45:32:d9:3d:12:e3:12:d5:60:59:4c:b9:
22:5f:9a:3f:17:fe:77:b6:48:16:99:85:dd:c1:7e:16:0f:37:
89:70:7a:8c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYr30U0sO9ktV9fRulbEogEgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDAzMjMxMzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODRkY2JhYjdlN2ZkMDBkNzBkYjZhZTA5NDlmZTdhODQxMGJjODA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKrDWaB1Oypywea7Am1FVoVqxCQt
Kn6X3DNqq0CPymEWxSYnYUWpT7IOn3kJ7ySz+wfQOQWQ9F+l6NZ8813sJd5Qvcgt
qHt7yHW/IPQqhzr6kzmmHOrE8L9tcP7kdTZgJ2qCoaTwu8kTkllEf+JGKIzifSnQ
dJuYBOnC64jEB5W1uPyZaSD0UzNLsiuOng1wDfgRs/xaDW3C649LBQ4j5BqsKKdt
pndT+jmnb9GKgQa2opu8rN7dllIAq+NgRDCsjdCKEocmhyx5L7jQmuhF18SnQOfv
lYmj+4Au+1DjwhEelkopIAZ0aJf/Xau3AMFwkU0tRsYj/DJs9um1uzcsWQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAhNy6t+f9ANcNtq4JSf56hBC8gGMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQ0UzTHEzNV8wQTF3MjJyZ2xKX25xRUVMeUFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALvspUUbg85Y3Tn8roAa
iPBocah6JrdmTYlRPNFfehH4G+O0ftxkmQd8y+m/kyD1Hc2Evw+kEPWVDljZJ3Ic
1Cesr2usldDv/zUQ9Gb0PqmDBffdWtTFH7UWeZJa+TMjOYq5XCcTz045ndnICMf2
3UJ+hOXvAIjS4BJRAm3CUkU0PjeTblbjWcLt+qKMbuqC4QFRexDANsS5WvHGcX3y
mCz4XsFANwiwayuGN3oKD8M3n1g85eXaaoI8QC7qdP1l/lo0f+NIL59epPm7GAYE
Qn2O0X/qvFl3zOZrCB54cUUy2T0S4xLVYFlMuSJfmj8X/ne2SBaZhd3BfhYPN4lw
eow=
-----END CERTIFICATE-----
Generated at Mon May 12 16:25:23 2025 by rpki-client