Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/M016I2JdJcZJWzsd2NxWnd6ePUY.roa
File: M016I2JdJcZJWzsd2NxWnd6ePUY.roa (raw, json)
Hash identifier: EB78YpyHEGvlfpwCOitslij/5DNPQv9qKVHK4XKuX4o=
Subject key identifier: 33:4D:7A:23:62:5D:25:C6:49:5B:3B:1D:D8:DC:56:9D:DE:9E:3D:46
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BBD0054C74EE17A54EEFDACBB14878827
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/M016I2JdJcZJWzsd2NxWnd6ePUY.roa
Signing time: Sat 11 Nov 2023 06:09:57 +0000
ROA not before: Sat 11 Nov 2023 06:09:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:bd:00:54:c7:4e:e1:7a:54:ee:fd:ac:bb:14:87:88:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 11 06:09:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=334d7a23625d25c6495b3b1dd8dc569dde9e3d46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e7:15:f0:e0:0f:5a:bf:5b:0f:32:2a:8b:b9:
c9:e9:46:da:3c:2e:7a:05:0e:b9:6d:93:f8:a6:15:
a7:1e:a5:c1:ee:44:8f:a3:48:4e:a5:59:1f:61:33:
f2:df:3e:8f:5a:a4:02:b2:a9:66:cf:51:7a:49:f8:
c2:00:21:97:4e:f3:17:0f:92:85:62:c4:a9:e9:a5:
9c:ae:70:cd:6c:40:76:6f:9e:4b:64:f6:75:1a:71:
9d:30:3c:40:20:c8:0c:fe:47:3e:c7:e0:f7:fa:1b:
49:ac:ed:4f:ef:99:bc:9a:fd:46:3c:66:31:95:9f:
ae:d9:88:8c:d5:8c:4b:3c:0a:2a:cb:09:3e:27:eb:
1e:e0:89:d1:3e:f1:76:48:9c:35:14:e4:c7:29:11:
70:c2:c2:6f:51:34:19:3f:4d:f6:95:b8:98:79:b2:
c5:9f:49:4f:a9:c5:a4:87:84:14:9b:09:13:76:27:
04:a9:79:25:22:ed:df:21:27:7e:28:b0:cf:9f:72:
d5:44:91:0b:5c:97:ba:6d:1e:2f:68:ac:42:00:cb:
e4:d1:12:1b:5e:f4:c2:2a:af:9b:58:fd:49:ec:4a:
67:56:dc:7c:e0:12:c7:67:e1:28:fc:a0:6b:c4:6d:
96:eb:ee:ec:28:d7:b5:fc:72:4f:85:14:a8:f1:ba:
24:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:4D:7A:23:62:5D:25:C6:49:5B:3B:1D:D8:DC:56:9D:DE:9E:3D:46
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/M016I2JdJcZJWzsd2NxWnd6ePUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
63:f8:eb:06:a7:43:9b:34:02:d5:ea:b8:51:07:b4:83:27:5a:
8f:ee:03:45:9c:d4:d4:5d:10:9b:c7:89:99:53:d2:a4:a6:c3:
91:7a:f7:ac:95:5c:62:f4:da:99:7b:ed:20:eb:88:14:de:bb:
74:53:d9:73:34:47:de:ef:89:dd:00:86:16:2b:b4:f4:59:6a:
e2:e3:a6:98:b7:0b:2e:a0:55:41:05:4e:14:d4:08:c5:83:cd:
ea:00:15:9b:25:23:0f:43:25:29:d9:b6:e3:24:e7:7c:04:df:
67:ed:0f:fa:ef:f5:35:a0:6f:35:52:f9:e0:10:36:ed:e6:2c:
be:a3:74:05:2d:5e:72:de:d5:1c:50:bc:63:67:c1:8d:75:bc:
b2:68:ef:89:ff:ac:f6:f6:e4:15:d9:e4:2e:16:46:7e:ce:39:
dd:89:32:67:6b:40:bc:f6:b2:8f:81:7d:5a:3b:e5:f7:1b:16:
fa:3e:fe:20:73:fd:c6:a3:06:5f:e6:c6:dd:31:ca:11:dd:c8:
d9:6e:3c:8e:db:b9:8f:0f:a1:8b:af:d3:19:a4:cf:6c:61:2e:
be:3b:9c:98:f2:71:21:04:e5:1d:a9:95:de:aa:23:12:28:3e:
c7:e4:48:b9:1a:eb:de:50:93:b4:f1:1a:b5:75:47:e9:ea:fe:
e0:cd:1d:e4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYu9AFTHTuF6VO79rLsUh4gnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTExMDYwOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzRkN2EyMzYyNWQyNWM2NDk1YjNiMWRkOGRjNTY5ZGRlOWUzZDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOcV8OAPWr9bDzIqi7nJ6UbaPC56
BQ65bZP4phWnHqXB7kSPo0hOpVkfYTPy3z6PWqQCsqlmz1F6SfjCACGXTvMXD5KF
YsSp6aWcrnDNbEB2b55LZPZ1GnGdMDxAIMgM/kc+x+D3+htJrO1P75m8mv1GPGYx
lZ+u2YiM1YxLPAoqywk+J+se4InRPvF2SJw1FOTHKRFwwsJvUTQZP032lbiYebLF
n0lPqcWkh4QUmwkTdicEqXklIu3fISd+KLDPn3LVRJELXJe6bR4vaKxCAMvk0RIb
XvTCKq+bWP1J7EpnVtx84BLHZ+Eo/KBrxG2W6+7sKNe1/HJPhRSo8bokaQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDNNeiNiXSXGSVs7HdjcVp3enj1GMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvTTAxNkkySmRKY1pKV3pzZDJOeFduZDZlUFVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGP46wanQ5s0AtXquFEH
tIMnWo/uA0Wc1NRdEJvHiZlT0qSmw5F696yVXGL02pl77SDriBTeu3RT2XM0R97v
id0AhhYrtPRZauLjppi3Cy6gVUEFThTUCMWDzeoAFZslIw9DJSnZtuMk53wE32ft
D/rv9TWgbzVS+eAQNu3mLL6jdAUtXnLe1RxQvGNnwY11vLJo74n/rPb25BXZ5C4W
Rn7OOd2JMmdrQLz2so+BfVo75fcbFvo+/iBz/cajBl/mxt0xyhHdyNluPI7buY8P
oYuv0xmkz2xhLr47nJjycSEE5R2pld6qIxIoPsfkSLka695Qk7TxGrV1R+nq/uDN
HeQ=
-----END CERTIFICATE-----
Generated at Sun May 11 12:38:28 2025 by rpki-client