Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PWCB9N25kU0JbB33OmbkINyZhBA.roa
File: PWCB9N25kU0JbB33OmbkINyZhBA.roa (raw, json)
Hash identifier: tHfX29mG4l4+IL4vu/t+X/oQ195AZLoi+tgQW9ErHjg=
Subject key identifier: 3D:60:81:F4:DD:B9:91:4D:09:6C:1D:F7:3A:66:E4:20:DC:99:84:10
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ACFDFFBDDDA9D8479551741258ED77E11
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PWCB9N25kU0JbB33OmbkINyZhBA.roa
Signing time: Tue 26 Sep 2023 05:04:37 +0000
ROA not before: Tue 26 Sep 2023 05:04:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:cfdf:eb9b/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cf:df:fb:dd:da:9d:84:79:55:17:41:25:8e:d7:7e:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 26 05:04:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d6081f4ddb9914d096c1df73a66e420dc998410
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:e2:53:ed:93:a3:e8:62:1d:94:85:89:70:c2:
4d:70:0b:41:58:67:3b:9a:24:5a:e5:fd:2a:05:30:
61:4d:be:ec:8e:59:fc:fa:4b:a2:cf:0b:8d:09:07:
42:ac:85:d5:bb:ad:a1:da:80:98:8e:1f:23:79:38:
c9:d6:e0:4c:17:9c:54:03:b7:cb:45:f2:eb:a5:9f:
b8:ab:df:e6:84:59:3f:1a:db:b7:8f:30:32:21:70:
f5:7a:19:b7:b0:13:78:55:97:e2:b5:4f:4f:9e:a4:
bf:68:1c:ce:3c:1e:14:5c:e0:86:34:d4:cf:dc:7c:
fb:ae:a3:40:d6:11:07:f5:73:c4:ee:9d:22:a3:7f:
1d:ad:9b:32:33:83:1f:a0:d0:bc:8a:8b:77:ab:68:
50:b4:5c:ea:e2:ac:33:fe:eb:5b:1b:62:08:6b:5b:
5b:f1:6b:75:c6:84:ee:01:cd:d3:5f:74:ec:e1:d5:
e2:6d:fa:0b:96:28:d1:70:67:e0:6f:dc:8a:e3:76:
65:0a:5c:b4:0c:08:31:6f:4b:78:44:9b:f3:41:dd:
cc:55:90:94:6d:88:12:fc:00:d6:c8:4e:39:37:60:
4c:fe:7f:e3:ad:e5:2f:6e:d1:fb:e6:d2:65:c4:40:
fc:30:2c:0f:3b:92:43:23:94:86:31:df:71:e1:e4:
e3:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:60:81:F4:DD:B9:91:4D:09:6C:1D:F7:3A:66:E4:20:DC:99:84:10
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PWCB9N25kU0JbB33OmbkINyZhBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
11:5d:26:bb:ec:c4:43:2d:5a:c9:39:b5:bc:d0:49:48:ef:51:
de:50:53:ab:dd:20:14:73:a8:4d:e4:d6:a1:ad:2e:6d:f6:28:
8c:9e:35:71:92:b2:44:34:49:77:70:34:be:a4:fc:71:58:68:
0f:03:fc:72:d3:86:3e:4f:f5:3b:75:65:44:c1:4b:48:4a:c5:
af:16:3e:3e:71:a3:26:44:f8:37:c0:2d:2f:1b:e0:17:0a:05:
23:7d:46:68:cc:9d:43:53:78:8d:6a:11:0e:d6:42:b7:f2:8c:
55:9a:9a:32:1a:1a:c1:fb:53:b7:fb:27:f3:c5:73:d1:09:df:
e3:89:96:27:2a:5f:7f:89:10:45:de:6c:a6:5e:fa:a6:dc:bc:
85:87:13:a9:b8:ac:c7:b8:87:b3:c3:34:c6:9d:34:ea:81:17:
9d:53:3f:bb:eb:4d:3f:d7:6c:3f:f2:1c:3e:e2:f0:71:c7:2c:
6c:e3:97:d7:3d:37:7f:d9:23:d4:aa:b5:51:b0:9f:25:bf:8e:
34:23:c8:30:3c:2c:18:ec:4b:c0:91:9a:0a:96:aa:36:b3:67:
fc:c7:ae:38:93:e1:7f:fb:f9:f1:f0:11:de:25:72:00:cd:fa:
e4:57:10:85:42:b9:2f:8a:c5:d1:dc:e0:95:6e:21:cc:00:33:
24:47:0b:65
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrP3/vd2p2EeVUXQSWO134RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI2MDUwNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDYwODFmNGRkYjk5MTRkMDk2YzFkZjczYTY2ZTQyMGRjOTk4NDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+JT7ZOj6GIdlIWJcMJNcAtBWGc7
miRa5f0qBTBhTb7sjln8+kuizwuNCQdCrIXVu62h2oCYjh8jeTjJ1uBMF5xUA7fL
RfLrpZ+4q9/mhFk/Gtu3jzAyIXD1ehm3sBN4VZfitU9PnqS/aBzOPB4UXOCGNNTP
3Hz7rqNA1hEH9XPE7p0io38drZsyM4MfoNC8iot3q2hQtFzq4qwz/utbG2IIa1tb
8Wt1xoTuAc3TX3Ts4dXibfoLlijRcGfgb9yK43ZlCly0DAgxb0t4RJvzQd3MVZCU
bYgS/ADWyE45N2BM/n/jreUvbtH75tJlxED8MCwPO5JDI5SGMd9x4eTjbQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD1ggfTduZFNCWwd9zpm5CDcmYQQMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUFdDQjlOMjVrVTBKYkIzM09tYmtJTnlaaEJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABFdJrvsxEMtWsk5tbzQ
SUjvUd5QU6vdIBRzqE3k1qGtLm32KIyeNXGSskQ0SXdwNL6k/HFYaA8D/HLThj5P
9Tt1ZUTBS0hKxa8WPj5xoyZE+DfALS8b4BcKBSN9RmjMnUNTeI1qEQ7WQrfyjFWa
mjIaGsH7U7f7J/PFc9EJ3+OJlicqX3+JEEXebKZe+qbcvIWHE6m4rMe4h7PDNMad
NOqBF51TP7vrTT/XbD/yHD7i8HHHLGzjl9c9N3/ZI9SqtVGwnyW/jjQjyDA8LBjs
S8CRmgqWqjazZ/zHrjiT4X/7+fHwEd4lcgDN+uRXEIVCuS+KxdHc4JVuIcwAMyRH
C2U=
-----END CERTIFICATE-----
Generated at Mon May 12 12:28:36 2025 by rpki-client