Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/RTP7lGoz6j5DoSTllxs2tJjmE-g.roa
File: RTP7lGoz6j5DoSTllxs2tJjmE-g.roa (raw, json)
Hash identifier: wWp/aBMPEMeFqb2uEgvLmQPk1rAjuE+eLmr58LJrz+k=
Subject key identifier: 45:33:FB:94:6A:33:EA:3E:43:A1:24:E5:97:1B:36:B4:98:E6:13:E8
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BBEB8B2CEFF6020F96247122453F94243
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/RTP7lGoz6j5DoSTllxs2tJjmE-g.roa
Signing time: Sat 11 Nov 2023 14:10:57 +0000
ROA not before: Sat 11 Nov 2023 14:10:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:be:b8:b2:ce:ff:60:20:f9:62:47:12:24:53:f9:42:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 11 14:10:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4533fb946a33ea3e43a124e5971b36b498e613e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:dc:07:9a:40:b8:e7:92:ef:60:f2:66:2b:e6:
b2:06:d0:30:83:c0:17:26:97:42:3e:a8:52:f3:51:
82:6e:c4:df:af:ce:af:b3:a2:e0:12:f6:51:49:a1:
5f:3c:5d:dc:87:e6:b9:2d:4e:62:a6:ac:c8:8b:dd:
c4:ec:c4:cd:1a:08:31:66:fa:e0:ce:4c:99:5e:6b:
7b:e9:ea:1c:f6:38:15:d2:e1:63:e1:2c:87:56:3d:
ea:13:bd:df:06:c6:55:37:20:6d:db:be:48:1b:45:
77:ca:b2:79:7a:b8:3b:ab:00:40:24:54:dc:14:90:
13:fa:e4:68:bc:41:51:d6:4a:17:9a:1f:47:bc:c0:
ee:81:78:f0:6a:71:d4:53:9a:c8:fd:44:23:1d:d8:
49:98:e5:bd:53:80:4d:ed:7e:42:fd:d4:a1:1e:eb:
96:4a:8f:de:9e:c4:90:31:f1:98:d7:f4:37:54:c2:
f8:d5:bd:b8:cb:60:d2:e3:97:6d:56:ad:8f:a9:0e:
f5:d2:f6:de:1e:17:6d:55:99:54:3f:e0:16:d4:c8:
c6:ff:52:79:a5:58:38:58:f7:56:e3:49:26:24:9d:
41:68:28:3f:b1:0a:4f:e2:a0:09:32:52:68:39:93:
f8:76:17:a4:a8:56:4f:5c:18:3e:c6:9c:54:20:59:
41:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:33:FB:94:6A:33:EA:3E:43:A1:24:E5:97:1B:36:B4:98:E6:13:E8
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/RTP7lGoz6j5DoSTllxs2tJjmE-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
51:e4:b2:a1:7d:9d:2b:ab:69:ff:3a:6c:90:db:62:c9:45:17:
ac:37:92:83:cb:69:0e:a4:1d:36:f8:d4:e8:f9:37:d0:c2:07:
ad:0e:28:91:f4:9f:b9:85:cf:d0:4b:d5:63:b4:76:2e:01:e9:
82:ca:52:62:12:53:42:7f:bd:5a:fb:5f:a7:33:b4:56:0a:a3:
89:7a:3e:bc:00:23:81:24:66:84:78:37:08:77:e0:a7:14:37:
5d:9a:4a:da:a6:09:4f:a8:01:fc:5e:6b:3f:09:26:30:2e:4d:
38:eb:25:89:aa:c0:f3:c4:41:0e:3a:74:f3:d7:17:7d:f2:3b:
dc:9d:5a:5c:ef:9c:7f:d1:6b:86:8b:0c:0f:6f:4b:7c:b5:19:
a6:ed:79:52:fc:3d:01:e6:bf:a9:57:95:5b:a2:24:4e:22:f4:
a3:da:a0:14:71:d6:1c:a0:e6:c2:4c:10:53:f7:80:cd:61:d8:
ed:6c:8b:cc:16:06:1b:9a:97:73:a0:a7:5c:dc:e4:a2:3b:6d:
6c:a6:be:09:46:70:1c:51:3d:b0:31:b2:0d:9a:1a:68:45:b9:
a9:aa:b4:87:f1:94:61:8e:a1:62:b3:64:88:f0:34:af:c2:7b:
6f:e1:a2:4a:e4:d3:1c:1f:7a:1d:39:da:ed:99:15:72:d8:71:
d1:fb:b6:1d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYu+uLLO/2Ag+WJHEiRT+UJDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTExMTQxMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTMzZmI5NDZhMzNlYTNlNDNhMTI0ZTU5NzFiMzZiNDk4ZTYxM2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptwHmkC455LvYPJmK+ayBtAwg8AX
JpdCPqhS81GCbsTfr86vs6LgEvZRSaFfPF3ch+a5LU5ipqzIi93E7MTNGggxZvrg
zkyZXmt76eoc9jgV0uFj4SyHVj3qE73fBsZVNyBt275IG0V3yrJ5erg7qwBAJFTc
FJAT+uRovEFR1koXmh9HvMDugXjwanHUU5rI/UQjHdhJmOW9U4BN7X5C/dShHuuW
So/ensSQMfGY1/Q3VML41b24y2DS45dtVq2PqQ710vbeHhdtVZlUP+AW1MjG/1J5
pVg4WPdW40kmJJ1BaCg/sQpP4qAJMlJoOZP4dhekqFZPXBg+xpxUIFlBewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEUz+5RqM+o+Q6Ek5ZcbNrSY5hPoMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUlRQN2xHb3o2ajVEb1NUbGx4czJ0SmptRS1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFHksqF9nSuraf86bJDb
YslFF6w3koPLaQ6kHTb41Oj5N9DCB60OKJH0n7mFz9BL1WO0di4B6YLKUmISU0J/
vVr7X6cztFYKo4l6PrwAI4EkZoR4Nwh34KcUN12aStqmCU+oAfxeaz8JJjAuTTjr
JYmqwPPEQQ46dPPXF33yO9ydWlzvnH/Ra4aLDA9vS3y1GabteVL8PQHmv6lXlVui
JE4i9KPaoBRx1hyg5sJMEFP3gM1h2O1si8wWBhual3Ogp1zc5KI7bWymvglGcBxR
PbAxsg2aGmhFuamqtIfxlGGOoWKzZIjwNK/Ce2/hokrk0xwfeh052u2ZFXLYcdH7
th0=
-----END CERTIFICATE-----
Generated at Sun May 11 12:35:20 2025 by rpki-client