Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/RwOcn2rVcJmHL0JrGR1BInaGqq4.roa
File: RwOcn2rVcJmHL0JrGR1BInaGqq4.roa (raw, json)
Hash identifier: 6HLTXnyrCvctp2M46LuLAsIB9lUA2uuxMweqHaT9e8w=
Subject key identifier: 47:03:9C:9F:6A:D5:70:99:87:2F:42:6B:19:1D:41:22:76:86:AA:AE
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BE6DA33BDC90B3C18EDF85FF30CA0BE3B
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/RwOcn2rVcJmHL0JrGR1BInaGqq4.roa
Signing time: Sun 19 Nov 2023 09:12:21 +0000
ROA not before: Sun 19 Nov 2023 09:12:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:e6:da:33:bd:c9:0b:3c:18:ed:f8:5f:f3:0c:a0:be:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 19 09:12:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47039c9f6ad57099872f426b191d41227686aaae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:49:13:7b:6b:72:63:ea:de:19:45:a6:27:98:
af:8b:0f:d2:b1:6f:cf:b8:9e:a4:7b:88:67:88:5c:
03:e0:87:e5:fd:01:3f:27:1e:e6:db:21:4b:35:9d:
49:9b:41:97:8d:f0:c9:8f:eb:78:e3:be:5c:08:a6:
e3:f9:75:91:50:ed:91:73:5c:5f:37:a8:c3:51:26:
39:34:28:71:c6:43:f1:20:de:88:c2:a7:cf:25:56:
91:db:38:40:37:05:45:2b:29:17:a3:cb:d5:9b:7f:
94:db:22:1a:ad:78:0b:cd:6f:7f:c6:4a:d9:fb:a0:
30:d7:d3:86:8a:30:cd:b3:5a:06:14:cc:65:2a:45:
bf:7e:46:22:ea:24:57:9c:13:6d:1e:99:4e:ae:bd:
cc:de:e2:4d:37:8b:be:18:8c:88:f5:a9:53:df:86:
20:d8:34:9f:2f:23:de:e7:92:c3:fb:c5:bf:27:53:
a3:f8:d1:fb:f2:44:f5:ff:cf:1a:72:17:d4:3b:e9:
a3:a6:fc:10:fc:c6:b5:e2:45:27:4e:71:93:35:3b:
5e:3d:2c:e9:90:7c:5b:67:6c:66:3c:1d:34:fb:68:
56:60:37:8d:e9:7b:29:f4:4a:09:06:c1:f5:f6:b1:
50:da:4b:53:8e:f4:fb:18:53:cd:0b:e3:92:e1:30:
10:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:03:9C:9F:6A:D5:70:99:87:2F:42:6B:19:1D:41:22:76:86:AA:AE
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/RwOcn2rVcJmHL0JrGR1BInaGqq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
77:0b:9b:5b:cd:79:af:0a:dd:53:2a:42:0a:b4:d1:a5:76:26:
68:65:1c:87:99:99:75:97:f2:48:5f:e3:65:4e:6f:fc:9b:b6:
11:3a:87:87:1d:69:08:99:c2:ca:96:d6:5e:a6:f3:f5:2a:ed:
51:8a:e9:66:69:4f:19:e9:c1:d2:50:43:e0:14:b0:d3:01:52:
f4:93:9b:57:fb:d2:55:e4:c5:e8:f3:54:bb:05:9d:aa:2b:45:
da:09:c4:86:70:68:99:35:8e:d7:23:2b:44:1b:60:28:ab:4b:
f7:df:03:0d:1a:d9:1b:ac:74:67:62:57:c7:93:91:90:da:2c:
0f:0c:41:2e:94:02:d8:98:06:23:2b:e1:42:f7:ae:de:e2:13:
76:e5:f9:a2:95:32:3c:c6:1f:22:3b:97:ed:72:f9:b2:f3:f0:
bf:ea:86:88:fe:a2:d6:49:12:20:a2:7a:cc:28:77:15:4d:40:
3e:dc:43:61:ab:26:ea:e5:8a:68:e5:08:ea:bb:f7:23:8d:42:
f2:b2:42:6f:1e:ea:79:d8:ff:d3:d4:ec:25:8d:4b:91:bf:1d:
5f:8e:70:33:c7:12:ae:e5:c9:2b:d5:f1:5d:0c:12:a2:21:58:
8d:49:a2:c3:e4:2c:a8:e4:ee:e4:e0:38:d1:a8:43:54:8f:38:
53:ff:ce:53
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvm2jO9yQs8GO34X/MMoL47MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTE5MDkxMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzAzOWM5ZjZhZDU3MDk5ODcyZjQyNmIxOTFkNDEyMjc2ODZhYWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUkTe2tyY+reGUWmJ5iviw/SsW/P
uJ6ke4hniFwD4Ifl/QE/Jx7m2yFLNZ1Jm0GXjfDJj+t4475cCKbj+XWRUO2Rc1xf
N6jDUSY5NChxxkPxIN6IwqfPJVaR2zhANwVFKykXo8vVm3+U2yIarXgLzW9/xkrZ
+6Aw19OGijDNs1oGFMxlKkW/fkYi6iRXnBNtHplOrr3M3uJNN4u+GIyI9alT34Yg
2DSfLyPe55LD+8W/J1Oj+NH78kT1/88achfUO+mjpvwQ/Ma14kUnTnGTNTtePSzp
kHxbZ2xmPB00+2hWYDeN6Xsp9EoJBsH19rFQ2ktTjvT7GFPNC+OS4TAQhQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEcDnJ9q1XCZhy9CaxkdQSJ2hqquMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUndPY24yclZjSm1ITDBKckdSMUJJbmFHcXE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHcLm1vNea8K3VMqQgq0
0aV2JmhlHIeZmXWX8khf42VOb/ybthE6h4cdaQiZwsqW1l6m8/Uq7VGK6WZpTxnp
wdJQQ+AUsNMBUvSTm1f70lXkxejzVLsFnaorRdoJxIZwaJk1jtcjK0QbYCirS/ff
Aw0a2RusdGdiV8eTkZDaLA8MQS6UAtiYBiMr4UL3rt7iE3bl+aKVMjzGHyI7l+1y
+bLz8L/qhoj+otZJEiCieswodxVNQD7cQ2GrJurlimjlCOq79yONQvKyQm8e6nnY
/9PU7CWNS5G/HV+OcDPHEq7lySvV8V0MEqIhWI1JosPkLKjk7uTgONGoQ1SPOFP/
zlM=
-----END CERTIFICATE-----
Generated at Mon May 12 07:32:43 2025 by rpki-client