Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/S3TIjE4ERjM5uaPm2L4FRaW-xkI.roa
File: S3TIjE4ERjM5uaPm2L4FRaW-xkI.roa (raw, json)
Hash identifier: dtzLisaJYNAikWBtASsVdWOi7Aoin15vP+oDD26UH8w=
Subject key identifier: 4B:74:C8:8C:4E:04:46:33:39:B9:A3:E6:D8:BE:05:45:A5:BE:C6:42
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C5D18F79B054D2E18A0D69EEA07261AD7
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/S3TIjE4ERjM5uaPm2L4FRaW-xkI.roa
Signing time: Tue 12 Dec 2023 08:16:06 +0000
ROA not before: Tue 12 Dec 2023 08:16:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5d:18:f7:9b:05:4d:2e:18:a0:d6:9e:ea:07:26:1a:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 12 08:16:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b74c88c4e04463339b9a3e6d8be0545a5bec642
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:dc:56:73:e5:29:79:4b:69:9c:56:40:82:dd:
85:bd:aa:6f:a8:da:8b:7e:38:b2:c6:60:d3:39:77:
8f:65:c6:88:14:35:29:28:45:f0:b4:17:ad:3e:e8:
06:fd:9d:38:95:cc:21:05:9a:fe:89:25:4d:b3:d1:
19:b0:c4:20:ef:6f:a9:90:9f:b6:79:3a:e5:86:f6:
b8:60:50:f6:a1:34:c3:35:77:d3:c8:d3:a5:39:d1:
10:65:6e:6f:44:f7:ed:6c:17:75:0f:74:ad:fc:7e:
5d:62:d2:38:f4:4f:76:aa:5c:82:eb:43:13:f2:18:
3b:2f:41:91:a2:c8:a6:22:a8:37:81:39:9a:38:fe:
f8:fb:4e:d7:6a:7e:0b:3a:72:31:e7:63:5c:38:d7:
62:c8:47:1b:59:a5:23:66:6d:27:30:0e:36:03:04:
8a:f8:cd:35:91:f7:02:5d:1c:b7:92:c5:e1:fb:e5:
df:4e:83:0b:7e:18:75:ca:e3:f4:f1:3c:6b:07:4f:
bd:f0:7c:49:fd:0b:29:3b:0c:a2:db:3e:9c:83:aa:
9b:0f:32:1f:90:83:8c:c6:13:e0:09:60:96:9e:09:
73:d7:1c:74:0e:5d:00:d9:cd:03:7c:9d:13:c1:ec:
23:3c:46:d5:61:09:6c:49:41:98:a8:59:c7:45:61:
34:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:74:C8:8C:4E:04:46:33:39:B9:A3:E6:D8:BE:05:45:A5:BE:C6:42
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/S3TIjE4ERjM5uaPm2L4FRaW-xkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
71:20:b0:1d:67:da:30:94:c5:e3:79:2d:d3:cc:2a:14:7b:20:
60:e7:8b:31:e7:41:c3:0f:e6:8e:ab:f9:70:cb:51:f9:cb:ae:
90:bd:25:f2:ce:d5:cb:95:ac:b1:2e:2e:2f:62:9b:1e:3c:64:
94:38:a2:35:0e:48:3e:3a:15:87:53:b8:52:7d:7a:a0:8c:80:
51:9f:4a:68:47:0c:47:94:1d:97:41:fc:60:e3:fe:f2:7f:9b:
ee:f9:f4:7d:e5:e0:b6:98:53:da:bb:3f:f8:c0:70:47:26:f9:
8c:0a:ef:b8:a8:c6:51:72:7d:05:b3:85:16:da:fe:4c:3d:09:
b1:a2:5e:49:1a:85:68:20:4f:82:68:52:b5:e3:92:0f:24:b6:
ee:30:c7:0b:21:31:db:3f:73:f0:9b:6d:68:9c:54:9e:d5:4e:
cd:13:95:9c:3c:aa:0d:ab:dd:61:93:e4:d0:6e:76:65:d6:4c:
fd:04:90:a1:42:ca:6a:38:55:0c:39:3e:5c:9d:e4:4a:73:c5:
e7:13:5a:c6:57:c6:d4:1d:89:d5:c7:03:92:d4:86:95:a2:76:
d2:41:45:a5:9e:e7:89:e7:eb:bb:37:55:9b:a1:39:6d:f1:2a:
54:4e:3c:46:dd:59:80:d4:54:d4:00:a9:15:3e:e5:3d:5e:12:
53:0b:89:a4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxdGPebBU0uGKDWnuoHJhrXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjEyMDgxNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yjc0Yzg4YzRlMDQ0NjMzMzliOWEzZTZkOGJlMDU0NWE1YmVjNjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNxWc+UpeUtpnFZAgt2FvapvqNqL
fjiyxmDTOXePZcaIFDUpKEXwtBetPugG/Z04lcwhBZr+iSVNs9EZsMQg72+pkJ+2
eTrlhva4YFD2oTTDNXfTyNOlOdEQZW5vRPftbBd1D3St/H5dYtI49E92qlyC60MT
8hg7L0GRosimIqg3gTmaOP74+07Xan4LOnIx52NcONdiyEcbWaUjZm0nMA42AwSK
+M01kfcCXRy3ksXh++XfToMLfhh1yuP08TxrB0+98HxJ/QspOwyi2z6cg6qbDzIf
kIOMxhPgCWCWnglz1xx0Dl0A2c0DfJ0TwewjPEbVYQlsSUGYqFnHRWE0DQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEt0yIxOBEYzObmj5ti+BUWlvsZCMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUzNUSWpFNEVSak01dWFQbTJMNEZSYVcteGtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHEgsB1n2jCUxeN5LdPM
KhR7IGDnizHnQcMP5o6r+XDLUfnLrpC9JfLO1cuVrLEuLi9imx48ZJQ4ojUOSD46
FYdTuFJ9eqCMgFGfSmhHDEeUHZdB/GDj/vJ/m+759H3l4LaYU9q7P/jAcEcm+YwK
77ioxlFyfQWzhRba/kw9CbGiXkkahWggT4JoUrXjkg8ktu4wxwshMds/c/CbbWic
VJ7VTs0TlZw8qg2r3WGT5NBudmXWTP0EkKFCymo4VQw5Plyd5EpzxecTWsZXxtQd
idXHA5LUhpWidtJBRaWe54nn67s3VZuhOW3xKlROPEbdWYDUVNQAqRU+5T1eElML
iaQ=
-----END CERTIFICATE-----
Generated at Sun May 11 22:31:39 2025 by rpki-client