Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TjdTIop_kplnG29mKV65mD-9LvE.roa
File: TjdTIop_kplnG29mKV65mD-9LvE.roa (raw, json)
Hash identifier: sH2Xwz0z5dqJ2jDahJh0b8SuiBb7A/k6S1zjNRi1b28=
Subject key identifier: 4E:37:53:22:8A:7F:92:99:67:1B:6F:66:29:5E:B9:98:3F:BD:2E:F1
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BA4F9304B3E0F0F4EC815C07A5BD6C309
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TjdTIop_kplnG29mKV65mD-9LvE.roa
Signing time: Mon 06 Nov 2023 14:11:15 +0000
ROA not before: Mon 06 Nov 2023 14:11:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a4:f9:30:4b:3e:0f:0f:4e:c8:15:c0:7a:5b:d6:c3:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 6 14:11:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e3753228a7f9299671b6f66295eb9983fbd2ef1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:8a:09:0e:40:ae:d0:3f:cc:7a:87:45:d7:db:
15:32:59:0d:76:b6:ad:53:df:14:68:d3:57:ea:95:
da:22:25:ba:40:6c:c1:0e:37:60:08:d7:fb:8e:70:
cb:54:20:65:6a:37:69:9e:f4:44:79:b2:2d:31:e3:
61:77:1b:37:2f:9e:2a:0e:a9:b9:28:dd:98:ac:1c:
a7:95:55:c2:d0:93:44:f6:d8:b6:5f:51:1c:d2:49:
f1:1f:3f:80:00:38:f5:f4:d2:cc:9e:70:95:f2:c8:
fa:40:30:80:42:7b:da:ad:b4:1a:2d:44:47:f9:34:
85:4e:f4:d1:da:ee:32:02:6f:a4:03:47:46:86:e0:
32:0d:1a:22:b8:47:2d:50:8f:72:c8:00:1c:d5:e9:
4b:6d:1a:5b:9f:74:78:d3:2a:3a:2e:92:0c:85:46:
c9:43:c9:67:dd:b3:2f:ce:9f:2e:78:a4:33:0a:ff:
77:9b:1f:66:e5:c3:bd:d1:22:44:2c:f9:e4:93:45:
3f:fc:e6:c2:1f:21:60:a5:3c:58:f9:b9:77:93:cb:
55:8c:e5:04:c7:00:77:d6:7c:ba:80:a0:28:c3:8c:
6e:12:71:77:6d:7a:13:82:04:be:1b:f3:6b:30:d7:
e1:b2:c4:cf:67:96:13:55:91:69:01:d9:b8:72:aa:
4f:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:37:53:22:8A:7F:92:99:67:1B:6F:66:29:5E:B9:98:3F:BD:2E:F1
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TjdTIop_kplnG29mKV65mD-9LvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1b:e4:53:0d:61:5b:55:eb:9a:8d:e9:a3:76:d9:e2:69:d1:a6:
75:2e:63:9a:6d:7e:8f:ae:03:21:36:c4:a3:72:27:30:ba:a7:
44:71:c6:fa:bb:d2:cb:7b:fa:db:85:aa:89:a3:68:e1:dd:fb:
40:f3:2a:60:a7:ca:32:c8:3c:ee:e8:e9:a2:6a:58:77:1b:69:
4c:d3:5a:54:ea:5d:83:5c:7b:dc:5f:6f:e8:30:83:ec:79:6a:
53:89:6b:c5:1f:33:b6:f7:af:2a:f7:2e:70:eb:5a:0c:f5:90:
7c:17:12:23:cb:85:33:ad:ec:7b:5a:b4:4a:a8:1b:95:b3:37:
45:1a:59:01:ff:a5:55:db:14:b1:67:53:93:d6:ae:35:92:c1:
c8:4c:44:4d:04:73:f9:2e:fb:92:f7:bd:5e:0a:55:6a:39:5d:
53:d6:51:7c:63:90:af:ae:69:54:e0:b8:e4:56:39:f2:57:53:
89:6b:8a:1c:1c:d5:f3:4c:43:bd:6f:36:ad:3e:ba:73:4a:0a:
f2:ea:58:c3:95:69:db:b2:ed:92:0f:be:35:e6:2c:62:b6:96:
dc:ef:80:a9:da:33:45:2a:b0:2e:97:d4:1b:50:56:f0:66:0b:
99:ce:e7:a1:0a:86:a5:58:7d:8f:9b:c7:ba:3e:f8:9b:c9:86:
6b:28:7d:ce
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuk+TBLPg8PTsgVwHpb1sMJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA2MTQxMTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTM3NTMyMjhhN2Y5Mjk5NjcxYjZmNjYyOTVlYjk5ODNmYmQyZWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYoJDkCu0D/MeodF19sVMlkNdrat
U98UaNNX6pXaIiW6QGzBDjdgCNf7jnDLVCBlajdpnvREebItMeNhdxs3L54qDqm5
KN2YrBynlVXC0JNE9ti2X1Ec0knxHz+AADj19NLMnnCV8sj6QDCAQnvarbQaLURH
+TSFTvTR2u4yAm+kA0dGhuAyDRoiuEctUI9yyAAc1elLbRpbn3R40yo6LpIMhUbJ
Q8ln3bMvzp8ueKQzCv93mx9m5cO90SJELPnkk0U//ObCHyFgpTxY+bl3k8tVjOUE
xwB31ny6gKAow4xuEnF3bXoTggS+G/NrMNfhssTPZ5YTVZFpAdm4cqpPwQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE43UyKKf5KZZxtvZileuZg/vS7xMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVGpkVElvcF9rcGxuRzI5bUtWNjVtRC05THZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABvkUw1hW1Xrmo3po3bZ
4mnRpnUuY5ptfo+uAyE2xKNyJzC6p0Rxxvq70st7+tuFqomjaOHd+0DzKmCnyjLI
PO7o6aJqWHcbaUzTWlTqXYNce9xfb+gwg+x5alOJa8UfM7b3ryr3LnDrWgz1kHwX
EiPLhTOt7HtatEqoG5WzN0UaWQH/pVXbFLFnU5PWrjWSwchMRE0Ec/ku+5L3vV4K
VWo5XVPWUXxjkK+uaVTguORWOfJXU4lrihwc1fNMQ71vNq0+unNKCvLqWMOVaduy
7ZIPvjXmLGK2ltzvgKnaM0UqsC6X1BtQVvBmC5nO56EKhqVYfY+bx7o++JvJhmso
fc4=
-----END CERTIFICATE-----
Generated at Sat May 10 13:17:20 2025 by rpki-client