Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TuHz7O5YukIEipLDhI9oj6KlyO4.roa
File: TuHz7O5YukIEipLDhI9oj6KlyO4.roa (raw, json)
Hash identifier: pHcBdpnjB2TBDO+O9Q9wGX1cVbI5jUN735NENHRGNp4=
Subject key identifier: 4E:E1:F3:EC:EE:58:BA:42:04:8A:92:C3:84:8F:68:8F:A2:A5:C8:EE
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B246B55BD250D3104B118F603CE3534E6
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TuHz7O5YukIEipLDhI9oj6KlyO4.roa
Signing time: Thu 12 Oct 2023 15:04:55 +0000
ROA not before: Thu 12 Oct 2023 15:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:246b:3f44/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:24:6b:55:bd:25:0d:31:04:b1:18:f6:03:ce:35:34:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 12 15:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ee1f3ecee58ba42048a92c3848f688fa2a5c8ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:fa:b3:82:e1:9f:50:fe:6b:7a:57:7a:5c:2f:
9d:d1:59:ec:5b:be:9b:a1:65:18:83:d2:dd:3a:a8:
ad:aa:c2:d0:a9:c5:36:ab:c9:51:6e:26:f7:55:af:
fa:69:2b:85:7b:63:1f:e8:50:88:6d:a1:e0:52:0e:
71:c7:c0:95:e2:07:ea:a8:b1:fa:f3:da:1b:dd:b3:
de:f3:00:fb:9e:91:af:7b:a6:c9:f7:20:6f:34:72:
0b:09:c3:e7:c5:30:ee:3f:f3:bd:63:4a:db:4d:83:
db:8f:5e:02:a6:a0:00:25:be:0b:c3:60:ff:2a:bc:
43:25:82:4f:66:ea:fa:2b:f0:2b:d6:0a:81:2d:6f:
8f:28:8b:be:58:a5:9a:18:0d:d2:95:cc:b0:5d:a1:
0a:54:64:21:7f:ae:e1:eb:c1:22:20:ea:05:33:d4:
bb:ce:68:96:2d:3b:8c:4e:84:8d:2b:35:19:2a:90:
19:06:cd:18:51:dd:54:5b:2f:bf:d0:97:41:c4:a8:
e1:99:53:13:16:60:dd:be:6c:68:a0:3b:e8:e6:be:
7a:b9:83:e8:b4:30:98:63:b1:62:45:c5:62:4a:50:
71:17:8a:7d:91:2d:83:4b:88:44:d8:20:ef:bd:8d:
d0:f5:d0:15:a9:4b:5a:6e:f6:29:01:0d:3c:ba:d5:
22:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:E1:F3:EC:EE:58:BA:42:04:8A:92:C3:84:8F:68:8F:A2:A5:C8:EE
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TuHz7O5YukIEipLDhI9oj6KlyO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
65:6d:3e:3e:21:26:e1:42:01:7a:73:7d:97:8c:33:72:30:9d:
dd:2d:21:c6:56:e0:c0:66:4d:8d:31:25:db:ca:51:a5:da:25:
43:1d:e1:49:28:d2:46:b0:0c:59:04:39:34:41:7d:32:79:32:
fb:4a:1c:b6:c6:ab:97:c3:7d:54:a7:79:c3:9d:b4:67:e9:67:
0b:57:18:43:b5:7e:f7:ea:ac:58:5e:c8:7e:d0:db:c3:32:83:
24:f1:a1:a6:09:c8:84:be:b4:32:27:3d:68:92:52:d4:0f:c2:
6a:09:2e:70:aa:75:d6:eb:a9:d9:c6:f5:42:25:31:46:59:76:
93:36:43:42:20:5a:23:7b:42:99:f1:23:95:2c:44:25:6b:70:
e1:94:bb:43:8b:07:79:24:18:c6:6d:c4:2f:f0:4d:19:a1:5a:
92:f0:8b:b4:51:80:68:11:6f:49:b6:c5:b7:16:ca:cd:46:1b:
34:59:b8:72:9b:56:24:4a:ed:88:d1:61:bf:27:da:62:c9:f5:
2a:47:e5:cb:67:9c:eb:4e:03:aa:11:f8:25:f9:67:c4:ab:84:
85:63:d4:d5:b1:94:8a:ea:3b:24:87:6f:a9:ee:65:30:8d:aa:
b7:85:2f:02:a9:32:1e:b1:95:ba:a0:a0:a0:c3:81:70:73:5a:
ae:6d:a8:75
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYska1W9JQ0xBLEY9gPONTTmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDEyMTUwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWUxZjNlY2VlNThiYTQyMDQ4YTkyYzM4NDhmNjg4ZmEyYTVjOGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPqzguGfUP5reld6XC+d0VnsW76b
oWUYg9LdOqitqsLQqcU2q8lRbib3Va/6aSuFe2Mf6FCIbaHgUg5xx8CV4gfqqLH6
89ob3bPe8wD7npGve6bJ9yBvNHILCcPnxTDuP/O9Y0rbTYPbj14CpqAAJb4Lw2D/
KrxDJYJPZur6K/Ar1gqBLW+PKIu+WKWaGA3SlcywXaEKVGQhf67h68EiIOoFM9S7
zmiWLTuMToSNKzUZKpAZBs0YUd1UWy+/0JdBxKjhmVMTFmDdvmxooDvo5r56uYPo
tDCYY7FiRcViSlBxF4p9kS2DS4hE2CDvvY3Q9dAVqUtabvYpAQ08utUiFQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE7h8+zuWLpCBIqSw4SPaI+ipcjuMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVHVIejdPNVl1a0lFaXBMRGhJOW9qNktseU80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGVtPj4hJuFCAXpzfZeM
M3Iwnd0tIcZW4MBmTY0xJdvKUaXaJUMd4Uko0kawDFkEOTRBfTJ5MvtKHLbGq5fD
fVSnecOdtGfpZwtXGEO1fvfqrFheyH7Q28MygyTxoaYJyIS+tDInPWiSUtQPwmoJ
LnCqddbrqdnG9UIlMUZZdpM2Q0IgWiN7QpnxI5UsRCVrcOGUu0OLB3kkGMZtxC/w
TRmhWpLwi7RRgGgRb0m2xbcWys1GGzRZuHKbViRK7YjRYb8n2mLJ9SpH5ctnnOtO
A6oR+CX5Z8SrhIVj1NWxlIrqOySHb6nuZTCNqreFLwKpMh6xlbqgoKDDgXBzWq5t
qHU=
-----END CERTIFICATE-----
Generated at Mon May 12 22:45:28 2025 by rpki-client