Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ULGXlQrgx2C9kSus-2QMS4PXRmo.roa
File: ULGXlQrgx2C9kSus-2QMS4PXRmo.roa (raw, json)
Hash identifier: eZr8UXU0PLH4BHboI8S8XGnzvotPO/1y1fHV/NVs8wc=
Subject key identifier: 50:B1:97:95:0A:E0:C7:60:BD:91:2B:AC:FB:64:0C:4B:83:D7:46:6A
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BA158D75BF564ED76B15829C006304382
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ULGXlQrgx2C9kSus-2QMS4PXRmo.roa
Signing time: Sun 05 Nov 2023 21:17:15 +0000
ROA not before: Sun 05 Nov 2023 21:17:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a1:58:d7:5b:f5:64:ed:76:b1:58:29:c0:06:30:43:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 5 21:17:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=50b197950ae0c760bd912bacfb640c4b83d7466a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:5b:2d:1e:7a:1c:c3:3d:20:c6:86:77:70:42:
7f:e0:da:c7:cd:e2:6f:51:54:b8:91:f8:9c:8f:87:
a9:73:2c:66:94:ac:13:87:fc:d8:9d:2a:d6:ab:f0:
d8:b8:f1:04:ff:ab:da:c1:19:b9:0d:39:98:dc:3a:
92:62:d8:71:79:f0:be:17:60:d4:64:5d:5f:0b:b0:
ce:44:25:9c:29:aa:be:e6:55:92:94:e4:9d:bc:00:
83:b1:e6:57:0a:fe:32:81:46:9a:d9:39:52:eb:fb:
8e:5e:cd:99:34:fa:7c:d3:0f:00:3d:72:a9:9b:b9:
f1:3b:10:c3:89:8e:73:48:9a:f2:12:d3:ff:08:78:
38:09:d7:e8:c3:3f:2c:5b:09:3b:6b:4d:f5:0e:7e:
76:ff:2d:3e:e1:80:d3:74:4f:cd:06:21:4b:f0:03:
81:74:84:dc:40:1c:07:e2:cc:5c:6e:2a:8d:0e:22:
6f:ff:83:4c:fe:84:df:bf:d5:f5:31:a9:1f:ea:46:
69:27:c0:a1:5b:e7:91:7c:85:32:ab:cf:96:21:44:
46:99:43:b6:6b:93:11:61:03:aa:f3:6d:16:17:c9:
44:41:20:57:06:eb:69:5a:ef:d7:b2:86:8f:f0:a0:
9a:f5:71:fb:93:3d:a2:29:1a:aa:ab:14:4c:94:87:
ab:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:B1:97:95:0A:E0:C7:60:BD:91:2B:AC:FB:64:0C:4B:83:D7:46:6A
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ULGXlQrgx2C9kSus-2QMS4PXRmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
45:0a:c0:20:5a:26:a8:12:3f:25:52:7a:84:52:6d:85:76:8d:
c2:e4:a4:a3:71:ff:80:38:fe:b4:0c:37:62:14:c8:4a:92:19:
01:3b:32:6f:ad:04:bb:bd:77:50:6c:99:28:ed:46:c6:fc:25:
1c:89:5a:4b:70:ca:a0:76:32:99:fb:9b:56:80:29:57:8c:fc:
70:5e:8c:75:15:e1:4b:af:ba:6e:13:60:58:14:13:16:6e:74:
b6:3d:84:16:e5:33:a5:a2:ec:08:de:9f:1a:a3:d9:fa:42:13:
9e:e7:88:20:31:11:97:ef:80:a6:48:87:3f:c1:10:76:25:a6:
2c:66:f5:62:5c:d5:92:a8:47:5c:34:1b:b5:23:3e:c9:22:ca:
a3:27:19:2e:41:a8:e9:ca:7c:9e:53:62:9b:9c:9a:c5:69:8f:
aa:fa:06:ea:0c:00:52:cd:31:02:2a:89:4f:6d:dd:8e:ac:1d:
8e:16:43:ee:42:5b:1c:8f:81:5f:3b:1d:d1:a8:c7:75:c7:53:
dc:25:4b:c6:1c:02:bf:9e:59:75:ef:18:b7:7f:92:10:f6:27:
fc:4a:e3:d1:74:f8:d9:74:f1:98:51:99:b6:be:ae:12:62:c6:
15:e7:b7:58:ac:85:e1:00:72:92:4f:13:0e:50:0f:48:32:51:
fe:5a:fa:18
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuhWNdb9WTtdrFYKcAGMEOCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA1MjExNzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGIxOTc5NTBhZTBjNzYwYmQ5MTJiYWNmYjY0MGM0YjgzZDc0NjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFstHnocwz0gxoZ3cEJ/4NrHzeJv
UVS4kficj4epcyxmlKwTh/zYnSrWq/DYuPEE/6vawRm5DTmY3DqSYthxefC+F2DU
ZF1fC7DORCWcKaq+5lWSlOSdvACDseZXCv4ygUaa2TlS6/uOXs2ZNPp80w8APXKp
m7nxOxDDiY5zSJryEtP/CHg4Cdfowz8sWwk7a031Dn52/y0+4YDTdE/NBiFL8AOB
dITcQBwH4sxcbiqNDiJv/4NM/oTfv9X1Makf6kZpJ8ChW+eRfIUyq8+WIURGmUO2
a5MRYQOq820WF8lEQSBXButpWu/XsoaP8KCa9XH7kz2iKRqqqxRMlIerVwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFCxl5UK4MdgvZErrPtkDEuD10ZqMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVUxHWGxRcmd4MkM5a1N1cy0yUU1TNFBYUm1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEUKwCBaJqgSPyVSeoRS
bYV2jcLkpKNx/4A4/rQMN2IUyEqSGQE7Mm+tBLu9d1BsmSjtRsb8JRyJWktwyqB2
Mpn7m1aAKVeM/HBejHUV4Uuvum4TYFgUExZudLY9hBblM6Wi7Ajenxqj2fpCE57n
iCAxEZfvgKZIhz/BEHYlpixm9WJc1ZKoR1w0G7UjPskiyqMnGS5BqOnKfJ5TYpuc
msVpj6r6BuoMAFLNMQIqiU9t3Y6sHY4WQ+5CWxyPgV87HdGox3XHU9wlS8YcAr+e
WXXvGLd/khD2J/xK49F0+Nl08ZhRmba+rhJixhXnt1isheEAcpJPEw5QD0gyUf5a
+hg=
-----END CERTIFICATE-----
Generated at Mon May 12 23:20:45 2025 by rpki-client