Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/WhZTK4WMB2TcJNoqvPUjj0aLRwI.roa
File: WhZTK4WMB2TcJNoqvPUjj0aLRwI.roa (raw, json)
Hash identifier: 0b1ME8ibCUPjrMpVUPxHL/idJ0DqpiFxABst01jaO28=
Subject key identifier: 5A:16:53:2B:85:8C:07:64:DC:24:DA:2A:BC:F5:23:8F:46:8B:47:02
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B15D3FA7978FB8E6410E0B3FF90848364
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/WhZTK4WMB2TcJNoqvPUjj0aLRwI.roa
Signing time: Mon 09 Oct 2023 19:04:55 +0000
ROA not before: Mon 09 Oct 2023 19:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:15d3:55d5/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:15:d3:fa:79:78:fb:8e:64:10:e0:b3:ff:90:84:83:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 9 19:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5a16532b858c0764dc24da2abcf5238f468b4702
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:13:ae:0a:ea:6d:62:92:84:32:23:81:3c:b6:
0c:f2:e7:b0:2a:1f:74:f1:14:6b:a6:fa:31:b1:39:
c0:79:f3:76:b1:82:b1:35:06:14:59:7d:0a:d5:92:
a5:b3:d5:f5:0b:c7:25:f9:54:9c:58:e7:8d:7d:2a:
e5:7e:bb:25:b3:d9:b2:2d:84:a2:9c:e3:cb:d8:95:
b4:24:87:98:b9:42:1f:c3:26:e7:c8:6d:8c:de:b6:
33:4f:49:36:57:17:d4:83:88:41:cb:f3:ae:a7:34:
af:1b:8b:57:4a:f3:69:16:7b:22:ec:f6:d6:bd:db:
8e:00:72:85:23:b0:33:4d:7a:8b:68:68:31:a1:74:
66:c7:6c:cb:a6:d4:40:66:67:1c:78:20:42:db:f0:
24:71:7c:0f:d7:db:a2:ba:1b:2a:6a:b2:c9:92:51:
3b:da:b8:34:f5:91:20:1b:89:e3:00:b1:af:90:37:
22:27:5b:fc:bb:3b:f9:f6:6e:d5:96:4d:33:9f:04:
18:1a:2d:92:a4:74:5f:10:3e:db:6b:78:32:b5:7a:
a1:a4:a3:c4:5c:27:3f:68:c8:f4:52:37:41:a2:1f:
79:1c:9a:50:70:a2:ea:d6:a7:db:8e:18:e4:8b:94:
d9:cc:49:92:9b:b9:f3:3b:49:22:13:ad:91:af:b9:
e1:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:16:53:2B:85:8C:07:64:DC:24:DA:2A:BC:F5:23:8F:46:8B:47:02
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/WhZTK4WMB2TcJNoqvPUjj0aLRwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
76:1b:2d:6e:6e:d2:56:cc:fd:c9:67:a6:91:7b:89:91:a9:f9:
36:f6:53:7c:e7:e2:97:91:fc:67:cc:03:f3:0e:d9:fa:37:f5:
81:c7:39:d3:58:8b:55:f1:41:f3:ec:39:0f:f7:a9:b7:9e:25:
58:1a:e8:da:74:1c:0c:ba:b4:60:16:47:a0:72:14:b1:6f:67:
7b:7f:4a:8b:5f:6b:be:d6:c1:5c:a3:d5:08:5a:69:1d:76:b5:
18:ae:54:fe:19:40:1c:fe:db:d9:03:0a:9d:7c:19:35:42:2f:
22:2d:8a:53:7e:2c:cf:e5:bb:a2:10:c5:15:ab:27:69:94:8b:
a1:d5:b2:20:ad:a5:bd:1e:18:c0:34:c2:17:ba:7a:98:95:e2:
d4:98:6a:fb:3f:f5:cd:be:d2:d1:4d:c0:09:4f:ec:c9:a0:90:
da:2d:cf:56:bc:34:2c:cd:c3:dc:15:0f:87:10:b2:19:d8:0b:
c9:30:cc:09:9e:6b:5e:57:c8:0b:7b:f6:76:fd:4f:a5:59:73:
ba:75:a3:78:42:08:97:0a:f7:49:39:a1:d6:04:c8:bc:81:36:
20:ad:bd:69:1a:8b:88:88:35:17:2b:53:c6:43:51:a6:1f:2b:
02:52:ea:19:f7:50:e0:c4:1a:9c:cf:f0:01:93:1b:f7:fe:a8:
f5:f2:fe:45
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsV0/p5ePuOZBDgs/+QhINkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA5MTkwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTE2NTMyYjg1OGMwNzY0ZGMyNGRhMmFiY2Y1MjM4ZjQ2OGI0NzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBOuCuptYpKEMiOBPLYM8uewKh90
8RRrpvoxsTnAefN2sYKxNQYUWX0K1ZKls9X1C8cl+VScWOeNfSrlfrsls9myLYSi
nOPL2JW0JIeYuUIfwybnyG2M3rYzT0k2VxfUg4hBy/OupzSvG4tXSvNpFnsi7PbW
vduOAHKFI7AzTXqLaGgxoXRmx2zLptRAZmcceCBC2/AkcXwP19uiuhsqarLJklE7
2rg09ZEgG4njALGvkDciJ1v8uzv59m7Vlk0znwQYGi2SpHRfED7ba3gytXqhpKPE
XCc/aMj0UjdBoh95HJpQcKLq1qfbjhjki5TZzEmSm7nzO0kiE62Rr7nhIQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFoWUyuFjAdk3CTaKrz1I49Gi0cCMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvV2haVEs0V01CMlRjSk5vcXZQVWpqMGFMUndJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHYbLW5u0lbM/clnppF7
iZGp+Tb2U3zn4peR/GfMA/MO2fo39YHHOdNYi1XxQfPsOQ/3qbeeJVga6Np0HAy6
tGAWR6ByFLFvZ3t/Sotfa77WwVyj1QhaaR12tRiuVP4ZQBz+29kDCp18GTVCLyIt
ilN+LM/lu6IQxRWrJ2mUi6HVsiCtpb0eGMA0whe6epiV4tSYavs/9c2+0tFNwAlP
7MmgkNotz1a8NCzNw9wVD4cQshnYC8kwzAmea15XyAt79nb9T6VZc7p1o3hCCJcK
90k5odYEyLyBNiCtvWkai4iINRcrU8ZDUaYfKwJS6hn3UODEGpzP8AGTG/f+qPXy
/kU=
-----END CERTIFICATE-----
Generated at Mon May 12 16:09:48 2025 by rpki-client