Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/WsT1DFgb_hszNwTyfYZrbrNccyE.roa
File: WsT1DFgb_hszNwTyfYZrbrNccyE.roa (raw, json)
Hash identifier: mjSW+UrjFq3qAL8NBE2LBNfUOkrSYrNXhH0g8kA1DBU=
Subject key identifier: 5A:C4:F5:0C:58:1B:FE:1B:33:37:04:F2:7D:86:6B:6E:B3:5C:73:21
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AC6087333D492E2D570875BFD461168D9
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/WsT1DFgb_hszNwTyfYZrbrNccyE.roa
Signing time: Sun 24 Sep 2023 07:12:37 +0000
ROA not before: Sun 24 Sep 2023 07:12:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c6:08:73:33:d4:92:e2:d5:70:87:5b:fd:46:11:68:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 24 07:12:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ac4f50c581bfe1b333704f27d866b6eb35c7321
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:96:ae:21:df:d1:31:af:90:7f:cc:29:66:32:
13:f5:f1:e6:d9:c2:2d:12:34:23:af:40:7d:73:6d:
83:35:75:ce:44:e1:32:b3:49:b9:0e:5d:ba:5e:ca:
7a:dd:13:0c:e4:06:e5:be:00:f2:5a:6a:18:7e:74:
d8:e4:23:ff:57:90:ef:6d:2e:d8:78:4f:bd:c7:4a:
cf:cd:83:4b:c9:b3:4c:75:0c:20:8b:67:d3:88:96:
44:e1:fc:ae:99:18:15:e2:e9:75:9b:d4:d0:d9:50:
d3:05:dd:5d:35:01:56:b6:d9:87:38:85:19:20:22:
72:de:b3:36:d6:4f:9c:52:e6:50:57:94:a3:60:ef:
4b:51:48:cd:20:42:82:03:6d:4d:5c:c2:89:e1:99:
5e:4b:eb:b5:f8:df:59:bc:4a:ca:d0:2b:d9:e2:32:
2b:39:92:02:50:ca:f1:02:a0:f1:21:b9:e5:15:68:
3c:7c:37:13:94:8b:04:3e:2e:cf:5b:9a:49:05:bc:
5c:e8:57:04:e1:b6:c1:fe:49:7e:d4:2a:51:c9:aa:
b8:9a:af:1f:90:5c:8d:4e:7e:7e:43:cb:ad:d1:f3:
3b:10:85:82:30:0c:5c:13:bb:bd:a4:e3:52:39:ca:
47:9e:8a:db:2d:41:55:9e:54:92:d2:bb:53:7f:94:
37:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:C4:F5:0C:58:1B:FE:1B:33:37:04:F2:7D:86:6B:6E:B3:5C:73:21
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/WsT1DFgb_hszNwTyfYZrbrNccyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
20:c3:67:3e:eb:54:5a:50:f9:fe:f9:f2:f8:0a:77:ab:bb:47:
7a:9f:f7:90:83:d4:b8:fb:10:e1:38:0e:a3:c3:b8:b7:ec:32:
b6:e1:ff:3a:3b:54:83:9f:7a:12:0c:93:20:4c:93:f1:4c:c0:
6f:0b:6f:f7:73:f3:24:a0:3a:4b:94:e0:99:ea:86:af:cb:ea:
93:37:cd:47:50:66:b8:7d:51:07:b6:28:59:73:0a:30:b1:a0:
b1:a9:da:e5:86:52:59:2f:5e:de:92:87:35:c6:0a:14:b6:74:
6c:49:2b:b7:1c:37:5e:f0:02:26:6d:4d:01:70:c4:32:ed:92:
48:67:68:8e:ab:d6:a1:6e:d8:df:f5:fb:4e:bf:3a:f7:a0:83:
83:6d:ad:34:e4:3d:53:e9:66:a4:81:b5:d4:48:e7:bb:c8:7e:
7a:b5:e5:58:5a:8c:a5:bc:ef:15:9f:ec:01:2b:a1:31:6f:10:
45:bc:58:cf:76:d7:61:6f:32:22:97:54:b4:8b:2e:3d:fb:f7:
85:b8:0c:fd:22:90:f2:c1:be:71:3e:cf:ae:cc:2a:10:1f:2b:
e3:b3:8b:71:91:38:f7:99:f5:2e:cc:59:2e:af:fe:37:8d:63:
22:f1:ef:70:44:84:72:37:fe:2f:00:31:8f:97:96:92:55:0c:
78:3d:03:72
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrGCHMz1JLi1XCHW/1GEWjZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI0MDcxMjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWM0ZjUwYzU4MWJmZTFiMzMzNzA0ZjI3ZDg2NmI2ZWIzNWM3MzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJauId/RMa+Qf8wpZjIT9fHm2cIt
EjQjr0B9c22DNXXOROEys0m5Dl26Xsp63RMM5AblvgDyWmoYfnTY5CP/V5DvbS7Y
eE+9x0rPzYNLybNMdQwgi2fTiJZE4fyumRgV4ul1m9TQ2VDTBd1dNQFWttmHOIUZ
ICJy3rM21k+cUuZQV5SjYO9LUUjNIEKCA21NXMKJ4ZleS+u1+N9ZvErK0CvZ4jIr
OZICUMrxAqDxIbnlFWg8fDcTlIsEPi7PW5pJBbxc6FcE4bbB/kl+1CpRyaq4mq8f
kFyNTn5+Q8ut0fM7EIWCMAxcE7u9pONSOcpHnorbLUFVnlSS0rtTf5Q3JwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFrE9QxYG/4bMzcE8n2Ga26zXHMhMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvV3NUMURGZ2JfaHN6TndUeWZZWnJick5jY3lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACDDZz7rVFpQ+f758vgK
d6u7R3qf95CD1Lj7EOE4DqPDuLfsMrbh/zo7VIOfehIMkyBMk/FMwG8Lb/dz8ySg
OkuU4Jnqhq/L6pM3zUdQZrh9UQe2KFlzCjCxoLGp2uWGUlkvXt6ShzXGChS2dGxJ
K7ccN17wAiZtTQFwxDLtkkhnaI6r1qFu2N/1+06/Ovegg4NtrTTkPVPpZqSBtdRI
57vIfnq15VhajKW87xWf7AEroTFvEEW8WM9212FvMiKXVLSLLj3794W4DP0ikPLB
vnE+z67MKhAfK+Ozi3GROPeZ9S7MWS6v/jeNYyLx73BEhHI3/i8AMY+XlpJVDHg9
A3I=
-----END CERTIFICATE-----
Generated at Mon May 12 18:38:51 2025 by rpki-client