Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Wz0QDwyhq_FeHvwOpwpGwW5FSoA.roa
File: Wz0QDwyhq_FeHvwOpwpGwW5FSoA.roa (raw, json)
Hash identifier: wIVzyyuDukac4O4ve0Zb2PoSQMAzdompZ+caIxdPDKo=
Subject key identifier: 5B:3D:10:0F:0C:A1:AB:F1:5E:1E:FC:0E:A7:0A:46:C1:6E:45:4A:80
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C2F90B3E5B444EBEC023E62003F753157
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Wz0QDwyhq_FeHvwOpwpGwW5FSoA.roa
Signing time: Sun 03 Dec 2023 12:04:21 +0000
ROA not before: Sun 03 Dec 2023 12:04:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
2001:67c:64:ffff:0:18c:2f90:94f3/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2f:90:b3:e5:b4:44:eb:ec:02:3e:62:00:3f:75:31:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 3 12:04:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5b3d100f0ca1abf15e1efc0ea70a46c16e454a80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:51:42:3e:a1:39:52:12:7c:b2:0d:8c:ff:bf:
c2:5e:fc:fd:06:1a:1d:0b:8a:ac:c5:cb:af:e5:91:
63:e9:01:c3:29:08:85:f1:b1:b9:30:84:44:87:bb:
61:6f:cd:69:4a:a8:22:b5:50:93:9d:b9:e4:50:cc:
d3:86:9a:f6:10:8e:a9:25:79:71:e4:2e:72:f8:3c:
90:6f:b9:21:a1:be:cd:f2:bb:5c:b8:25:69:7e:31:
df:46:9c:07:9b:ce:84:30:34:1f:38:9f:21:fb:37:
de:15:8c:4c:0b:86:ff:4f:53:b6:a2:d1:31:a6:a2:
20:50:a8:d3:20:16:24:11:07:b9:f2:b1:d3:c9:2f:
df:42:32:62:58:ad:34:6a:86:1f:3c:75:e8:d5:77:
da:2e:d7:5c:0a:52:ba:a1:e4:ce:34:8f:86:c7:94:
c8:94:b1:4e:3e:92:20:04:ae:8c:dd:10:17:48:d8:
d4:07:5a:56:aa:cc:77:be:e6:61:b5:4a:1b:1e:77:
c8:99:17:47:50:1c:1b:50:ca:20:68:8d:db:f2:33:
4d:d6:12:6c:18:ee:1f:1b:9c:9a:fc:ed:9e:b7:dd:
00:44:00:79:6e:6c:b8:58:05:bb:15:00:8e:f8:a1:
01:1f:85:0a:5a:b4:e3:7c:47:25:28:47:e8:0e:11:
3a:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:3D:10:0F:0C:A1:AB:F1:5E:1E:FC:0E:A7:0A:46:C1:6E:45:4A:80
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Wz0QDwyhq_FeHvwOpwpGwW5FSoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c6:f9:9e:d0:95:c1:3a:11:4c:eb:74:c1:36:b8:60:b7:b9:c0:
6f:e4:8d:51:46:81:1e:22:34:f4:2f:66:5b:c5:13:0a:9d:09:
86:a7:ad:82:db:35:cd:5f:d1:fe:07:5b:bd:f3:c0:e3:1d:93:
17:da:66:9d:8d:8d:41:92:be:49:91:b5:7d:d2:8c:b3:62:49:
ae:06:1b:f3:4e:63:9e:5a:8f:4c:1d:43:d7:43:ca:d3:1d:73:
b4:4e:3e:79:6b:85:d4:d0:52:2b:26:2d:3b:09:7d:48:bc:78:
1d:49:8a:15:b9:29:f0:27:6f:00:74:5c:f3:f5:bb:e5:9e:de:
ba:cb:16:36:49:22:4c:01:e2:78:01:bf:cc:0a:55:c1:50:d8:
91:5e:81:a8:59:93:7e:d4:73:87:28:54:23:8f:28:8a:b9:05:
cd:c2:63:1b:4a:69:94:1c:27:f4:94:fb:c4:81:f7:53:c3:6c:
1e:ff:db:de:7c:9d:95:7c:7e:d3:f0:18:13:12:b0:ab:89:8b:
40:6a:db:45:1d:33:de:27:f0:53:a8:74:51:fe:51:ec:b1:56:
32:de:c6:a6:00:c3:e7:48:b3:08:96:fc:e1:b5:26:2e:ea:34:
97:48:3e:2a:c1:a4:af:77:07:58:28:c7:27:c3:24:bd:c1:f7:
c2:18:16:0f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwvkLPltETr7AI+YgA/dTFXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjAzMTIwNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjNkMTAwZjBjYTFhYmYxNWUxZWZjMGVhNzBhNDZjMTZlNDU0YTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFFCPqE5UhJ8sg2M/7/CXvz9Bhod
C4qsxcuv5ZFj6QHDKQiF8bG5MIREh7thb81pSqgitVCTnbnkUMzThpr2EI6pJXlx
5C5y+DyQb7khob7N8rtcuCVpfjHfRpwHm86EMDQfOJ8h+zfeFYxMC4b/T1O2otEx
pqIgUKjTIBYkEQe58rHTyS/fQjJiWK00aoYfPHXo1XfaLtdcClK6oeTONI+Gx5TI
lLFOPpIgBK6M3RAXSNjUB1pWqsx3vuZhtUobHnfImRdHUBwbUMogaI3b8jNN1hJs
GO4fG5ya/O2et90ARAB5bmy4WAW7FQCO+KEBH4UKWrTjfEclKEfoDhE6ewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFs9EA8MoavxXh78DqcKRsFuRUqAMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvV3owUUR3eWhxX0ZlSHZ3T3B3cEd3VzVGU29BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMb5ntCVwToRTOt0wTa4
YLe5wG/kjVFGgR4iNPQvZlvFEwqdCYanrYLbNc1f0f4HW73zwOMdkxfaZp2NjUGS
vkmRtX3SjLNiSa4GG/NOY55aj0wdQ9dDytMdc7ROPnlrhdTQUismLTsJfUi8eB1J
ihW5KfAnbwB0XPP1u+We3rrLFjZJIkwB4ngBv8wKVcFQ2JFegahZk37Uc4coVCOP
KIq5Bc3CYxtKaZQcJ/SU+8SB91PDbB7/2958nZV8ftPwGBMSsKuJi0Bq20UdM94n
8FOodFH+UeyxVjLexqYAw+dIswiW/OG1Ji7qNJdIPirBpK93B1goxyfDJL3B98IY
Fg8=
-----END CERTIFICATE-----
Generated at Sun May 11 17:09:36 2025 by rpki-client