Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/WzwPejivzzsKiawfQAlsSzfU9bQ.roa
File: WzwPejivzzsKiawfQAlsSzfU9bQ.roa (raw, json)
Hash identifier: Xb4uVNFRR8l1HkAGoml6uvZTb/6edH19ZjIeMUmbK0M=
Subject key identifier: 5B:3C:0F:7A:38:AF:CF:3B:0A:89:AC:1F:40:09:6C:4B:37:D4:F5:B4
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BBA36382FA760B83F90C938F6394E662B
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/WzwPejivzzsKiawfQAlsSzfU9bQ.roa
Signing time: Fri 10 Nov 2023 17:09:57 +0000
ROA not before: Fri 10 Nov 2023 17:09:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ba:36:38:2f:a7:60:b8:3f:90:c9:38:f6:39:4e:66:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 10 17:09:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5b3c0f7a38afcf3b0a89ac1f40096c4b37d4f5b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e9:19:ab:b5:7e:1a:00:c1:43:68:f1:72:11:
d2:fb:dd:88:7c:a8:12:6b:d0:4b:f7:33:7b:29:8d:
c4:fc:73:6a:33:04:eb:8b:bc:ea:85:60:35:8f:ea:
99:3a:53:04:54:7a:6d:dd:c6:fa:53:77:eb:49:a6:
3f:bc:2f:90:6a:75:3f:fe:1f:14:14:9d:c0:a0:36:
c6:4a:29:5e:7f:07:fb:0f:45:f8:cf:b1:c6:bf:dc:
de:b7:10:9f:8f:ca:d3:dd:6c:69:37:29:48:c2:5c:
8b:0e:5d:ad:2f:c8:b9:99:39:a5:52:51:41:06:b6:
bb:92:8d:44:98:ac:b7:52:c7:5a:7d:3c:a5:f4:d1:
cb:17:e3:4d:ec:68:9c:4c:7e:22:bf:73:3a:84:73:
c8:70:94:5d:18:5d:f5:5d:6b:f6:fd:52:0d:68:29:
55:ef:66:d7:ee:c4:66:69:f0:be:5e:46:e2:90:4d:
10:39:db:83:7e:fd:03:22:7d:72:7c:f5:bf:07:e5:
0e:0f:b4:b9:8d:94:44:66:48:2d:12:4f:ec:a6:a5:
69:4f:4c:7e:26:71:ee:66:e3:11:ec:f2:ab:ae:31:
e1:5f:9c:03:ce:f9:f7:1c:3f:28:63:f6:e8:28:1c:
94:8a:34:7e:e8:1e:43:8f:ee:6e:6b:51:e7:c3:84:
08:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:3C:0F:7A:38:AF:CF:3B:0A:89:AC:1F:40:09:6C:4B:37:D4:F5:B4
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/WzwPejivzzsKiawfQAlsSzfU9bQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0e:82:85:5e:34:0f:c2:e1:77:42:38:a4:b6:77:d6:91:b0:89:
f6:87:a1:fd:00:cd:33:df:2a:61:58:5c:7e:d2:19:3b:7f:d6:
17:e8:8e:fc:18:a6:8c:0a:06:25:78:8a:f9:da:76:6b:72:e1:
09:08:fc:46:82:91:59:04:e6:83:e6:fd:9f:ab:0b:d5:e4:23:
8d:eb:88:84:e5:cd:6b:76:5a:19:75:c0:f7:db:e9:70:87:de:
a4:c0:e5:39:35:b3:b4:be:16:cc:a7:a9:73:1b:8a:27:91:37:
5e:5f:ca:f5:5d:06:c0:48:43:2b:cf:a6:4f:e4:3a:cf:a8:ec:
01:8c:81:47:b3:45:13:01:60:ce:98:fb:45:dc:27:c1:03:33:
73:19:68:a9:33:bf:63:e6:34:96:5e:70:fe:cc:63:4d:13:75:
a1:3c:ab:27:63:a2:16:23:76:06:05:93:5a:61:5c:73:c6:38:
5f:bb:ab:99:79:b5:bf:83:6e:80:e8:6f:61:8f:15:d8:0e:af:
92:57:43:ef:31:82:c3:41:1e:ea:83:d7:57:75:42:ef:56:b7:
37:cd:ed:bc:0c:b9:45:07:4b:17:40:f4:b0:cb:bf:90:72:8f:
dc:be:f9:93:00:43:5b:17:53:3d:a5:d0:cd:89:dc:18:4c:61:
50:fe:7d:1f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYu6Njgvp2C4P5DJOPY5TmYrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTEwMTcwOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjNjMGY3YTM4YWZjZjNiMGE4OWFjMWY0MDA5NmM0YjM3ZDRmNWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+kZq7V+GgDBQ2jxchHS+92IfKgS
a9BL9zN7KY3E/HNqMwTri7zqhWA1j+qZOlMEVHpt3cb6U3frSaY/vC+QanU//h8U
FJ3AoDbGSilefwf7D0X4z7HGv9zetxCfj8rT3WxpNylIwlyLDl2tL8i5mTmlUlFB
Bra7ko1EmKy3UsdafTyl9NHLF+NN7GicTH4iv3M6hHPIcJRdGF31XWv2/VINaClV
72bX7sRmafC+XkbikE0QOduDfv0DIn1yfPW/B+UOD7S5jZREZkgtEk/spqVpT0x+
JnHuZuMR7PKrrjHhX5wDzvn3HD8oY/boKByUijR+6B5Dj+5ua1Hnw4QIQwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFs8D3o4r887ComsH0AJbEs31PW0MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvV3p3UGVqaXZ6enNLaWF3ZlFBbHNTemZVOWJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA6ChV40D8Lhd0I4pLZ3
1pGwifaHof0AzTPfKmFYXH7SGTt/1hfojvwYpowKBiV4ivnadmty4QkI/EaCkVkE
5oPm/Z+rC9XkI43riITlzWt2Whl1wPfb6XCH3qTA5Tk1s7S+FsynqXMbiieRN15f
yvVdBsBIQyvPpk/kOs+o7AGMgUezRRMBYM6Y+0XcJ8EDM3MZaKkzv2PmNJZecP7M
Y00TdaE8qydjohYjdgYFk1phXHPGOF+7q5l5tb+DboDob2GPFdgOr5JXQ+8xgsNB
HuqD11d1Qu9WtzfN7bwMuUUHSxdA9LDLv5Byj9y++ZMAQ1sXUz2l0M2J3BhMYVD+
fR8=
-----END CERTIFICATE-----
Generated at Thu May 15 10:14:26 2025 by rpki-client