Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/aDfLaeOLF3OZTMRmpkyWgAkTV5Y.roa
File: aDfLaeOLF3OZTMRmpkyWgAkTV5Y.roa (raw, json)
Hash identifier: JSc9ZKqu+/ZIJPmj6fzFeJoyVQ9SnA3Xd1I7m6qoWAw=
Subject key identifier: 68:37:CB:69:E3:8B:17:73:99:4C:C4:66:A6:4C:96:80:09:13:57:96
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B5E9134D432D5907712A3BEFA81C87FDE
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/aDfLaeOLF3OZTMRmpkyWgAkTV5Y.roa
Signing time: Mon 23 Oct 2023 22:04:16 +0000
ROA not before: Mon 23 Oct 2023 22:04:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:5e91:2b70/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:5e:91:34:d4:32:d5:90:77:12:a3:be:fa:81:c8:7f:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 23 22:04:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6837cb69e38b1773994cc466a64c968009135796
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:b4:24:3f:47:4f:76:d4:05:e2:ce:b5:7e:38:
96:e4:c4:a9:ea:7e:cb:49:9e:42:71:9c:7c:48:66:
af:ea:fc:98:f0:fd:3f:56:59:78:33:36:09:bc:19:
08:44:5c:f7:00:73:fd:c9:66:b4:c3:f2:a6:f7:d8:
7e:92:7d:d5:f9:98:15:d9:d9:dd:b0:39:7a:15:e7:
87:43:28:5d:01:f5:b5:79:0d:00:43:3f:c0:b2:28:
2d:77:96:4f:fc:d3:29:e2:07:1e:b6:62:3e:c4:33:
ce:ab:9d:de:0c:a9:e8:69:8c:50:60:31:6b:5d:cb:
f0:27:9d:4a:0f:43:42:03:24:66:dd:72:ff:ed:08:
ab:bb:b7:80:1d:bb:f9:a5:d5:13:6e:0c:15:43:1f:
67:53:9e:28:3f:a7:5f:8c:a7:31:a3:9f:3b:63:92:
63:96:36:57:78:fb:0f:a3:3d:77:a4:17:10:9b:60:
af:7d:ab:bd:41:e3:44:ca:ba:d7:78:90:cd:c8:15:
2b:0f:f9:21:f1:79:a7:0e:6f:98:53:9f:80:eb:83:
40:c1:a2:1b:7a:3d:3e:d8:a4:ac:11:2e:17:33:58:
ee:81:3c:aa:04:c6:d1:0b:e8:03:10:19:c0:7f:3c:
54:ff:eb:61:c6:0d:1c:ce:15:94:e2:46:54:e0:99:
a2:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:37:CB:69:E3:8B:17:73:99:4C:C4:66:A6:4C:96:80:09:13:57:96
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/aDfLaeOLF3OZTMRmpkyWgAkTV5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9a:e1:f9:c4:9d:aa:1c:46:ab:a7:f3:65:03:e9:fc:4b:44:6b:
9d:48:ec:2b:c1:82:c8:cb:e3:a0:46:8c:94:c6:48:71:ad:d5:
db:12:87:cf:ab:02:1b:e0:75:06:50:cf:c6:3a:9c:f8:d0:42:
ee:5a:8b:37:5d:eb:19:33:70:9e:58:2b:45:d8:d4:fd:25:c3:
7b:cb:8b:ff:4d:ad:fb:f7:44:d6:21:65:67:bb:f0:e5:69:37:
02:db:d1:a0:8c:b4:40:bc:45:ee:b0:08:47:ea:5b:07:37:90:
d4:51:ca:35:83:8a:34:c9:13:35:b5:69:85:c0:05:79:95:23:
87:47:47:8c:78:30:e9:86:65:53:50:40:09:a1:c3:de:1a:35:
7c:83:95:42:42:7b:79:7f:3e:8a:3f:cf:a1:f2:62:67:df:ca:
a3:bd:6e:18:be:87:2e:17:c7:3b:c6:45:3c:d5:d0:86:84:e4:
92:b1:8e:a8:34:d2:ff:94:b7:df:a4:56:a2:39:e4:79:8c:da:
d6:27:75:c6:4e:3d:a9:35:3a:54:da:ab:c3:bb:ef:27:17:71:
8a:ea:73:40:64:17:e5:11:8c:04:41:ef:5c:9c:3a:80:6d:23:
33:c4:6a:f1:b4:ba:3a:fb:ff:ab:a6:6c:f1:c2:49:db:8f:18:
76:7a:41:14
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtekTTUMtWQdxKjvvqByH/eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIzMjIwNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODM3Y2I2OWUzOGIxNzczOTk0Y2M0NjZhNjRjOTY4MDA5MTM1Nzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbQkP0dPdtQF4s61fjiW5MSp6n7L
SZ5CcZx8SGav6vyY8P0/Vll4MzYJvBkIRFz3AHP9yWa0w/Km99h+kn3V+ZgV2dnd
sDl6FeeHQyhdAfW1eQ0AQz/Asigtd5ZP/NMp4gcetmI+xDPOq53eDKnoaYxQYDFr
XcvwJ51KD0NCAyRm3XL/7Qiru7eAHbv5pdUTbgwVQx9nU54oP6dfjKcxo587Y5Jj
ljZXePsPoz13pBcQm2Cvfau9QeNEyrrXeJDNyBUrD/kh8XmnDm+YU5+A64NAwaIb
ej0+2KSsES4XM1jugTyqBMbRC+gDEBnAfzxU/+thxg0czhWU4kZU4Jmi9QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGg3y2njixdzmUzEZqZMloAJE1eWMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYURmTGFlT0xGM09aVE1SbXBreVdnQWtUVjVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJrh+cSdqhxGq6fzZQPp
/EtEa51I7CvBgsjL46BGjJTGSHGt1dsSh8+rAhvgdQZQz8Y6nPjQQu5aizdd6xkz
cJ5YK0XY1P0lw3vLi/9Nrfv3RNYhZWe78OVpNwLb0aCMtEC8Re6wCEfqWwc3kNRR
yjWDijTJEzW1aYXABXmVI4dHR4x4MOmGZVNQQAmhw94aNXyDlUJCe3l/Poo/z6Hy
YmffyqO9bhi+hy4XxzvGRTzV0IaE5JKxjqg00v+Ut9+kVqI55HmM2tYndcZOPak1
OlTaq8O77ycXcYrqc0BkF+URjARB71ycOoBtIzPEavG0ujr7/6umbPHCSduPGHZ6
QRQ=
-----END CERTIFICATE-----
Generated at Mon May 12 04:09:48 2025 by rpki-client