Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/aVqjGIejbXQk1bLSzaY8VtZjJaQ.roa
File: aVqjGIejbXQk1bLSzaY8VtZjJaQ.roa (raw, json)
Hash identifier: uDj1TElkX94Ix8E4sC6MdXvJ0R7+aMvwZikgLRnLy5U=
Subject key identifier: 69:5A:A3:18:87:A3:6D:74:24:D5:B2:D2:CD:A6:3C:56:D6:63:25:A4
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C653CB3CB1FB8E3296EBE90903E35E039
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/aVqjGIejbXQk1bLSzaY8VtZjJaQ.roa
Signing time: Wed 13 Dec 2023 22:12:06 +0000
ROA not before: Wed 13 Dec 2023 22:12:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:65:3c:b3:cb:1f:b8:e3:29:6e:be:90:90:3e:35:e0:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 13 22:12:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=695aa31887a36d7424d5b2d2cda63c56d66325a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:4e:45:b2:00:8b:54:d5:d5:90:18:5b:47:c3:
f4:12:71:a3:64:3a:a1:ab:a3:ac:bf:6e:5d:19:68:
9c:79:c9:32:19:9e:02:40:bb:ee:70:29:13:e2:4c:
d7:13:53:24:ef:f3:7b:95:4a:9e:05:6e:ec:58:bf:
06:22:fb:3e:26:4f:e9:5a:92:45:5c:88:32:8d:c8:
5e:55:70:e2:1f:13:aa:02:d5:2c:b8:85:fc:f9:8e:
eb:be:c7:15:6c:e7:67:82:88:50:a1:3e:91:fe:3b:
d8:02:42:f2:be:54:4e:0b:e9:c7:46:30:6b:0e:73:
da:69:eb:ac:e9:3e:71:5f:c4:cb:76:73:31:e4:af:
32:61:30:15:2b:e5:a7:6f:c5:cf:e3:56:e7:b9:00:
65:99:9d:50:70:52:80:67:45:e8:e8:ca:05:dc:bb:
f7:6e:db:a5:e2:8e:82:89:30:07:b6:00:51:a5:f6:
59:be:04:48:ec:db:b5:e7:18:e9:f0:8c:59:11:ee:
97:fd:50:f3:75:9c:ff:ee:3f:54:13:c4:1f:e6:8d:
cc:40:1b:1b:36:bd:d8:79:67:17:ac:5f:6f:e7:6f:
b4:0b:f0:63:fa:1b:ed:4a:ca:8c:52:07:5a:13:aa:
19:b8:16:a6:5f:d8:d7:5b:82:8c:11:20:b1:c7:2c:
32:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:5A:A3:18:87:A3:6D:74:24:D5:B2:D2:CD:A6:3C:56:D6:63:25:A4
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/aVqjGIejbXQk1bLSzaY8VtZjJaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2a:1b:ba:ac:7d:b2:b3:42:44:0d:76:15:ad:71:4e:49:85:46:
45:d1:5f:27:ac:00:a3:00:7a:14:5f:26:9b:cf:dc:80:99:cc:
72:df:73:6e:f3:1a:b6:9c:13:da:60:22:f8:69:71:b5:56:b7:
95:fc:07:56:87:39:8c:67:78:8b:07:67:1c:6d:bf:e2:3e:a4:
3f:dd:7a:69:1d:a9:43:80:63:7c:ef:3b:05:f3:1e:f4:80:b7:
4d:c8:eb:2b:fe:fb:5c:bf:2a:33:39:66:08:d2:76:fb:0f:b2:
bd:52:d3:3b:6f:b2:1c:1f:e0:16:40:47:0f:6d:38:78:9d:d7:
94:cd:33:1a:94:ed:c7:90:ff:9c:09:8c:dd:df:bb:32:3c:ed:
9b:e9:14:6d:78:22:a5:4e:e5:d4:96:c9:52:58:f2:45:ba:17:
23:86:db:ba:a9:26:9e:ca:d0:76:d5:d2:b4:f1:76:77:45:03:
8b:bd:7e:c9:d6:a2:a9:bf:71:c3:6d:7a:02:ee:88:aa:9f:9a:
ac:58:c9:a7:cc:87:4d:e6:2b:cd:2a:b0:46:9d:1a:85:59:0a:
b1:58:79:93:69:1e:30:49:d2:d3:a8:47:42:37:96:25:bc:6d:
00:2a:17:3e:38:3c:d5:e2:2a:8a:4f:e9:2d:7b:19:76:ca:fe:
14:ce:c1:f5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxlPLPLH7jjKW6+kJA+NeA5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjEzMjIxMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTVhYTMxODg3YTM2ZDc0MjRkNWIyZDJjZGE2M2M1NmQ2NjMyNWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs05FsgCLVNXVkBhbR8P0EnGjZDqh
q6Osv25dGWiceckyGZ4CQLvucCkT4kzXE1Mk7/N7lUqeBW7sWL8GIvs+Jk/pWpJF
XIgyjcheVXDiHxOqAtUsuIX8+Y7rvscVbOdngohQoT6R/jvYAkLyvlROC+nHRjBr
DnPaaeus6T5xX8TLdnMx5K8yYTAVK+Wnb8XP41bnuQBlmZ1QcFKAZ0Xo6MoF3Lv3
btul4o6CiTAHtgBRpfZZvgRI7Nu15xjp8IxZEe6X/VDzdZz/7j9UE8Qf5o3MQBsb
Nr3YeWcXrF9v52+0C/Bj+hvtSsqMUgdaE6oZuBamX9jXW4KMESCxxywyuQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGlaoxiHo210JNWy0s2mPFbWYyWkMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYVZxakdJZWpiWFFrMWJMU3phWThWdFpqSmFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACobuqx9srNCRA12Fa1x
TkmFRkXRXyesAKMAehRfJpvP3ICZzHLfc27zGracE9pgIvhpcbVWt5X8B1aHOYxn
eIsHZxxtv+I+pD/demkdqUOAY3zvOwXzHvSAt03I6yv++1y/KjM5ZgjSdvsPsr1S
0ztvshwf4BZARw9tOHid15TNMxqU7ceQ/5wJjN3fuzI87ZvpFG14IqVO5dSWyVJY
8kW6FyOG27qpJp7K0HbV0rTxdndFA4u9fsnWoqm/ccNtegLuiKqfmqxYyafMh03m
K80qsEadGoVZCrFYeZNpHjBJ0tOoR0I3liW8bQAqFz44PNXiKopP6S17GXbK/hTO
wfU=
-----END CERTIFICATE-----
Generated at Mon May 12 04:11:10 2025 by rpki-client