Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/anY7-wmMJF2AATJD_nXsr-qof6E.roa
File: anY7-wmMJF2AATJD_nXsr-qof6E.roa (raw, json)
Hash identifier: Nc4xRR7iJpuq2LzHBKhRAic9lHDWT/gKjdhmp0W7Eio=
Subject key identifier: 6A:76:3B:FB:09:8C:24:5D:80:01:32:43:FE:75:EC:AF:EA:A8:7F:A1
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AE69F150A0EDE9962FBF6B421F8F03BBA
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/anY7-wmMJF2AATJD_nXsr-qof6E.roa
Signing time: Sat 30 Sep 2023 15:04:59 +0000
ROA not before: Sat 30 Sep 2023 15:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:e69e:60c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e6:9f:15:0a:0e:de:99:62:fb:f6:b4:21:f8:f0:3b:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 30 15:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a763bfb098c245d80013243fe75ecafeaa87fa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:cd:0c:46:c3:b2:22:5a:09:09:b1:09:b3:9e:
2d:e6:40:7d:a3:d0:1a:47:29:b6:81:1d:ae:53:83:
c0:21:ea:aa:b5:57:65:52:52:13:89:df:7e:b5:e4:
41:f0:3c:f5:71:c6:13:06:79:32:dd:d1:a7:bc:13:
4b:80:d7:fc:7d:44:0e:12:dc:3c:5f:8f:e5:48:bd:
06:14:39:7a:7c:68:83:89:1b:e5:b4:9a:0a:c5:45:
bb:ce:8a:dd:0b:e7:fd:8e:74:96:af:de:59:07:6c:
7d:72:07:74:a2:3b:f0:65:13:1d:7c:2b:c3:01:57:
05:01:db:aa:4c:2d:f8:9d:1e:df:f8:80:a8:85:95:
ea:d8:9c:08:8f:ba:ca:f5:09:fa:82:31:2d:be:15:
be:62:4a:39:76:63:eb:ba:de:7e:17:a8:ac:f9:e5:
80:36:2e:f8:07:8a:d3:d4:d9:68:39:2b:77:60:22:
e4:37:77:7c:64:1a:d6:f7:ff:1a:02:bf:d3:20:11:
96:25:5d:57:b2:b4:b6:fb:cd:55:bf:ac:c9:58:78:
91:53:49:ee:88:4d:46:68:e8:8b:25:12:69:47:a0:
73:53:2d:bf:fa:db:1f:53:18:f6:a9:0f:89:03:40:
bc:5d:db:57:66:2f:39:1d:8f:ae:2c:13:90:06:b4:
6f:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:76:3B:FB:09:8C:24:5D:80:01:32:43:FE:75:EC:AF:EA:A8:7F:A1
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/anY7-wmMJF2AATJD_nXsr-qof6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a4:84:be:d5:ee:42:b8:07:ff:df:09:f9:90:6e:f5:5b:1f:86:
79:08:5e:53:ca:95:30:7c:bd:e0:a6:63:8d:52:06:49:97:8d:
44:0b:2a:b8:93:2c:4a:4d:bd:60:f0:a9:31:3c:e4:2f:55:c4:
85:2c:3e:b6:56:e6:01:ea:2f:2d:e4:56:b7:7a:cd:67:78:2e:
6b:f7:08:8d:82:78:ab:38:aa:66:18:bb:ef:5d:e8:1a:bd:68:
da:81:b3:ce:df:83:1b:92:11:f5:bc:61:fc:d3:b5:97:ca:4b:
18:f8:2c:73:12:47:71:60:f1:5b:e6:5a:5c:13:d2:23:a3:0c:
41:f2:c5:ea:1e:5f:72:ba:74:aa:d2:7a:29:30:7d:85:f4:1d:
8b:d9:e6:3f:04:67:db:9d:6c:3e:d0:76:a6:25:c3:6b:fb:65:
46:3f:c6:23:2b:1c:b3:78:7e:8a:4f:89:a2:6a:00:93:cb:0d:
dd:54:4a:9f:b6:72:87:fb:7d:88:9f:e5:23:8c:3f:46:26:84:
a6:29:82:01:8f:fb:e9:0d:4d:eb:e6:41:70:ac:db:41:de:10:
3f:db:41:1e:eb:92:fa:1f:0a:70:30:e1:6a:d3:61:7f:36:98:
48:44:8b:53:0f:62:72:f1:45:f2:a3:39:a0:f5:e6:ec:86:ff:
4e:46:1a:cc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrmnxUKDt6ZYvv2tCH48Du6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTMwMTUwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTc2M2JmYjA5OGMyNDVkODAwMTMyNDNmZTc1ZWNhZmVhYTg3ZmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiM0MRsOyIloJCbEJs54t5kB9o9Aa
Rym2gR2uU4PAIeqqtVdlUlITid9+teRB8Dz1ccYTBnky3dGnvBNLgNf8fUQOEtw8
X4/lSL0GFDl6fGiDiRvltJoKxUW7zordC+f9jnSWr95ZB2x9cgd0ojvwZRMdfCvD
AVcFAduqTC34nR7f+ICohZXq2JwIj7rK9Qn6gjEtvhW+Yko5dmPrut5+F6is+eWA
Ni74B4rT1NloOSt3YCLkN3d8ZBrW9/8aAr/TIBGWJV1XsrS2+81Vv6zJWHiRU0nu
iE1GaOiLJRJpR6BzUy2/+tsfUxj2qQ+JA0C8XdtXZi85HY+uLBOQBrRvSwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGp2O/sJjCRdgAEyQ/517K/qqH+hMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYW5ZNy13bU1KRjJBQVRKRF9uWHNyLXFvZjZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKSEvtXuQrgH/98J+ZBu
9VsfhnkIXlPKlTB8veCmY41SBkmXjUQLKriTLEpNvWDwqTE85C9VxIUsPrZW5gHq
Ly3kVrd6zWd4Lmv3CI2CeKs4qmYYu+9d6Bq9aNqBs87fgxuSEfW8YfzTtZfKSxj4
LHMSR3Fg8VvmWlwT0iOjDEHyxeoeX3K6dKrSeikwfYX0HYvZ5j8EZ9udbD7QdqYl
w2v7ZUY/xiMrHLN4fopPiaJqAJPLDd1USp+2cof7fYif5SOMP0YmhKYpggGP++kN
TevmQXCs20HeED/bQR7rkvofCnAw4WrTYX82mEhEi1MPYnLxRfKjOaD15uyG/05G
Gsw=
-----END CERTIFICATE-----
Generated at Mon May 12 13:33:29 2025 by rpki-client