Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/d96jP6olUt80-bDpQdmyViTQwVc.roa
File: d96jP6olUt80-bDpQdmyViTQwVc.roa (raw, json)
Hash identifier: ZpmbizFRT4TOv2r0DUBo078CE7aNEtCYBsnn8gYAzy8=
Subject key identifier: 77:DE:A3:3F:AA:25:52:DF:34:F9:B0:E9:41:D9:B2:56:24:D0:C1:57
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BBFCC457587C034AD826248697B8ACB96
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/d96jP6olUt80-bDpQdmyViTQwVc.roa
Signing time: Sat 11 Nov 2023 19:11:57 +0000
ROA not before: Sat 11 Nov 2023 19:11:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:bf:cc:45:75:87:c0:34:ad:82:62:48:69:7b:8a:cb:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 11 19:11:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77dea33faa2552df34f9b0e941d9b25624d0c157
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:fe:22:bf:1d:0f:98:97:b9:ca:27:2d:db:4f:
6d:d1:1a:06:f6:66:57:00:91:14:b2:5d:e7:38:60:
29:fd:81:aa:2f:13:51:a2:25:e5:9e:13:a9:fd:ba:
db:e1:99:ea:55:b6:ca:f4:33:46:53:03:c6:83:7a:
86:a3:8b:fc:b9:9d:d3:db:cf:2f:53:c6:2b:35:3d:
cf:97:11:4b:e9:e0:15:09:10:76:15:78:12:cf:d8:
47:37:4d:5b:6c:24:7f:09:a7:12:5f:6a:a3:38:2e:
bc:cf:41:ba:ce:50:3e:1d:7d:01:da:7a:c2:94:9a:
11:44:8f:0d:81:8b:86:67:e2:fc:6a:46:c9:54:96:
02:33:50:22:9f:88:7f:b5:5f:ef:df:48:55:94:85:
7f:09:a8:1f:9a:4d:14:eb:b2:43:75:77:4c:86:b4:
b0:71:44:65:25:6c:a9:c5:40:24:65:48:9e:17:f4:
c9:70:b5:13:43:e9:77:49:50:18:22:88:96:52:61:
9a:3b:3e:8d:a4:53:bf:fd:1d:93:86:8a:a5:99:e1:
2a:3b:68:1a:bf:22:d2:f2:bd:b7:17:8f:40:8e:1b:
9e:cb:45:ba:2c:dc:be:76:bc:05:38:e4:17:26:9e:
f6:58:79:e2:02:27:9b:43:7a:7f:d5:58:cb:69:4f:
fd:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:DE:A3:3F:AA:25:52:DF:34:F9:B0:E9:41:D9:B2:56:24:D0:C1:57
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/d96jP6olUt80-bDpQdmyViTQwVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
24:49:fe:55:ff:ad:b8:5d:da:5f:25:20:cb:79:1f:e4:83:69:
76:dc:c5:c4:98:b2:82:d8:60:b8:83:f1:3d:82:ec:28:04:e8:
5a:83:c6:9c:b3:a4:99:06:7c:19:0e:88:d4:4a:68:c3:2b:f7:
b7:8e:12:f0:2a:ba:a9:fa:70:a3:25:21:92:de:28:38:f5:36:
cb:3d:ad:e8:36:58:8f:62:e1:64:84:26:cf:64:e0:98:02:15:
ed:4f:21:23:cb:e1:96:d4:36:51:31:0e:38:32:a6:18:cc:f1:
7c:ef:a1:e3:c0:3e:db:9b:95:bb:9f:8d:13:49:aa:8d:47:19:
89:d2:b3:87:de:9f:e9:d9:54:60:37:7f:c4:4a:10:81:96:9f:
e4:ff:6c:a7:53:60:79:43:7a:3f:2d:28:c4:68:09:27:cb:61:
82:cf:a7:23:6c:8f:7a:05:1b:b0:de:04:53:a0:7d:17:8f:0e:
ef:70:63:68:e0:95:a1:16:15:c5:b5:6d:9d:d7:55:a9:b0:7b:
70:00:40:43:d1:a2:51:c0:6d:a7:90:66:e3:8c:6c:e7:ba:4b:
ef:df:61:f0:4e:f6:17:9b:89:cc:d3:7c:7c:bf:85:0f:af:9c:
cb:0d:e6:88:e2:75:08:7c:3d:c5:f9:61:99:65:83:d6:a3:fe:
ee:78:a2:9e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYu/zEV1h8A0rYJiSGl7isuWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTExMTkxMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2RlYTMzZmFhMjU1MmRmMzRmOWIwZTk0MWQ5YjI1NjI0ZDBjMTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuf4ivx0PmJe5yict209t0RoG9mZX
AJEUsl3nOGAp/YGqLxNRoiXlnhOp/brb4ZnqVbbK9DNGUwPGg3qGo4v8uZ3T288v
U8YrNT3PlxFL6eAVCRB2FXgSz9hHN01bbCR/CacSX2qjOC68z0G6zlA+HX0B2nrC
lJoRRI8NgYuGZ+L8akbJVJYCM1Ain4h/tV/v30hVlIV/Cagfmk0U67JDdXdMhrSw
cURlJWypxUAkZUieF/TJcLUTQ+l3SVAYIoiWUmGaOz6NpFO//R2ThoqlmeEqO2ga
vyLS8r23F49Ajhuey0W6LNy+drwFOOQXJp72WHniAiebQ3p/1VjLaU/9qwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHfeoz+qJVLfNPmw6UHZslYk0MFXMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZDk2alA2b2xVdDgwLWJEcFFkbXlWaVRRd1ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACRJ/lX/rbhd2l8lIMt5
H+SDaXbcxcSYsoLYYLiD8T2C7CgE6FqDxpyzpJkGfBkOiNRKaMMr97eOEvAquqn6
cKMlIZLeKDj1Nss9reg2WI9i4WSEJs9k4JgCFe1PISPL4ZbUNlExDjgyphjM8Xzv
oePAPtublbufjRNJqo1HGYnSs4fen+nZVGA3f8RKEIGWn+T/bKdTYHlDej8tKMRo
CSfLYYLPpyNsj3oFG7DeBFOgfRePDu9wY2jglaEWFcW1bZ3XVamwe3AAQEPRolHA
baeQZuOMbOe6S+/fYfBO9hebiczTfHy/hQ+vnMsN5ojidQh8PcX5YZllg9aj/u54
op4=
-----END CERTIFICATE-----
Generated at Sat May 10 14:48:46 2025 by rpki-client